Difference between revisions of "Spec.securityContext"

From wikieduonline
Jump to navigation Jump to search
 
(One intermediate revision by the same user not shown)
Line 5: Line 5:
 
     [[runAsUser]]: 1000
 
     [[runAsUser]]: 1000
 
     [[runAsGroup]]: 3000
 
     [[runAsGroup]]: 3000
     fsGroup: 2000
+
     [[fsGroup]]: 2000
  
 
  [[spec:]]
 
  [[spec:]]
Line 23: Line 23:
 
* [[Kubernetes changelog]]:  [[AppArmor]] profiles can now be configured through fields on the <code>[[PodSecurityContext]]</code> and container <code>[[SecurityContext]]</code>
 
* [[Kubernetes changelog]]:  [[AppArmor]] profiles can now be configured through fields on the <code>[[PodSecurityContext]]</code> and container <code>[[SecurityContext]]</code>
 
* [[Configure a Security Context for a Pod or Container]]: <code>[[kind: Pod]]</code>
 
* [[Configure a Security Context for a Pod or Container]]: <code>[[kind: Pod]]</code>
* <code>[[USER:]]</code>
+
* <code>[[USER]]</code>
  
 
== See also ==
 
== See also ==

Latest revision as of 18:59, 27 October 2024

spec:
  securityContext:
    runAsUser: 1000
    runAsGroup: 3000
    fsGroup: 2000

spec:
 securityContext:
   runAsNonRoot: true


Examples[edit]

 apiVersion: v1
kind: Pod
metadata:
  name: security-context-demo
spec:
  securityContext:
    runAsUser: 1000
    runAsGroup: 3000
    fsGroup: 2000
  volumes:
  - name: sec-ctx-vol
    emptyDir: {}
  containers:
  - name: sec-ctx-demo
    image: busybox:1.28
    command: [ "sh", "-c", "sleep 1h" ]
    volumeMounts:
    - name: sec-ctx-vol
      mountPath: /data/demo
    securityContext:
      allowPrivilegeEscalation: false


Errors[edit]

Related[edit]

See also[edit]

Retrieved from "https://www.wikieduonline.com/index.php?title=Spec.securityContext&oldid=352889"

Advertising: