Skip to content
This repository has been archived by the owner on Sep 21, 2021. It is now read-only.

Implement container-scoped securityContext configuration #973

Closed
martincfo opened this issue May 15, 2019 · 3 comments · Fixed by #995
Closed

Implement container-scoped securityContext configuration #973

martincfo opened this issue May 15, 2019 · 3 comments · Fixed by #995

Comments

@martincfo
Copy link

Hi, this request is similar to #904; however, in this case we'd like to have the container-scoped securityContext configurable, and passed to the spawned pods.

This would allow us to set capabilities for the spawned containers (such as NET_ADMIN), which would in turn enable us to run tc/netem to induce impaired networking conditions in the client browser test environment.

https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.14/#securitycontext-v1-core

Please let me know if you'd like further elaboration.

Thanks,
Martin
@diemol
Copy link
Contributor

diemol commented May 16, 2019

Hey @davidcollom @arnaud-deprez, do you have any thoughs about this?

@davidcollom
Copy link
Contributor

I think its something to investigate implementing, the hub may not always need/want the same level of permissions than that of the nodes, similar to that of the kubernetes service account.

@arnaud-deprez
Copy link
Contributor

Hi @diemol,

Sorry for the delay, it is indeed something I can look into.
Will keep you posted :-)

@arnaud-deprez arnaud-deprez mentioned this issue Jul 9, 2019
Merged
9 tasks
diemol pushed a commit that referenced this issue Jul 19, 2019
@arnaud-deprez @diemol
feat: add container security context support (#995)
03559f5 
Closes #973
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

feat: add container security context support
4 participants
@davidcollom @arnaud-deprez @diemol @martincfo