- Sort Score
- Result 10 results
- Languages All
Results 101 - 110 of 120 for securityContext (0.15 sec)
-
istioctl/pkg/describe/describe.go
// Ref: https://istio.io/latest/docs/ops/deployment/requirements/#pod-requirements if container.Name != "istio-proxy" && container.Name != "istio-operator" { if container.SecurityContext != nil && container.SecurityContext.RunAsUser != nil { if *container.SecurityContext.RunAsUser == UserID { fmt.Fprintf(writer, "WARNING: User ID (UID) 1337 is reserved for the sidecar proxy.\n") } } } }
Registered: Wed Nov 06 22:53:10 UTC 2024 - Last Modified: Thu Oct 24 17:36:49 UTC 2024 - 50.6K bytes - Viewed (0) -
architecture/environments/operator.md
serviceAnnotations | [service annotations](https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/) securityContext | [security context](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod) These K8s setting are available for each component under the `k8s` field, for example:
Registered: Wed Nov 06 22:53:10 UTC 2024 - Last Modified: Mon Jul 29 21:11:35 UTC 2024 - 13.2K bytes - Viewed (0) -
common/scripts/metallb-native.yaml
path: /metrics port: monitoring initialDelaySeconds: 1 periodSeconds: 1 successThreshold: 1 timeoutSeconds: 1 securityContext: allowPrivilegeEscalation: false capabilities: drop: - all readOnlyRootFilesystem: true volumeMounts:
Registered: Wed Nov 06 22:53:10 UTC 2024 - Last Modified: Fri Feb 23 23:56:31 UTC 2024 - 63.9K bytes - Viewed (0) -
CHANGELOG/CHANGELOG-1.25.md
PodSecurity `restricted` level no longer requires pods that set .spec.os.name="windows" to also set Linux-specific securityContext fields. If a 1.25+ cluster has unsupported [out-of-skew](https://kubernetes.io/releases/version-skew-policy/#kubelet) nodes prior to v1.23 and wants to ensure namespaces enforcing the `restricted` policy continue to require Linux-specific securityContext fields on all pods, ensure a version of the `restricted` prior to v1.25 is selected by labeling the namespace (for...
Registered: Fri Nov 01 09:05:11 UTC 2024 - Last Modified: Mon May 06 09:23:20 UTC 2024 - 419.1K bytes - Viewed (0) -
CHANGELOG/CHANGELOG-1.29.md
- Added `UserNamespacesPodSecurityStandards` feature gate to enable user namespace support for Pod Security Standards. Enabling this feature will modify all Pod Security Standard rules to allow setting: `spec[.*].securityContext.[runAsNonRoot,runAsUser]`. This feature gate should only be enabled if all nodes in the cluster support the user namespace feature and have it enabled.
Registered: Fri Nov 01 09:05:11 UTC 2024 - Last Modified: Wed Oct 23 04:37:31 UTC 2024 - 375.1K bytes - Viewed (1) -
CHANGELOG/CHANGELOG-1.31.md
- Fixed the documentation for the default value of the `procMount` entry in `securityContext` within a Pod.
Registered: Fri Nov 01 09:05:11 UTC 2024 - Last Modified: Wed Oct 23 12:18:32 UTC 2024 - 315.4K bytes - Viewed (0) -
CHANGELOG/CHANGELOG-1.10.md
* Set fsGroup by securityContext.fsGroup in azure file. However,f user both sets gid=xxx in mountOptions in azure storage class and securityContext.fsGroup, gid=xxx setting in mountOptions takes precedence. ([#58316](https://github.com/kubernetes/kubernetes/pull/58316), [@andyzhangx](https://github.com/andyzhangx))
Registered: Fri Nov 01 09:05:11 UTC 2024 - Last Modified: Thu May 05 13:44:43 UTC 2022 - 341.8K bytes - Viewed (0) -
CHANGELOG/CHANGELOG-1.22.md
- Added new kubelet alpha feature `SeccompDefault`. This feature enables falling back to the `RuntimeDefault` (former `runtime/default`) seccomp profile if nothing else is specified in the pod/container `SecurityContext` or the pod annotation level. To use the feature, enable the feature gate as well as set the kubelet configuration option `SeccompDefault`
Registered: Fri Nov 01 09:05:11 UTC 2024 - Last Modified: Tue Dec 13 12:43:45 UTC 2022 - 454.1K bytes - Viewed (0) -
CHANGELOG/CHANGELOG-1.14.md
* The `spec.SecurityContext.Sysctls` field is now dropped during creation of `Pod` objects unless the `Sysctls` feature gate is enabled. ([#72752](https://github.com/kubernetes/kubernetes/pull/72752), [@rajathagasthya](https://github.com/rajathagasthya))
Registered: Fri Nov 01 09:05:11 UTC 2024 - Last Modified: Mon Jun 14 22:06:39 UTC 2021 - 271.5K bytes - Viewed (0) -
CHANGELOG/CHANGELOG-1.30.md
- AppArmor profiles can now be configured through fields on the `PodSecurityContext` and container `SecurityContext`. The beta AppArmor annotations are deprecated, and AppArmor status is no longer included in the node ready condition. ([#123435](https://github.com/kubernetes/kubernetes/pull/123435), [@tallclair](https://github.com/tallclair))
Registered: Fri Nov 01 09:05:11 UTC 2024 - Last Modified: Wed Oct 23 04:40:14 UTC 2024 - 309.1K bytes - Viewed (0)