CozyFex
Posts Tags Categories English
CozyFex

Contents

Kubernetes AppArmor

CozyFex included in kubernetes k8s orchestration
   84 words   One minute 

AppArmor in Kubernetes

  • Kubernetes Version > 1.4
  • AppArmor Kernel Module Enabled
  • AppArmor Profile Loaded in the Kernel
  • Container Runtime should be Supported

Definition

AppArmor
container.apparmor.security.beta.kubernetes.io/<container-name>: localhost/<profile-name>
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21

apiVersion: v1
kind: Pod
metadata:
  creationTimestamp: null
  labels:
    run: nginx
  name: nginx
  annotations:
    container.apparmor.security.beta.kubernetes.io/nginx: localhost/custom-nginx
spec:
  containers:
    - image: 'nginx:alpine'
      name: nginx
      volumeMounts:
        - mountPath: /usr/share/nginx/html
          name: test-volume
  volumes:
    - name: test-volume
      hostPath:
        path: /data/pages
        type: Directory
Updated on 2021-07-06
Read Markdown
 kubernetesapparmor
Back | Home