Welcome to the Linux Foundation Forum!

Lab 6: Set SecurityContext for a Pod and Container

bryonbaker Posts: 28
edited September 2018 in LFD259 Class Forum

In the first section of Lab 6 the spec for the Security Context lab has two "name" attributes under "containers".

name: secondapp

Apart from the mistake of the missing space before "busy", the indentation looks like it is under containers, but there is already a name attribute. Is this a mistake, or should "name: busy" be nested elsewhere?
I have written the spec with the same nesting as secondapp and it appears to work fine - so I just want to understand what is going on.


  • serewicz
    serewicz Posts: 1,000


    Is the indentation issue in the book or in the example file? The name busy is for a container name which you will use with a kubectl exec statement later in the lab.


  • It is on page 2 of the lab 6. Looking through the API doco at: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.11/#podspec-v1-core, there is no "name" property that lines up anywhere under PodSpec but as part of metadata and containers - and the lab already has that as "name: secondapp"
    see attached

  • bryonbaker
    bryonbaker Posts: 28
    edited October 2018

    The name busy is for a container name

    @serewicz - The name "busy" is not the nested under the Container array in the lab, so how can this be the container name?
    Looking at the API documentation. Name is however an attribute of each element in the Container array.
    There is however a "patch merge key: name" in the PodSpec, but I am not sure what that is doing.
    So what is the relationship between "name: busy" and "name: busybox" in the PodSpec in the labs? (See attached image)

  • serewicz
    serewicz Posts: 1,000

    Did you find the use of the exec command later in the lab? If you omit the entry does that command still work? The use of indentation is how YAML knows which sections to collect together.


Upcoming Training