Gv Avinash:
For this question i have added the securityContext at the pod level so that it applies to the container as well. When i check the answer it says i haven’t added the security Context. Thoughts on this behavior?
Tej_Singh_Rana:
Hello, @Gv Avinash
Maybe there are two securityContexts. You can use the grep command to capture those extra fields.
or
Use vi editor “search” functionality.
Gv Avinash:
I started a new session and this time deleted unwanted lines. I can see a new error that says unknown field “capabilities”. Wonder if capabilities can only be added at the container level
Tej_Singh_Rana:
Yeah, It’s only be added in a container level.
You can see in kubectl explain pod.spec.containers.securityContext
Gv Avinash:
Thanks for clarifying @Tej_Singh_Rana. I can only see the capabilities on explaining the securityContext for container and not for the pod(kubectl explain pod.spec.securityContext)
Bryan Tanoue:
Also pro-tip. I did a dry run create of a pod. I added a SC to it. It never took. So…I finally scrolled to the bottom and saw that Kubernetes added it to the output. So take away is make sure you only have one and it doesn’t get over written at the end!