More sec stuff
This commit is contained in:
parent
07c7253447
commit
2f4eacb9ed
@ -34,7 +34,13 @@ spec:
|
|||||||
hasDns: "true"
|
hasDns: "true"
|
||||||
|
|
||||||
securityContext:
|
securityContext:
|
||||||
|
capabilities:
|
||||||
|
drop: [ALL]
|
||||||
|
add: [NET_BIND_SERVICE]
|
||||||
|
readOnlyRootFilesystem: true
|
||||||
|
runAsGroup: 0
|
||||||
runAsNonRoot: false
|
runAsNonRoot: false
|
||||||
|
runAsUser: 0
|
||||||
|
|
||||||
affinity:
|
affinity:
|
||||||
podAntiAffinity:
|
podAntiAffinity:
|
||||||
|
Loading…
Reference in New Issue
Block a user