Please, answer some short questions which should help us to understand your problem / question better?
- Which image of the operator are you using? registry.opensource.zalan.do/acid/postgres-operator:v1.7.0
- Where do you run it - cloud or metal? Bare Metal K8s
- Are you running Postgres Operator in production? yes
- Type of issue? [Feature request]
We are succesfully using the postgres-operator in production for basic postgresql instances, but we are unable to use the connection pooler feature.
We are enforcing security using PSP which prevent users to run pods with privileged rights aka runAsNonRoot: true
pg bouncer is not starting with a CreateContainerConfigError and the describe of the created pod shows us
Error: container has runAsNonRoot and image has non-numeric user (pgbouncer), cannot verify user is non-root
Looking at the manifest generated, it occur that it lacks of securityContext information.
It would be great the it could be defined in the manifest (or defined by default by the operator)
Please, answer some short questions which should help us to understand your problem / question better?
We are succesfully using the postgres-operator in production for basic postgresql instances, but we are unable to use the connection pooler feature.
We are enforcing security using PSP which prevent users to run pods with privileged rights aka runAsNonRoot: true
pg bouncer is not starting with a
CreateContainerConfigErrorand the describe of the created pod shows usError: container has runAsNonRoot and image has non-numeric user (pgbouncer), cannot verify user is non-rootLooking at the manifest generated, it occur that it lacks of securityContext information.
It would be great the it could be defined in the manifest (or defined by default by the operator)