Code Review / yardstick.git / commit
? search:
summary | shortlog | log | commit | commitdiff | review | tree
(parent: 3429269) | patch
Add "securityContext" parameter in Kubernetes context 91/57091/8
authorRodolfo Alonso Hernandez <rodolfo.alonso.hernandez@intel.com>
Sat, 5 May 2018 18:06:06 +0000 (19:06 +0100)
committerRodolfo Alonso Hernandez <rodolfo.alonso.hernandez@intel.com>
Thu, 14 Jun 2018 07:15:29 +0000 (07:15 +0000)
commit3b43905b749b65bd229db8f3f1ce10c29f9b9e37
tree652d7fb7a64faebbe3ce51d0a4496ce3ebdc99a5tree | snapshot
parent34292694f596561de9c78f0feb663ffa5de0dc2dcommit | diff
Add "securityContext" parameter in Kubernetes context

This new parameter, "securityContext", will allow the user to define the
privilege and access control settings for a pod or a container [1].

Example of "securityContext" definition in the pod (if only one container
is defined):

  context:
    type: Kubernetes
    servers:
      host:
        image: ...
        securityContext:
          runAsUser: 1000
          fsGroup: 2000 

Example of "securityContext" definition in the pod and the container (if
several containers are defined):     

  context:
    type: Kubernetes
    servers:
      host:
        securityContext:
          runAsUser: 1000
          fsGroup: 2000 
        containers:
          - image: ...
            securityContext:
              allowPrivilegeEscalation: false
          - image: ...

[1] https://kubernetes.io/docs/tasks/configure-pod-container/security-context/

JIRA: YARDSTICK-1156

Change-Id: I597a300c68cd834522a284b1cca0faa918493342
Signed-off-by: Rodolfo Alonso Hernandez <rodolfo.alonso.hernandez@intel.com>
yardstick/orchestrator/kubernetes.py diff | blob | history
yardstick/tests/unit/orchestrator/test_kubernetes.py diff | blob | history