51 lines
1.6 KiB
Markdown
51 lines
1.6 KiB
Markdown
<!--
|
||
---
|
||
title: Security Context
|
||
id: security-context
|
||
date: 2018-04-12
|
||
full_link: /docs/tasks/configure-pod-container/security-context/
|
||
short_description: >
|
||
The securityContext field defines privilege and access control settings for a Pod or container.
|
||
|
||
aka:
|
||
tags:
|
||
- security
|
||
---
|
||
-->
|
||
|
||
---
|
||
title: 安全上下文(Security Context)
|
||
id: security-context
|
||
date: 2018-04-12
|
||
full_link: /zh/docs/tasks/configure-pod-container/security-context/
|
||
short_description: >
|
||
securityContext 字段定义 Pod 或容器的特权和访问控制设置,包括运行时 UID 和 GID。
|
||
|
||
aka:
|
||
tags:
|
||
- security
|
||
---
|
||
|
||
<!--
|
||
The `securityContext` field defines privilege and access control settings for
|
||
a {{< glossary_tooltip text="Pod" term_id="pod" >}} or
|
||
{{< glossary_tooltip text="container" term_id="container" >}}.
|
||
-->
|
||
|
||
securityContext 字段定义 {{< glossary_tooltip text="Pod" term_id="pod" >}} 或 {{< glossary_tooltip text="container(容器)" term_id="container" >}} 的特权和访问控制设置。
|
||
|
||
<!--more-->
|
||
|
||
<!--
|
||
In a `securityContext`, you can define: the user that processes run as,
|
||
the group that processes run as, and privilege settings.
|
||
You can also configure security policies (for example: SELinux, AppArmor or seccomp).
|
||
-->
|
||
|
||
在一个 securityContext 字段中,可以设置进程所属用户和用户组、权限相关设置。你也可以设置安全策略(例如:SELinux、AppArmor、seccomp)
|
||
|
||
<!--
|
||
The `PodSpec.securityContext` setting applies to all containers in a Pod.
|
||
-->
|
||
|
||
‘PodSpec.securityContext’字段配置会应用到一个Pod中的所有的container。 |