Closed DanielJuravski closed 1 year ago
Issue #, if available: #8
Description of changes: Allow the container to be run as non root user
Kubernetes 1.25 has produced different security restrictions (https://docs.aws.amazon.com/eks/latest/userguide/kubernetes-versions.html#kubernetes-1.25) As a result, eksctl tool needed to align the used plugins (Nvidia, Neuron, AWS node, etc.) with those security changes (https://github.com/weaveworks/eksctl/pull/6065). Seems that they missed patching efa-k8s-device-plugin. I created a PR for patching it https://github.com/weaveworks/eksctl/pull/6435 Meanwhile, for applying the efa-k8s-device-plugin, use a custom yaml (add runAsUser: 1000 field to the container execution),
eksctl
runAsUser: 1000
By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.
This helm chart resolved the issue https://github.com/aws-samples/efa-device-plugin-helm
Issue #, if available: #8
Description of changes: Allow the container to be run as non root user
Kubernetes 1.25 has produced different security restrictions (https://docs.aws.amazon.com/eks/latest/userguide/kubernetes-versions.html#kubernetes-1.25) As a result,
eksctl
tool needed to align the used plugins (Nvidia, Neuron, AWS node, etc.) with those security changes (https://github.com/weaveworks/eksctl/pull/6065). Seems that they missed patching efa-k8s-device-plugin. I created a PR for patching it https://github.com/weaveworks/eksctl/pull/6435 Meanwhile, for applying the efa-k8s-device-plugin, use a custom yaml (addrunAsUser: 1000
field to the container execution),By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.