gpt4 book ai didi

kubernetes - 如何列出kubernetes pod及其容器的所有securityContext

转载 作者:行者123 更新时间:2023-12-02 02:01:55 25 4
gpt4 key购买 nike

有没有办法列出所有的 securityContext,包括默认的和定义的:

  1. 广告连播级别
  2. 容器级别

使用kubectl get pod -o yaml 只显示 spec.securityContextspec.containers[*].securityContext 的定义没有默认的?

最佳答案

给你,源码可以找到in this medium article :

kubectl get pods --all-namespaces -o go-template \
--template='{{range .items}}{{"pod: "}}{{.metadata.name}}
{{if .spec.securityContext}}
PodSecurityContext:
{{"runAsGroup: "}}{{.spec.securityContext.runAsGroup}}
{{"runAsNonRoot: "}}{{.spec.securityContext.runAsNonRoot}}
{{"runAsUser: "}}{{.spec.securityContext.runAsUser}} {{if .spec.securityContext.seLinuxOptions}}
{{"seLinuxOptions: "}}{{.spec.securityContext.seLinuxOptions}} {{end}}
{{else}}PodSecurity Context is not set
{{end}}{{range .spec.containers}}
{{"container name: "}}{{.name}}
{{"image: "}}{{.image}}{{if .securityContext}}
{{"allowPrivilegeEscalation: "}}{{.securityContext.allowPrivilegeEscalation}} {{if .securityContext.capabilities}}
{{"capabilities: "}}{{.securityContext.capabilities}} {{end}}
{{"privileged: "}}{{.securityContext.privileged}} {{if .securityContext.procMount}}
{{"procMount: "}}{{.securityContext.procMount}} {{end}}
{{"readOnlyRootFilesystem: "}}{{.securityContext.readOnlyRootFilesystem}}
{{"runAsGroup: "}}{{.securityContext.runAsGroup}}
{{"runAsNonRoot: "}}{{.securityContext.runAsNonRoot}}
{{"runAsUser: "}}{{.securityContext.runAsUser}} {{if .securityContext.seLinuxOptions}}
{{"seLinuxOptions: "}}{{.securityContext.seLinuxOptions}} {{end}}{{if .securityContext.windowsOptions}}
{{"windowsOptions: "}}{{.securityContext.windowsOptions}} {{end}}
{{else}}
SecurityContext is not set
{{end}}
{{end}}{{end}}'

关于kubernetes - 如何列出kubernetes pod及其容器的所有securityContext,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/68919452/

25 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com