I have been in DevOps related jobs for past 6 years dealing mainly with Kubernetes in AWS and on-premise as well. I spent quite a lot …
ReadOnlyRootFilesystem
root@cks-master:~# k delete po immutable --grace-period 0 --force
root@cks-master:~# k create -f immutable.yaml
cat immutable.yaml
apiVersion: v1
kind: Pod
metadata:
creationTimestamp: null
labels:
run: immutable
name: immutable
spec:
containers:
- image: httpd
name: immutable
securityContext:
readOnlyRootFilesystem: true
volumeMounts:
- name: pid
mountPath: "/usr/local/apache2/logs/"
volumes:
- name: pid
emptyDir: {}
dnsPolicy: ClusterFirst
restartPolicy: Always
status: {}