Pod stuck in CrashLoopBackOff when trying to bind a port lower than 1024 even with CAP_NET_BIND_SERVICE

Solution Verified - Updated -

Issue

  • By default unprivileged pods can't bind any port lower than 1024, causing them to enter in CrashLoopBackOff.
  • Adding capability NET_BIND_SERVICE to the container doesn't have any effect, and application still fails to bind any port lower than 1024.
  • How to bind any port on unprivileged pods?

Environment

Red Hat OpenShift Container Platform 4.8+

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content