olelink
commented
2 years ago This appears to especially be true for the all-in-one portions where "capabilities are not defined"
Open olelink opened 2 years ago
olelink
commented
2 years ago This appears to especially be true for the all-in-one portions where "capabilities are not defined"
Requirement - what kind of business use case are you trying to solve?
Deploying jaeger using the official helm charts, with the option to drop all Linux capabilities for each container
Problem - what in Jaeger blocks you from solving the requirement?
Currently, it appears this option is only available for the jaeger operator. This prevents the disabling of capabilities for security requirements
Proposal - what do you suggest to solve the problem or improve the existing situation?
If there is not a reason preventing, it may be best to have drop all capabilities as the default as well