By default, Polyaxon operations run without a security context, and pods run as root.
Sometimes you might even need to run pods with privileged security, for examples the
If you need to configure a security context for your jobs and services, you can use the environment.SecurityContext section:
runPatch: environment: securityContext: runAsUser: 2222 runAsGroup: 2222 runAsNonRoot: true
By saving this preset as
security-context, users can now use this section in their jobs or services automatically:
polyaxon run ... --presets=security-context
You can also use the preset directly on the component or operation definition:
kind: operation presets: [security-context] ...
Managers and Admins of Polyaxon organizations and projects can set the security context directly as the default preset.
Setting the organization’s default preset:
Setting a project’s default preset: