From 250064bdcbe778b3cc245df843d14dd19cbb8772 Mon Sep 17 00:00:00 2001
From: Sebastian Wagner <sewagner@redhat.com>
Date: Tue, 20 Jul 2021 16:09:57 +0200
Subject: [PATCH] cephadm: haproxy 2.4 defaults to a different container user.

Another alternative would be to investigage a different setup
leverageing `--sysctl net.ipv4.ip_unprivileged_port_start=0`,
but that would be a larger PR.

Fixes: https://tracker.ceph.com/issues/51355

Signed-off-by: Sebastian Wagner <sewagner@redhat.com>
---
 src/cephadm/cephadm | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/cephadm/cephadm b/src/cephadm/cephadm
index 385d7500e334..a1ba24873241 100755
--- a/src/cephadm/cephadm
+++ b/src/cephadm/cephadm
@@ -2488,6 +2488,7 @@ def get_container(ctx: CephadmContext,
         envs.extend(NFSGanesha.get_container_envs())
     elif daemon_type == HAproxy.daemon_type:
         name = '%s.%s' % (daemon_type, daemon_id)
+        container_args.extend(['--user=root'])  # haproxy 2.4 defaults to a different user
     elif daemon_type == Keepalived.daemon_type:
         name = '%s.%s' % (daemon_type, daemon_id)
         envs.extend(Keepalived.get_container_envs())
-- 
2.47.3