LFD259 LAB 6.6 : what is the correct yaml to solve properly the issue at point 9?

jeanhugues

I have a question about points 8 and 9.
8. After finding the errors, log into the container and find the proper id of the nginx user.
9. Edit the yaml and re-create the pod such that the pod runs without error.

I found that nginx id is 101 with cat /etc/password
But when I edit the "runAsUser:" id in the yaml, nginx still does not work when I put user id 101.
I put it at the pod level.
I put it also at the container level :
containers:
- name: webguy
image: nginx
securityContext:
allowPrivilegeEscalation: false
runAsUser: 101 # nginx user

The only solution I found to solve the pod's issue is to put the id of the root user (id=0) but I guess I might have missed something.

My current yaml (sorry for formatting lost)
apiVersion: v1
kind: Pod
metadata:
name: securityreview
spec:
securityContext:
runAsUser: 0
containers:
- name: webguy
image: nginx
securityContext:
runAsUser: 0
The result
root@cp:~/# kubectl get po | egrep "NAM|secur"
NAME READY STATUS RESTARTS AGE
securityreview 1/1 Running 0 3m

My question is: what is the proper yaml to solve the pod's issue?