April 2018
Intermediate to advanced
468 pages
14h 34m
English
A security context is a set of operating-system-level security settings, such as UID, gid, capabilities, and SELinux roles. These settings are applied at the container level as container security content. You can specify pod security context that will apply to all the containers in the pod. The pod security context can also apply its security settings (in particular, fsGroup and seLinuxOptions) to volumes.
Here is a sample pod security context:
apiVersion: v1
kind: Pod
metadata:
name: hello-world
spec:
containers:
...
securityContext:
fsGroup: 1234
supplementalGroups: [5678]
seLinuxOptions:
level: "s0:c123,c456"
The container security context is applied to each container, and it overrides the pod security context. ...
Read now
Unlock full access