Skip to content

Commit 4b845db

Browse files
solssonsolsson
authored
Merge pull request #308 from Yolean/nonroot-kustomization
Kustomization at /nonroot to run Kafka and Zookeeper as 65532:65534
2 parents b3dcadf + d235393 commit 4b845db

File tree

7 files changed

+65
-9
lines changed

7 files changed

+65
-9
lines changed

nonroot/fsgroup-65534.yaml

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,4 @@
1+
- op: add
2+
path: /spec/template/spec/securityContext
3+
value:
4+
fsGroup: 65534

nonroot/kustomization.yaml

Lines changed: 27 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,27 @@
1+
bases:
2+
- ../rbac-namespace-default
3+
- ../kafka
4+
- ../zookeeper
5+
patchesJson6902:
6+
- target:
7+
group: apps
8+
version: v1
9+
kind: StatefulSet
10+
name: kafka
11+
path: fsgroup-65534.yaml
12+
- target:
13+
group: apps
14+
version: v1
15+
kind: StatefulSet
16+
name: pzoo
17+
path: fsgroup-65534.yaml
18+
- target:
19+
group: apps
20+
version: v1
21+
kind: StatefulSet
22+
name: zoo
23+
path: fsgroup-65534.yaml
24+
# https://github.com/kubernetes-sigs/kustomize/issues/915#issuecomment-477808963
25+
patchesStrategicMerge:
26+
- nonroot-image-kafka.yaml
27+
- nonroot-image-zookeeper.yaml

nonroot/nonroot-image-kafka.yaml

Lines changed: 10 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,10 @@
1+
apiVersion: apps/v1
2+
kind: StatefulSet
3+
metadata:
4+
name: kafka
5+
spec:
6+
template:
7+
spec:
8+
containers:
9+
- name: broker
10+
image: solsson/kafka:nonroot-2.4.0@sha256:b7dbda9f1941711239fbc3095ea49ba74715a9b2e2e8ce9185106c2e878c06aa

nonroot/nonroot-image-zookeeper.yaml

Lines changed: 21 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,21 @@
1+
apiVersion: apps/v1
2+
kind: StatefulSet
3+
metadata:
4+
name: pzoo
5+
spec:
6+
template:
7+
spec:
8+
containers:
9+
- name: zookeeper
10+
image: solsson/kafka:nonroot-2.4.0@sha256:b7dbda9f1941711239fbc3095ea49ba74715a9b2e2e8ce9185106c2e878c06aa
11+
---
12+
apiVersion: apps/v1
13+
kind: StatefulSet
14+
metadata:
15+
name: zoo
16+
spec:
17+
template:
18+
spec:
19+
containers:
20+
- name: zookeeper
21+
image: solsson/kafka:nonroot-2.4.0@sha256:b7dbda9f1941711239fbc3095ea49ba74715a9b2e2e8ce9185106c2e878c06aa

variants/scale-1/kustomization.yaml

Lines changed: 1 addition & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,5 @@
11
bases:
2-
- ../../rbac-namespace-default
3-
- ../../kafka
4-
- ../../zookeeper
2+
- ../../nonroot
53
patchesStrategicMerge:
64
- kafka.yaml
75
- zookeeper.yaml

variants/scale-2/kustomization.yaml

Lines changed: 1 addition & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,5 @@
11
bases:
2-
- ../../rbac-namespace-default
3-
- ../../kafka
4-
- ../../zookeeper
2+
- ../../nonroot
53
patchesStrategicMerge:
64
- kafka.yaml
75
- zookeeper.yaml

variants/scale-3-5/kustomization.yaml

Lines changed: 1 addition & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,2 @@
11
bases:
2-
- ../../rbac-namespace-default
3-
- ../../kafka
4-
- ../../zookeeper
2+
- ../../nonroot

0 commit comments

Comments
 (0)