ritazh
commented
4 years ago This solution requires permission to create a new directory for the volume plugin on the host. kubernetes/community#4171 (comment) Closing this PR for now. Please reopen if you have questions.
Describe the bug Current Dockerfile in the flexvol-installer does not create an image that limits the flexvol to run as a certain user, so by default will run as the root user. Best practices from a security perspective is to set the run as USER in the container to a non-root user.
Expected behavior The container runs flexvol runtimes as flexvol user
Key Vault FlexVolume version v0.0.15