mirror of https://github.com/arangodb/kube-arangodb.git synced 2024-12-14 11:57:37 +00:00

Nikita Vaniasin 2815e7186d

Improve documentation rendering for GitHub Pages (#1558 )

2024-01-08 12:28:31 +01:00

858 B

Raw Permalink Blame History

layout	title	parent
page	Secured containers	List of all features

Secured Containers

Overview

Change Default settings of:

PodSecurityContext
- FSGroup is set to 3000
SecurityContext (Container)
- RunAsUser is set to 1000
- RunAsGroup is set to 2000
- RunAsNonRoot is set to true
- ReadOnlyRootFilesystem is set to true
- Capabilities.Drop is set to ["ALL"]

Dependencies

Operator Ephemeral Volumes should be Enabled and Supported.

How to use

To enable this feature use --deployment.feature.secured-containers arg, which needs be passed to the operator:

helm upgrade --install kube-arangodb \
https://github.com/arangodb/kube-arangodb/releases/download/$VER/kube-arangodb-$VER.tgz \
  --set "operator.args={--deployment.feature.secured-containers}"

858 B Raw Permalink Blame History

Secured Containers

Overview

Dependencies

How to use

858 B

Raw Permalink Blame History