Drop capabilities in Kubernetes DaemonSet example
This commit is contained in:
parent
1a411b658b
commit
be0dbd62c1
2 changed files with 11 additions and 2 deletions
|
@ -121,6 +121,7 @@ spec:
|
|||
args:
|
||||
- --api
|
||||
- --kubernetes
|
||||
- --logLevel=INFO
|
||||
---
|
||||
kind: Service
|
||||
apiVersion: v1
|
||||
|
@ -182,7 +183,11 @@ spec:
|
|||
- name: admin
|
||||
containerPort: 8080
|
||||
securityContext:
|
||||
privileged: true
|
||||
capabilities:
|
||||
drop:
|
||||
- ALL
|
||||
add:
|
||||
- NET_BIND_SERVICE
|
||||
args:
|
||||
- --api
|
||||
- --kubernetes
|
||||
|
|
|
@ -32,7 +32,11 @@ spec:
|
|||
- name: admin
|
||||
containerPort: 8080
|
||||
securityContext:
|
||||
privileged: true
|
||||
capabilities:
|
||||
drop:
|
||||
- ALL
|
||||
add:
|
||||
- NET_BIND_SERVICE
|
||||
args:
|
||||
- --api
|
||||
- --kubernetes
|
||||
|
|
Loading…
Reference in a new issue