Running container on Docker based platform as non-root user

You can built and deploy the TIBCO BusinessWorks™ Container Edition application on Docker based platform as a non-root user.

Note: The BWCE applications use non-root user for running BWCE containers. The non-root users are now the default users.

Prerequisites

Ensure that you have set up Docker based platform to build and deploy an application.

Procedure

  1. Relax the security at OpenShift level by granting all the authenticated users access to the anyuid SCC (Security Context Constraints ). 
    oc adm policy add-scc-to-group anyuid system:authenticated
  2. Create a user in the Dockerfile with a known user ids (UID) and group ids (GID), and run the container by using the same user. When adding UID or GID to Dockerfile, ensure that the UID or GID is not reserved and used in the base image.
    Note: While granting anyuid SCC, ensure that the USER is defined in the Dockerfile. Otherwise, Openshift allows images to run as root user.