| 123456789101112131415161718192021222324252627282930313233343536373839404142 |
- allowHostDirVolumePlugin: true
- allowHostIPC: false
- allowHostNetwork: true
- allowHostPID: false
- allowHostPorts: false
- allowPrivilegedContainer: false
- allowedCapabilities: []
- allowedFlexVolumes: []
- apiVersion: v1
- defaultAddCapabilities: []
- fsGroup:
- ranges:
- - max: "{{ contiv_etcd_system_gid }}"
- min: "{{ contiv_etcd_system_gid }}"
- type: MustRunAs
- groups: []
- kind: SecurityContextConstraints
- metadata:
- annotations:
- kubernetes.io/description: 'For contiv-etcd only.'
- creationTimestamp: null
- name: contiv-etcd
- priority: null
- readOnlyRootFilesystem: true
- requiredDropCapabilities:
- - KILL
- - MKNOD
- - SETUID
- - SETGID
- runAsUser:
- type: MustRunAs
- uid: "{{ contiv_etcd_system_uid }}"
- seLinuxContext:
- type: MustRunAs
- supplementalGroups:
- type: MustRunAs
- users:
- - system:serviceaccount:kube-system:contiv-etcd
- volumes:
- - emptyDir
- - hostPath
- - secret
|
