- Sort Score
- Result 10 results
- Languages All
Results 11 - 20 of 187 for SeccompProfile (0.39 sec)
-
hack/testdata/pod-restricted-localhost.yaml
apiVersion: v1 kind: Pod metadata: labels: run: target name: target spec: securityContext: seccompProfile: type: Localhost localhostProfile: dummy.json containers: - image: busybox name: target command: ["/bin/sh", "-c", "sleep 100"] securityContext: runAsUser: 1000 runAsGroup: 1000 runAsNonRoot: true allowPrivilegeEscalation: false
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Wed May 24 11:16:49 UTC 2023 - 467 bytes - Viewed (0) -
staging/src/k8s.io/api/core/v1/annotation_key_constants.go
// to all containers of a pod. // Deprecated: set a pod security context `seccompProfile` field. SeccompPodAnnotationKey string = "seccomp.security.alpha.kubernetes.io/pod" // SeccompContainerAnnotationKeyPrefix represents the key of a seccomp profile applied // to one container of a pod. // Deprecated: set a container security context `seccompProfile` field.
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Wed Mar 06 18:46:31 UTC 2024 - 8.6K bytes - Viewed (0) -
pkg/apis/core/annotation_key_constants.go
// to all containers of a pod. // Deprecated: set a pod security context `seccompProfile` field. SeccompPodAnnotationKey string = "seccomp.security.alpha.kubernetes.io/pod" // SeccompContainerAnnotationKeyPrefix represents the key of a seccomp profile applied // to one container of a pod. // Deprecated: set a container security context `seccompProfile` field.
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Wed Mar 06 18:46:31 UTC 2024 - 8.7K bytes - Viewed (0) -
manifests/charts/istio-cni/templates/daemonset.yaml
# There does not appear to be a more granular capability for this. - SYS_ADMIN {{- if .Values.cni.seccompProfile }} seccompProfile: {{ toYaml .Values.cni.seccompProfile | trim | indent 14 }} {{- end }} command: ["install-cni"] args: {{- if .Values.global.logging.level }}
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Fri May 17 21:52:29 UTC 2024 - 7.9K bytes - Viewed (0) -
manifests/charts/istio-control/istio-discovery/templates/deployment.yaml
readOnlyRootFilesystem: true runAsNonRoot: true capabilities: drop: - ALL {{- if .Values.pilot.seccompProfile }} seccompProfile: {{ toYaml .Values.pilot.seccompProfile | trim | indent 14 }} {{- end }} volumeMounts: - name: istio-token mountPath: /var/run/secrets/tokens readOnly: true
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu May 30 20:24:06 UTC 2024 - 9K bytes - Viewed (0) -
cluster/gce/manifests/kube-scheduler.manifest
"kind": "Pod", "metadata": { "name":"kube-scheduler", "namespace": "kube-system", "labels": { "tier": "control-plane", "component": "kube-scheduler" } }, "spec":{ "securityContext": { "seccompProfile": { "type": "RuntimeDefault" }, "runAsUser": {{runAsUser}}, "runAsGroup": {{runAsGroup}} }, "priorityClassName": "system-node-critical", "priority": 2000001000, "hostNetwork": true,
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Mon Jun 14 20:50:53 UTC 2021 - 1.8K bytes - Viewed (0) -
cluster/addons/cluster-loadbalancing/glbc/default-svc-controller.yaml
spec: selector: matchLabels: k8s-app: glbc template: metadata: labels: k8s-app: glbc name: glbc spec: securityContext: seccompProfile: type: RuntimeDefault containers: - name: default-http-backend # Any image is permissible as long as: # 1. It serves a 404 page at /
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Tue May 31 14:16:53 UTC 2022 - 1.1K bytes - Viewed (0) -
cluster/gce/manifests/kube-addon-manager.yaml
apiVersion: v1 kind: Pod metadata: name: kube-addon-manager namespace: kube-system labels: component: kube-addon-manager spec: securityContext: seccompProfile: type: RuntimeDefault runAsUser: {{runAsUser}} runAsGroup: {{runAsGroup}} priorityClassName: system-node-critical priority: 2000001000 hostNetwork: true containers: - name: kube-addon-manager securityContext:
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Wed Jun 21 03:09:15 UTC 2023 - 1.6K bytes - Viewed (0) -
manifests/charts/istio-operator/values.yaml
resources: limits: cpu: 200m memory: 256Mi requests: cpu: 50m memory: 128Mi # Set to `type: RuntimeDefault` to use the default profile if available. seccompProfile: {} # Node labels for pod assignment nodeSelector: {} # Tolerations for pod assignment tolerations: [] # Affinity for pod assignment affinity: {}
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed Jan 10 05:10:03 UTC 2024 - 1.4K bytes - Viewed (0) -
cluster/gce/manifests/konnectivity-server.yaml
kind: Pod metadata: name: konnectivity-server namespace: kube-system component: konnectivity-server spec: securityContext: {{ run_as_user }} {{ run_as_group }} {{ supplemental_groups }} seccompProfile: type: RuntimeDefault priorityClassName: system-node-critical priority: 2000001000 hostNetwork: true containers: - name: konnectivity-server-container {{ container_security_context }}:
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Thu May 23 10:31:11 UTC 2024 - 1.8K bytes - Viewed (0)