Versions Compared

Old Version 13

changes.mady.by.user Sansae

Saved on

compared with

New Version 14

changes.mady.by.user Sansae

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Info

https://v1-18.docs.kubernetes.io/blog/2016/08/security-best-practices-kubernetes-deployment/

Security Context SettingDescription
SecurityContext->runAsNonRootIndicates that containers should run as non-root user
SecurityContext->CapabilitiesControls the Linux capabilities assigned to the container.
SecurityContext->readOnlyRootFilesystemControls whether a container will be able to write into the root filesystem.
PodSecurityContext->runAsNonRootPrevents running a container with 'root' user as part of the pod
Code Block
apiVersion: v1  
kind: Pod  
metadata:  
  name: hello-world  
spec:  
  containers:  
  # specification of the pod’s containers  
  # ...  
  securityContext:  
    readOnlyRootFilesystem: true  
    runAsNonRoot: true

...