mirrors/external-dns
1
0
Fork 0
mirror of https://github.com/kubernetes-sigs/external-dns.git synced 2025-08-06 17:46:57 +02:00
Code Issues Packages Projects Releases Wiki Activity
52382e7183
external-dns/docs/tutorials/security-context.md
Michel Loiseleur 52382e7183
chore(release): updates kustomize & docs with v0.17.0 (#5396) 
* chore(release): updates kustomize & docs with v0.17.0

Signed-off-by: Michel Loiseleur <michel.loiseleur@traefik.io>

* add optional workflow dispatch for doc

* review

---------

Signed-off-by: Michel Loiseleur <michel.loiseleur@traefik.io>
2025-05-14 08:27:19 -07:00

726 B
Raw Blame History

Running ExternalDNS with limited privileges

You can run ExternalDNS with reduced privileges since v0.5.6 using the following SecurityContext.

apiVersion: apps/v1
kind: Deployment
metadata:
  name: external-dns
spec:
  strategy:
    type: Recreate
  selector:
    matchLabels:
      app: external-dns
  template:
    metadata:
      labels:
        app: external-dns
    spec:
      containers:
      - name: external-dns
        image: registry.k8s.io/external-dns/external-dns:v0.17.0
        args:
        - ... # your arguments here
        securityContext:
          runAsNonRoot: true
          runAsUser: 65534
          readOnlyRootFilesystem: true
          capabilities:
            drop: ["ALL"]