kubectl get pod <pod_name> -o jsonpath='{.spec.containers[*].securityContext}'
. Ensure that the container’s security context does not have any privileged settings that could enable unprivileged delegation of page faults handling.apiVersion
, kind
, and metadata
fields to define the Deployment.replicas
field to ensure the desired number of pods running the script.image
field.kubectl apply -f <manifest-file>
.serviceAccountName
field to the Deployment manifest and set it to the name of the ServiceAccount created in step 2.kubectl apply -f <manifest-file>
.