Kube-linter by Example

Collection of examples to run and support kube-linter suggestions to kubernetes manifests

install

You can install kube-linter with brew

brew install kube-linter

Run against single or multiple manifests

To run kube-linter

kube-linter lint .

Possible fixes to kube-linter

Below are warnings you could get from kube-linter and example solutions to them.

container “xxx” does not have a read-only root file system

apiVersion: v1  
kind: Pod  
metadata:  
  name: xxx 
spec:  
  containers:  
  # specification of the pod’s containers  
  # ...  
  securityContext:  
    readOnlyRootFilesystem: true

container “xx” is not set to runAsNonRoot

apiVersion: v1  
kind: Pod  
metadata:  
  name: xxx  
spec:  
  containers:  
  # specification of the pod’s containers  
  # ...  
  securityContext:  
    runAsNonRoot: true

install#

Run against single or multiple manifests#

Possible fixes to kube-linter#

container “xxx” does not have a read-only root file system#

container “xx” is not set to runAsNonRoot#

install

Run against single or multiple manifests

Possible fixes to kube-linter

container “xxx” does not have a read-only root file system

container “xx” is not set to runAsNonRoot