Pods being configured to be privileged in any way must be treated as potentially not stateless or not immutable.

Pods being configured to be privileged in any way must be treated as potentially not stateless or not immutable.

Answer: k get pods -n prodk get pod <pod-name> -n prod -o yaml | grep -E ‘privileged|ReadOnlyRootFileSystem’Delete the pods which do have any of these 2 propertiesprivileged:true or ReadOnlyRootFileSystem: false

[desk@cli]$ k get pods -n prod

NAME READY STATUS RESTARTS AGE

cms 1/1 Running 0 68m

db 1/1 Running 0 4m

nginx 1/1 Running 0 23m

[desk@cli]$ k get pod nginx -n prod -o yaml | grep -E ‘privileged|RootFileSystem’ {"apiVersion":"v1","kind":"Pod","metadata":{"annotations":{},"creationTimestamp":null,"label s":{"run":"nginx"},"name":"nginx","namespace":"prod"},"spec":{"containers":[{"image":"nginx ","name":"nginx","resources":{},"securityContext":{"privileged":true }}],"dnsPolicy":"ClusterFirst","restartPolicy":"Always"},"status":{}}f:privileged: {}privileged:

true

[desk@cli]$ k delete pod nginx -n prod

[desk@cli]$ k get pod db -n prod -o yaml | grep -E ‘privileged|RootFilesystem’

[desk@cli]$ k get pod cms -n prod -o yaml | grep -E ‘privileged|RootFilesystem’

Latest CKS Dumps Valid Version with 44 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments