Hello,
Nomad: 1.2.3
When I add to nomad configuration caps SYS_ADMIN to docker, I get error on connect-proxy service.
client.hcl:
options = {
"driver.raw_exec.enable" = "true"
"docker.privileged.enabled" = "true"
"docker.volumes.enabled" = "true"
"docker.cleanup.image.delay" = "1h"
"docker.caps.allowlist" = "SYS_ADMIN"
}
part of job:
task "{{ app_name }}" {
driver = "docker"
config {
image = "{{ image_docker }}"
cap_add = ["SYS_ADMIN"]
devices = [
{
host_path = "/dev/fuse"
container_path = "/dev/fuse"
}
]
security_opt = [
"apparmor:unconfined",
]
}
Errors logs:
chown: changing ownership of '/dev/stdout': Operation not permitted
chown: changing ownership of '/dev/stderr': Operation not permitted
chown: changing ownership of '/dev/stdout': Operation not permitted
chown: changing ownership of '/dev/stderr': Operation not permitted
chown: changing ownership of '/dev/stdout': Operation not permitted
chown: changing ownership of '/dev/stderr': Operation not permitted
And I have no work connect-proxy.
Thanks…