kubernetes
/
website
mirror of https://github.com/kubernetes/website.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Merge pull request #33291 from kinzhi/kinzhi52 

[zh]Sync content/zh/examples/policy/restricted-psp.yaml
pull/33346/head
Kubernetes Prow Robot 2022-04-30 05:37:12 -07:00 committed by GitHub
parent 20ce068d30 bf84c6a5a0
commit a66ba6a53e
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
content/zh/examples/policy/restricted-psp.yaml
View File

@ -3,6 +3,7 @@ kind: PodSecurityPolicy
metadata: metadata:
name: restricted name: restricted
annotations: annotations:
# docker/default 标识 seccomp 的配置文件,但它与 Docker 运行时没有特别关联
seccomp.security.alpha.kubernetes.io/allowedProfileNames: 'docker/default,runtime/default' seccomp.security.alpha.kubernetes.io/allowedProfileNames: 'docker/default,runtime/default'
apparmor.security.beta.kubernetes.io/allowedProfileNames: 'runtime/default' apparmor.security.beta.kubernetes.io/allowedProfileNames: 'runtime/default'
apparmor.security.beta.kubernetes.io/defaultProfileName: 'runtime/default' apparmor.security.beta.kubernetes.io/defaultProfileName: 'runtime/default'
@ -45,3 +46,4 @@ spec:
- min: 1 - min: 1
max: 65535 max: 65535
readOnlyRootFilesystem: false readOnlyRootFilesystem: false