feat: add security context
This commit is contained in:
@@ -6,6 +6,26 @@ cilium:
|
|||||||
qps: 50
|
qps: 50
|
||||||
burst: 100
|
burst: 100
|
||||||
rollOutCiliumPods: true
|
rollOutCiliumPods: true
|
||||||
|
securityContext:
|
||||||
|
capabilities:
|
||||||
|
ciliumAgent:
|
||||||
|
- CHOWN
|
||||||
|
- KILL
|
||||||
|
- NET_ADMIN
|
||||||
|
- NET_RAW
|
||||||
|
- IPC_LOCK
|
||||||
|
- SYS_ADMIN
|
||||||
|
- SYS_RESOURCE
|
||||||
|
- DAC_OVERRIDE
|
||||||
|
- FOWNER
|
||||||
|
- SETGID
|
||||||
|
- SETUID
|
||||||
|
- PERFMON
|
||||||
|
- BPF
|
||||||
|
cleanCiliumState:
|
||||||
|
- NET_ADMIN
|
||||||
|
- SYS_ADMIN
|
||||||
|
- SYS_RESOURCE
|
||||||
bpf:
|
bpf:
|
||||||
hostLegacyRouting: true
|
hostLegacyRouting: true
|
||||||
devices: end0 enp6s0
|
devices: end0 enp6s0
|
||||||
|
|||||||
Reference in New Issue
Block a user