6. Kubernetes: SecurityContexts

preview_player
Показать описание
## sudo useradd -u 5000 user-5000

## sudo groupadd -g 6000 group-6000

***** Example:01 *****
apiVersion: v1
kind: Pod
metadata:
name: security-context-demo
spec:
securityContext:
runAsUser: 5000
fsGroup: 6000
volumes:
- name: sec-ctx-vol
emptyDir: {}
containers:
- name: sec-ctx-demo
image: busybox
command: [ "sh", "-c", "sleep 1h" ]
volumeMounts:
- name: sec-ctx-vol
mountPath: /data/demo

## kubectl get pods

## kubectl exec -it security-context-demo -- sh

## ps
## cd data/demo
## ls -l

***** Example:02 *****

apiVersion: v1
kind: Pod
metadata:
name: my-alpine-pod
spec:
containers:
- name: my-alpine-container
image: alpine
command: ["/bin/sleep", "999999"]

## kubectl exec -it my-alpine-pod -- sh
## date +%T -s "11:14:00"

## ls -la
## chown 5000:6000 bin

***** Example:03 *****
apiVersion: v1
kind: Pod
metadata:
name: my-alpine-cap-pod
spec:
containers:
- name: my-alpine-cap-container
image: alpine
command: ["/bin/sleep", "999999"]
securityContext:
capabilities:
add:
- SYS_TIME
drop:
- CHOWN

## kubectl exec -it my-alpine-cap-pod -- sh
## date +%T -s "11:14:00"

## ls -la
## chown 5000:6000 bin
  1. iMustLearn
Рекомендации по теме
6. Kubernetes: SecurityContexts 0:06:09

6. Kubernetes: SecurityContexts

Kubernetes Security - 0:14:47

Kubernetes Security - Security Contexts | How to use them to make your Containers and Pods secure

11 SecurityContext in 0:16:45

11 SecurityContext in Kubernetes

Kubernetes Security Best 0:29:41

Kubernetes Security Best Practices you need to know | THE Guide for securing your K8s cluster!

How to Add 0:15:11

How to Add Kubernetes Security Contexts into Pod/Container?

Kubernetes Security - 0:23:01

Kubernetes Security - Security Context for a Pod or Container - 13

Kubernetes Security Context 0:09:56

Kubernetes Security Context | Kubernetes For Beginners

Checking Pod Security 0:06:45

Checking Pod Security on Kubernetes with the Open Source PSA Checker

Kubernetes Security - 0:17:09

Kubernetes Security - Pod Security Standards | How to use them to enforce security contexts

Kubernetes Configuration (CKAD): 0:17:38

Kubernetes Configuration (CKAD): ConfigMaps, Secrets, SecurityContext, Resource Req, ServiceAccounts

Kubernetes Security, Part 1:38:01

Kubernetes Security, Part 2: Managing POD Run Time Security

Setting Up Pod 0:27:20

Setting Up Pod Security Policies in Kubernetes

Securing Kubernetes: Best 0:30:00

Securing Kubernetes: Best practices and effective strategies

kubernetes-context-change 0:00:29

kubernetes-context-change

Security Context in 0:21:14

Security Context in Kubernetes: A Step-by-Step Demo | Kubernetes Tutorials in Hindi

Kubernetes Pod Spec: 0:20:40

Kubernetes Pod Spec: Better Defaults & Security

The Ultimate Guide 0:06:39

The Ultimate Guide to Securing Kubernetes with AppArmor

Kubernetes Security - 0:24:06

Kubernetes Security - Restrict access to Kubernetes API - 6

Kubernetes CKAD Tips 0:10:48

Kubernetes CKAD Tips 6 - Kubectl Config

Securing k8s Pods 0:06:51

Securing k8s Pods In Production

Kubernetes for Developers 0:02:31

Kubernetes for Developers Certification and Training (LFD259)

Detecting misconfigurations in 0:06:56

Detecting misconfigurations in Kubernetes YAML in CI/CD

Kubernetes Exposed! Seven 0:28:32

Kubernetes Exposed! Seven of Nine Hidden Secrets That Will Give You... Ian Coldwater & Brad Gees...

Kubernetes Tutorial For 0:17:50

Kubernetes Tutorial For Beginners | Kubernetes Secrets