如何获得[1002120000，1002129999]范围内的UID：GID以使其在OpenShift中运行？

这是OpenShift容器平台4.3。

考虑此Dockerfile。

FROM eclipse-mosquitto

# Create folders
USER root

RUN mkdir -p /mosquitto/data /mosquitto/log

# mosquitto configuration
USER mosquitto

# This is crucial to me
COPY --chown=mosquitto:mosquitto ri45.conf /mosquitto/config/mosquitto.conf

EXPOSE 1883

而且，这是我的Deployment YAML。

apiVersion: apps/v1
kind: Deployment
metadata:
  name: mosquitto-broker
spec:
  selector:
    matchLabels:
      app: mosquitto-broker
  template:
    metadata:
      labels:
        app: mosquitto-broker
    spec:
      containers:
        - name: mosquitto-broker
          image: org/repo/eclipse-mosquitto:1.0.1
          imagePullPolicy: Always
          resources:
            limits:
              memory: "128Mi"
              cpu: "500m"
          volumeMounts:
            - name: mosquitto-data
              mountPath: /mosquitto/data
            - name: mosquitto-log
              mountPath: /mosquitto/log
          ports:
            - name: mqtt
              containerPort: 1883
      volumes:
        - name: mosquitto-log
          persistentVolumeClaim:
            claimName: mosquitto-log
        - name: mosquitto-data
          persistentVolumeClaim:
            claimName: mosquitto-data

当我使用上述YAML进行oc create -f时，出现此错误，2020-06-02T07:59:59: Error: Unable to open log file /mosquitto/log/mosquitto.log for writing. 也许这是权限错误；无法分辨。无论如何，通过eclipse/mosquitto Dockerfile，我看到eclipse/mosquitto是UID和GID为Dockerfile的用户。因此，我按照mosquitto的说明添加了1883。

securityContext

[当我使用此修改执行here时，出现此错误-securityContext: fsGroup: 1883 。

此oc create -f设置音量许可对我不起作用，因为我必须是securityContext.securityContext.runAsUser: Invalid value: 1883: must be in the ranges: [1002120000, 1002129999]才能这样做。

所以，如何使Eclipse mosquitto容器成功写入approach of adding an initContainer？

这是OpenShift容器平台4.3。考虑这个Dockerfile。 FROM eclipse-mosquitto＃创建文件夹用户root RUN mkdir -p / mosquitto / data / mosquitto / log＃mosquitto配置...