Service Configuration for Containers

[hektor1966]

Is your feature request related to a problem? Please describe.

For security reasons we would like to configure the containers so that they do not run under root context. This is not possible for the studio-client and overview at the moment. The containers run with port 80, the port must be able to be changed, so that the processes can run in the user context. This is of course possible when building the image, but the service for the container is currently not configurable. There we must be able to adjust the port, e.g. 8080. The ingress must then also be configurable accordingly.

Describe the solution you'd like Possibility of configurability of service and ingress of the Coremedia composites. A description of how to implement this and/or possible adaptation of the operator

[stefanbethke]

The challenge here is the use of the default nginx image, which does not allow a simple way to run nginx as a non-root user on a port different from 8080. Either users of the operator need to supply their own customized nginx image, or a suitable image must be identified.

[stefanbethke]

What would be necessary:

• For overview, create a configMap containing either the correct nginx.conf, or a suitable nginx.conf.template, plus appropriate environment variables to set the correct uid/gid and port number
• For both overview and studio-client, a way to configure the uid, gid, and port number to use.