AppArmor (under construction)
Restrict a Container's Access to Resources with AppArmor
Getting Super Powers
Becoming a super hero is a fairly straight forward process:
$ give me super-powers
Run each of managed kubernetes
Switched to context "eks".
❯ kubectl get nodes -o=jsonpath=$'{range .items[*]}{@.metadata.name}: {.status.conditions[?(@.reason=="KubeletReady")].message}\n{end}'
ip-172-31-xxx-xxx.us-east-2.compute.internal: kubelet is posting ready status
ip-172-31-xxx-xxx.us-east-2.compute.internal: kubelet is posting ready status
Switched to context "aks".
❯ kubectl get nodes -o=jsonpath=$'{range .items[*]}{@.metadata.name}: {.status.conditions[?(@.reason=="KubeletReady")].message}\n{end}'
aks-agentpool-11552782-vmss000002: kubelet is posting ready status. AppArmor enabled
aks-agentpool-11552782-vmss000003: kubelet is posting ready status. AppArmor enabled
Switched to context "gke_hj-int-20200908_us-central1-c_gke".
❯ kubectl get nodes -o=jsonpath=$'{range .items[*]}{@.metadata.name}: {.status.conditions[?(@.reason=="KubeletReady")].message}\n{end}'
gke-gke-default-pool-4a20fcac-hnhv: kubelet is posting ready status. AppArmor enabled
gke-gke-default-pool-4a20fcac-xuff: kubelet is posting ready status. AppArmor enabled
Switched to context "nks".
❯ kubectl get nodes -o=jsonpath=$'{range .items[*]}{@.metadata.name}: {.status.conditions[?(@.reason=="KubeletReady")].message}\n{end}'
nks-nks-pool-w-mk1: kubelet is posting ready status. AppArmor enabled
nks-nks-pool-w-mk2: kubelet is posting ready status. AppArmor enabled
Reference Guide
Easy Guide
Last updated
Was this helpful?