How to logon as non-root user in Kubernetes pod/container

You can use su - <USERNAME> to login as a non-root user.

Run cat /etc/passwd to get a list of all available users then identify a user with a valid shell compiler e.g

/bin/bash or /bin/sh

Users with /bin/nologin and /bin/false as the set compiler are used by system processes and as such you can't log in as them.

I think its because the container user is root, that is why when you kubectl exec into it, the default user is root. If you run your container or pod with non root then kubectl exec will not be root.

In most cases, there is only one process that runs in a Docker container inside a Kubernetes Pod. There are no other processes that can provide authentication or authorization features. You can try to run a wrapper with several nested processes in one container, but this way you spoil the containerization idea to run an immutable application code with minimum overhead.

kubectl exec runs another process in the same container environment with the main process, and there is no option to set the user ID for this process.

However, you can do it by using docker exec with the additional option:

--user , -u    Username or UID (format: <name|uid>[:<group|gid>])

In any case, these two articles might be helpful for you to run IBM MQ in Kubernetes cluster

• Availability and scalability of IBM MQ in containers

• Administering Kubernetes