Initial Unsafe K8s Deployment
Last updated
Was this helpful?
Last updated
Was this helpful?
This deploys the demo application to Kubernetes using a standard kubernetes yaml file running the container using root user.
For details on the demo application see .
The corresponding container image is pulled from docker hub repository.
The application is deployed using the following deployment yaml file k8s/deploy.yaml:
Just deploy it by typing kubectl apply -f ./deploy.yaml
in directory k8s.
Please note that the container is running as root by default and kubernetes also does not prohibit this by default!
This should result in an output similar to this:
An alternative tool for this is popeye, just run it against your current cluster:
It is also possible to check directly your deployment yaml file:
This will show an output similar to this one:
You may also check that the user of the running container is not root using (check your pod name before):
Note: If you have deployed the JIB container image then the base image is a distroless image meaning that no shell and no whoami command is inside the container. Therefore, you cannot use the command above.
Now you can prove that this container does run with root by using a tool like .