add capabilities

Signed-off-by: Martyn Ranyard <m@rtyn.berlin>
This commit is contained in:
Martyn 2023-10-30 17:39:54 +01:00
parent 3b8fccd8cf
commit 5f1893c1a3
1 changed files with 6 additions and 0 deletions

View File

@ -10,3 +10,9 @@ spec:
sysctls: sysctls:
- name: "net.ipv4.ip_unprivileged_port_start" - name: "net.ipv4.ip_unprivileged_port_start"
value: "0" value: "0"
securityContext:
capabilities:
drop:
- "ALL"
add:
- "NET_BIND_SERVICE"