Code Review / oom.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | inline | side by side
[CONSUL] Make consul run as non-root
[oom.git] / kubernetes / consul / charts / consul-server / templates / statefulset.yaml
diff --git a/kubernetes/consul/charts/consul-server/templates/statefulset.yaml b/kubernetes/consul/charts/consul-server/templates/statefulset.yaml
index 02263ee..872ef13 100644 (file)
--- a/kubernetes/consul/charts/consul-server/templates/statefulset.yaml
+++ b/kubernetes/consul/charts/consul-server/templates/statefulset.yaml
@@ -42,6 +42,9 @@ spec:
       containers:
       - name: {{ include "common.name" . }}
         image: "{{ include "common.repository" . }}/{{ .Values.image }}"
+        securityContext:
+          runAsUser: {{ .Values.securityContext.runAsUser }}
+          runAsGroup: {{ .Values.securityContext.runAsGroup }}
         command: ["/usr/local/bin/docker-entrypoint.sh"]
         args:
         - "agent"
@@ -70,3 +73,4 @@ spec:
             port: {{ .Values.service.internalPort }}
           initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
           periodSeconds: {{ .Values.readiness.periodSeconds }}
+        resources: {{ include "common.resources" . | nindent 10 }}
Introduces the ONAP Platform OOM (ONAP Operations Manager) to efficiently Deploy, Manage, Operate the ONAP platform and its components (e.g. MSO, DCAE, SDC, etc.) and infrastructure (VMs, Containers).