14 lines
475 B
YAML
14 lines
475 B
YAML
apiVersion: v1
|
|
kind: Pod
|
|
metadata:
|
|
name: hello-apparmor
|
|
annotations:
|
|
# Tell Kubernetes to apply the AppArmor profile "k8s-apparmor-example-deny-write".
|
|
# Note that this is ignored if the Kubernetes node is not running version 1.4 or greater.
|
|
container.apparmor.security.beta.kubernetes.io/hello: localhost/k8s-apparmor-example-deny-write
|
|
spec:
|
|
containers:
|
|
- name: hello
|
|
image: busybox
|
|
command: [ "sh", "-c", "echo 'Hello AppArmor!' && sleep 1h" ]
|