Closed nate-duke closed 5 years ago
I've done a bit more digging and using the as-official-as-possible drupal image this might just be a no-go. The parent php image maintainers seem ... resistant to altering the behavior of the httpd process binding to 0.0.0.0:80. We're considering just subbing in a parent php image from centos that ships binding on higher ports and then laying drupal on top of that.
I'll close this since given the heritage of the images we probably couldn't get what's needed just through the operator.
Note that for this reason (and many others) I've considered switching the base image entirely: https://github.com/geerlingguy/drupal-operator/issues/9
The Docker community Drupal image is actually pretty poor as an example of how to run Drupal in a production-grade containerized environment (IMO).
When using a Kubernetes distribution with non-root pods (OCP/OKD) using static low ports (e.g. containerPort: 80 will result in permission denied.
An alternative would be to make that a parameter and maybe even default to something out of the reserved range since most Kubernetes deployments are going to be using an ingress or something similar to route traffic into the drupal service.
I've mocked this up in the operator but haven't had time to walk the dog on building/pushing it anywhere to test.