[bug] Not able to run on FIPS worker node
Summary
I'm finding that this image doesn't boot up on FIPS enabled worker nodes.
I have a node app that uses this base image. The container starts as expected on a standard EKS upstream AMI. When I use a hardened EKS AMI, namely enabling FIPS mode I believe, the container crashes with a single error message Illegal instruction
I'll mention that I've found this is specifically with these Ironbank nodeJS images. My current app uses nodejs16-slim
image, and the app boots fine. If I try to use the nodejs16
(non-slim) image, the application crashes with the same error.
Part of this issue could also be requesting a nodejs20-slim
image to be produced, which would be preferable anyways, and would mitigate my issue.
Steps to reproduce
- Enable fips mode on k8s worker node
- Try to docker run this container (may need to run a nodejs app, can share more details if needed)
What is the current bug behavior?
Container crashes before starting with Illegal instruction
error message.
What is the expected correct behavior?
Node application startup
Relevant logs and/or screenshots
(Paste any relevant logs - please use code blocks (```) to format console output, logs, and code as it's very hard to read otherwise.)
Possible fixes
(If you can, link to the line of code that might be responsible for the problem)
Tasks
-
Bug has been identified and corrected within the container
Please read the Iron Bank Documentation for more info