Setup securityContext inside kubernetes deployment

kubernetes kubernetes-pod kubernetes-security kubernetes-deployment

You can use the securityContext in Deployment in the same way you use it inside Pod.

Like it was already suggested by placing it under template.spec:

apiVersion: apps/v1kind: Deploymentmetadata:  name: test-deployment  labels:    app: testspec:  replicas: 3  selector:    matchLabels:      app: test  template:    metadata:      labels:        app: test    spec:      securityContext:          runAsUser: 2000          runAsGroup: 3000          fsGroup: 2000      containers:      - name: test        image: busybox        ports:        - containerPort: 80        command: [ "sh", "-c", "sleep 1h" ]

And you can test it:

$ kubectl exec -it test-deployment-54d954d7f-2b582  sh/ $ psPID   USER     TIME  COMMAND    1 2000      0:00 sleep 1h    6 2000      0:00 sh   11 2000      0:00 ps/ $ whoamiwhoami: unknown uid 200

CodeHunter

Setup securityContext inside kubernetes deployment

Recent Posts

How can I color dots in a xy scatterplot according to column value?

How to update a claim in ASP.NET Identity?

What does {0} mean when initializing an object?

Accessing members of items in a JSONArray with Java

How to log SQL statements in Spring Boot?

Powershell Get-WebSite name parameter is ignored

How to detect scroll to bottom of html element

Java synchronized method

How to test controllers with CodeIgniter?

Detect Visual Composer

Matplotlib: Specify format of floats for tick labels

Rails join a list of strings with commas and "and" before the last