Search Options

Results per page
Sort
Preferred Languages
Advance

Results 101 - 110 of 120 for securityContext (0.15 sec)

  1. istioctl/pkg/describe/describe.go

    		// Ref: https://istio.io/latest/docs/ops/deployment/requirements/#pod-requirements
    		if container.Name != "istio-proxy" && container.Name != "istio-operator" {
    			if container.SecurityContext != nil && container.SecurityContext.RunAsUser != nil {
    				if *container.SecurityContext.RunAsUser == UserID {
    					fmt.Fprintf(writer, "WARNING: User ID (UID) 1337 is reserved for the sidecar proxy.\n")
    				}
    			}
    		}
    	}
    
    Registered: Wed Nov 06 22:53:10 UTC 2024
    - Last Modified: Thu Oct 24 17:36:49 UTC 2024
    - 50.6K bytes
    - Viewed (0)
  2. architecture/environments/operator.md

    serviceAnnotations | [service annotations](https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/)
    securityContext | [security context](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod)
    
    These K8s setting are available for each component under the `k8s` field, for example:
    
    Registered: Wed Nov 06 22:53:10 UTC 2024
    - Last Modified: Mon Jul 29 21:11:35 UTC 2024
    - 13.2K bytes
    - Viewed (0)
  3. common/scripts/metallb-native.yaml

                path: /metrics
                port: monitoring
              initialDelaySeconds: 1
              periodSeconds: 1
              successThreshold: 1
              timeoutSeconds: 1
            securityContext:
              allowPrivilegeEscalation: false
              capabilities:
                drop:
                - all
              readOnlyRootFilesystem: true
            volumeMounts:
    Registered: Wed Nov 06 22:53:10 UTC 2024
    - Last Modified: Fri Feb 23 23:56:31 UTC 2024
    - 63.9K bytes
    - Viewed (0)
  4. CHANGELOG/CHANGELOG-1.25.md

    PodSecurity `restricted` level no longer requires pods that set .spec.os.name="windows" to also set Linux-specific securityContext fields. If a 1.25+ cluster has unsupported [out-of-skew](https://kubernetes.io/releases/version-skew-policy/#kubelet) nodes prior to v1.23 and wants to ensure namespaces enforcing the `restricted` policy continue to require Linux-specific securityContext fields on all pods, ensure a version of the `restricted` prior to v1.25 is selected by labeling the namespace (for...
    Registered: Fri Nov 01 09:05:11 UTC 2024
    - Last Modified: Mon May 06 09:23:20 UTC 2024
    - 419.1K bytes
    - Viewed (0)
  5. CHANGELOG/CHANGELOG-1.29.md

    - Added `UserNamespacesPodSecurityStandards` feature gate to enable user namespace support for Pod Security Standards.
      Enabling this feature will modify all Pod Security Standard rules to allow setting: `spec[.*].securityContext.[runAsNonRoot,runAsUser]`.
      This feature gate should only be enabled if all nodes in the cluster support the user namespace feature and have it enabled.
    Registered: Fri Nov 01 09:05:11 UTC 2024
    - Last Modified: Wed Oct 23 04:37:31 UTC 2024
    - 375.1K bytes
    - Viewed (1)
  6. CHANGELOG/CHANGELOG-1.31.md

    - Fixed the documentation for the default value of the `procMount` entry in `securityContext` within a Pod.
    Registered: Fri Nov 01 09:05:11 UTC 2024
    - Last Modified: Wed Oct 23 12:18:32 UTC 2024
    - 315.4K bytes
    - Viewed (0)
  7. CHANGELOG/CHANGELOG-1.10.md

    * Set fsGroup by securityContext.fsGroup in azure file. However,f user both sets gid=xxx in mountOptions in azure storage class and securityContext.fsGroup, gid=xxx setting in mountOptions takes precedence. ([#58316](https://github.com/kubernetes/kubernetes/pull/58316), [@andyzhangx](https://github.com/andyzhangx))
    
    Registered: Fri Nov 01 09:05:11 UTC 2024
    - Last Modified: Thu May 05 13:44:43 UTC 2022
    - 341.8K bytes
    - Viewed (0)
  8. CHANGELOG/CHANGELOG-1.22.md

    - Added new kubelet alpha feature `SeccompDefault`. This feature enables falling back to
      the `RuntimeDefault` (former `runtime/default`) seccomp profile if nothing else is specified
      in the pod/container `SecurityContext` or the pod annotation level. To use the feature, enable
      the feature gate as well as set the kubelet configuration option `SeccompDefault`
    Registered: Fri Nov 01 09:05:11 UTC 2024
    - Last Modified: Tue Dec 13 12:43:45 UTC 2022
    - 454.1K bytes
    - Viewed (0)
  9. CHANGELOG/CHANGELOG-1.14.md

    * The `spec.SecurityContext.Sysctls` field is now dropped during creation of `Pod` objects unless the `Sysctls` feature gate is enabled. ([#72752](https://github.com/kubernetes/kubernetes/pull/72752), [@rajathagasthya](https://github.com/rajathagasthya))
    Registered: Fri Nov 01 09:05:11 UTC 2024
    - Last Modified: Mon Jun 14 22:06:39 UTC 2021
    - 271.5K bytes
    - Viewed (0)
  10. CHANGELOG/CHANGELOG-1.30.md

    - AppArmor profiles can now be configured through fields on the `PodSecurityContext` and container `SecurityContext`. The beta AppArmor annotations are deprecated, and AppArmor status is no longer included in the node ready condition. ([#123435](https://github.com/kubernetes/kubernetes/pull/123435), [@tallclair](https://github.com/tallclair))
    Registered: Fri Nov 01 09:05:11 UTC 2024
    - Last Modified: Wed Oct 23 04:40:14 UTC 2024
    - 309.1K bytes
    - Viewed (0)
Back to top