For this question i have added the securityContext at the pod level so that it applies to the container as well. When i check the answer it says i haven’t added the security Context. Thoughts on this behavior?
Hello, @Gv Avinash
Maybe there are two securityContexts. You can use the grep command to capture those extra fields.
Use vi editor “search” functionality.
I started a new session and this time deleted unwanted lines. I can see a new error that says unknown field “capabilities”. Wonder if capabilities can only be added at the container level
Yeah, It’s only be added in a container level.
You can see in
kubectl explain pod.spec.containers.securityContext
Thanks for clarifying @Tej_Singh_Rana. I can only see the capabilities on explaining the securityContext for container and not for the pod(kubectl explain pod.spec.securityContext)
Also pro-tip. I did a dry run create of a pod. I added a SC to it. It never took. So…I finally scrolled to the bottom and saw that Kubernetes added it to the output. So take away is make sure you only have one and it doesn’t get over written at the end!