Skip to content
Snippets Groups Projects
Unverified Commit c38fb866 authored by Kenichi Omichi's avatar Kenichi Omichi Committed by GitHub
Browse files

Update securityContext of netchecker (#9398)

To run netchecker with necessary privilege,
this updates the securityContext.
parent 5ad1d9db
No related branches found
No related tags found
No related merge requests found
......@@ -32,8 +32,14 @@ spec:
cpu: {{ netchecker_server_cpu_requests }}
memory: {{ netchecker_server_memory_requests }}
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop: ['ALL']
runAsUser: {{ netchecker_server_user | default('0') }}
runAsGroup: {{ netchecker_server_group | default('0') }}
runAsNonRoot: true
seccompProfile:
type: RuntimeDefault
ports:
- containerPort: 8081
args:
......@@ -63,8 +69,14 @@ spec:
cpu: {{ netchecker_etcd_cpu_requests }}
memory: {{ netchecker_etcd_memory_requests }}
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop: ['ALL']
runAsUser: {{ netchecker_server_user | default('0') }}
runAsGroup: {{ netchecker_server_group | default('0') }}
runAsNonRoot: true
seccompProfile:
type: RuntimeDefault
tolerations:
- effect: NoSchedule
operator: Exists
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment