1
00:00:00,980 --> 00:00:05,560
Hello and welcome to this lecture on Security Contexts in Kubernetes.

2
00:00:05,600 --> 00:00:10,150
My name is Mumshad Mannambeth  as we saw in the previous lecture.

3
00:00:10,340 --> 00:00:17,300
When you run a docker container you have the option to define a set of security standards such as the

4
00:00:17,300 --> 00:00:20,050
ID of the user used to run the container,

5
00:00:20,240 --> 00:00:26,570
The Linux capabilities that can be added or removed from the container etc. These can be configured

6
00:00:26,630 --> 00:00:31,160
in Kubernetes as well. As you know already, in

7
00:00:31,190 --> 00:00:34,720
Kubernetes containers are encapsulated in PODs.

8
00:00:34,830 --> 00:00:41,040
You may choose to configure the security settings at a container level or at a pod level.

9
00:00:41,160 --> 00:00:47,360
If you configure it at a pod level the settings will carry over to all the containers within the pod.

10
00:00:47,520 --> 00:00:53,340
If you can figure it at both the pod and the container the settings on the container will override

11
00:00:53,370 --> 00:00:59,140
the settings on the pod let us start with a pod definition file.

12
00:00:59,160 --> 00:01:06,150
This pod runs an ubuntu image with the sleep command.  To configure security context on the container,

13
00:01:06,450 --> 00:01:13,560
had a field called security context under the specs section of the pod used to run as a user option

14
00:01:13,650 --> 00:01:21,230
to set the user I.D. for the pod to set the same configuration on the container level move the whole

15
00:01:21,230 --> 00:01:28,940
section under the container specification like this to add capabilities used the capabilities option

16
00:01:29,030 --> 00:01:33,830
and specify a list of capabilities to add to the pod.

17
00:01:33,980 --> 00:01:35,180
Well that's all.

18
00:01:35,180 --> 00:01:42,650
On security context in Kubernetes head over to the coding exercises section and practice viewing configuring

19
00:01:42,740 --> 00:01:47,740
and troubleshooting issues related to security contexts in Kubernetes.

20
00:01:47,840 --> 00:01:50,930
That's it for now and I will see you in the next lecture.