-
Notifications
You must be signed in to change notification settings - Fork 103
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fail to helm install keda http-add-on when override interceptor.proxy.port=80 #750
Comments
Unprivileged processes may or may not be able to bind to ports lower than 1024, depending on your cluster configuration and setup. Generally, it's enough to add |
@t0rr3sp3dr0 I tried your suggestion but it is falling with the same error - Below the POD describe with the addition of the security capability:
|
I'm not sure why you'd want to use port 80 with non-root UIDs... Containerd and Kubernetes 1.24 changed how that worked. I think Docker could use You might try using the sysctl way: securityContext:
sysctls:
- name: net.ipv4.ip_unprivileged_port_start
value: "80" |
Hello, |
Report
The versions I used are:
I install the keda http-add-on with the following command:
helm upgrade --install http-add-on kedacore/keda-add-ons-http --namespace k8s-plugins --set interceptor.replicas.waitTimeout=60s --set interceptor.proxy.port=80
As a result the keda-http-add-on failed to run - in the keda-add-ons-http-interceptor POD log I see:
{"level":"error","ts":1690903443.3099988,"caller":"interceptor/main.go:162","msg":"error with interceptor","error":"listen tcp 0.0.0.0:80: bind: permission denied","stacktrace":"main.main\n\tgithub.com/kedacore/http-add-on/interceptor/main.go:162\nruntime.main\n\truntime/proc.go:250"}
Expected Behavior
Overriding port to 80 instead of the default 8080 should work
Actual Behavior
keda-http-add-on proxy failed to run with the following error in the POD log:
{"level":"error","ts":1690903443.3099988,"caller":"interceptor/main.go:162","msg":"error with interceptor","error":"listen tcp 0.0.0.0:80: bind: permission denied","stacktrace":"main.main\n\tgithub.com/kedacore/http-add-on/interceptor/main.go:162\nruntime.main\n\truntime/proc.go:250"}
Steps to Reproduce the Problem
1.helm upgrade --install http-add-on kedacore/keda-add-ons-http --namespace --set interceptor.proxy.port=80
Logs from KEDA HTTP operator
HTTP Add-on Version
0.5.0
Kubernetes Version
1.24
Platform
Amazon Web Services
Anything else?
No response
The text was updated successfully, but these errors were encountered: