aboutsummaryrefslogtreecommitdiffstats
path: root/kubernetes/common/mariadb-galera/values.yaml
diff options
context:
space:
mode:
Diffstat (limited to 'kubernetes/common/mariadb-galera/values.yaml')
-rw-r--r--kubernetes/common/mariadb-galera/values.yaml18
1 files changed, 17 insertions, 1 deletions
diff --git a/kubernetes/common/mariadb-galera/values.yaml b/kubernetes/common/mariadb-galera/values.yaml
index 47264f971c..faab7af1b3 100644
--- a/kubernetes/common/mariadb-galera/values.yaml
+++ b/kubernetes/common/mariadb-galera/values.yaml
@@ -217,10 +217,13 @@ serviceAccount:
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
##
securityContext:
- enabled: true
user_id: 10001
group_id: 10001
+# Old Bitnami Chart does not work without Filesystem access
+containerSecurityContext:
+ readOnlyFileSystem: false
+
## Database credentials for root (admin) user
##
rootUser:
@@ -659,6 +662,19 @@ metrics:
## - --collect.binlog_size
##
extraFlags: []
+ securityContext:
+ readOnlyRootFilesystem: true
+ privileged: false
+ allowPrivilegeEscalation: false
+ capabilities:
+ drop:
+ - ALL
+ - CAP_NET_RAW
+ runAsGroup: 10001
+ runAsNonRoot: true
+ runAsUser: 10001
+ seccompProfile:
+ type: RuntimeDefault
## MySQL Prometheus exporter containers' resource requests and limits
## ref: http://kubernetes.io/docs/user-guide/compute-resources/
##