• HostPath Mounts Used by KubeArmor
• Introduction
• KubeArmor
• Mandatory Mounts
• 1. sys-kernel-debug-path
• 2. Container runtime sockets (read-only) : needed for interacting with container runtimes, would be removed soon as we adopt OCI hooks
• Conditional Mounts
• 1. apparmor.d Path
• 1. lib-modules-path (Read Only)
• 2. usr-src Path (Read Only)
• 3. os-release-path (Read Only)
• Kubearmor Snitch
• 1. apparmor-path
• 2. sys-path
• 3. var-path
• 4. run-path
• 5. seccomp-path