The Velero vgdp-micro-service feature no longer requires privileged mode nor root user, if the user doesn't need PodVolumeBackup/PodVolumeRestore. Unfortunately, OADP users are not able to make this configuration change because the customizeNodeAgentDaemonset function in nodeagent.go hardcodes the node-agent daemonset to use root and privileged.
The Fusion Backup & Restore team would like to make this a configurable option.