Neo4j Docker image cannot run on kubernetes as non root user
In Kubernetes (K8S) various levels of security can be set which apply cluster-wide to Pods running containers. One of which is a policy which prevents containers within a Pod to be executed/run as root user (runAsNonRoot).
If this config is set, but the Pod definition for your K8S cluster does override securityContext>runAsUser
value
then upon trying to have neo4j container(s) started you will see an error along the lines of:
Error: container has runAsNonRoot and image will run as root
To resolve this issue, make sure that in your K8S' cluster Pod definition, you have something similar to the following:
apiVersion: v1
kind: Pod
metadata:
name: security-context-demo
spec:
securityContext:
runAsUser: 1000
# ....
runAsUser
is the UID used to run the entrypoint of the container process, in this case Neo4j’s. The value is a high number
chosen to avoid conflicts with the host’s user table.
Was this page helpful?