The docker images pulled from authorizon repository (version: 0.1.18) were not getting initialised properly when container's securityContext was set to run as nonRoot user -
This is required when the pod security policy in kubernetes enforces containers to run with non root user.
Following was the error shown in the pod logs, common to both opal-client and opal-server:
Traceback (most recent call last):
File "/usr/local/bin/gunicorn", line 33, in <module>
sys.exit(load_entry_point('gunicorn==20.1.0', 'console_scripts', 'gunicorn')())
File "/usr/local/bin/gunicorn", line 22, in importlib_load_entry_point
for entry_point in distribution(dist_name).entry_points
File "/usr/local/lib/python3.8/importlib/metadata.py", line 503, in distribution
return Distribution.from_name(distribution_name)
File "/usr/local/lib/python3.8/importlib/metadata.py", line 177, in from_name
raise PackageNotFoundError(name)
importlib.metadata.PackageNotFoundError: gunicorn
Switching the docker repository from authorizon to permitio, and changing the version to 0.3.1 did the trick.
The docker images pulled from authorizon repository (version: 0.1.18) were not getting initialised properly when container's securityContext was set to run as nonRoot user -
This is required when the pod security policy in kubernetes enforces containers to run with non root user.
Following was the error shown in the pod logs, common to both opal-client and opal-server:
Switching the docker repository from
authorizontopermitio, and changing the version to0.3.1did the trick.