Difference between revisions of "Configure a Security Context for a Pod or Container"
Jump to navigation
Jump to search
| Line 1: | Line 1: | ||
* https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ | * https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ | ||
| − | + | ||
| − | apiVersion: v1 | + | apiVersion: v1 |
| − | kind: Pod | + | [[kind: Pod]] |
| − | metadata: | + | metadata: |
| − | + | name: security-context-demo | |
| − | spec: | + | spec: |
| − | + | securityContext: | |
| − | + | runAsUser: 1000 | |
| − | + | runAsGroup: 3000 | |
| − | + | fsGroup: 2000 | |
| − | + | volumes: | |
| − | + | - name: sec-ctx-vol | |
| − | + | emptyDir: {} | |
| − | + | containers: | |
| − | + | - name: sec-ctx-demo | |
| − | + | image: busybox:1.28 | |
| − | + | command: [ "sh", "-c", "sleep 1h" ] | |
| − | + | volumeMounts: | |
| − | + | - name: sec-ctx-vol | |
| − | + | mountPath: /data/demo | |
| − | + | securityContext: | |
| − | + | allowPrivilegeEscalation: false | |
| − | |||
Revision as of 09:12, 21 May 2024
apiVersion: v1 kind: Pod metadata: name: security-context-demo spec: securityContext: runAsUser: 1000 runAsGroup: 3000 fsGroup: 2000 volumes: - name: sec-ctx-vol emptyDir: {} containers: - name: sec-ctx-demo image: busybox:1.28 command: [ "sh", "-c", "sleep 1h" ] volumeMounts: - name: sec-ctx-vol mountPath: /data/demo securityContext: allowPrivilegeEscalation: false
See also
Advertising:
