You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Hi Everyone
Needed advice from community members. We have deployed cadvisor 0.47.2 using helm in Microsoft Azure Kubernetes Service (AKS). Also during an assessment of our platform towards improved security & resilience angle received below recommendations from Microsoft experts to be implemented.
Usage of pod HostPath volume mounts should be restricted to a known list to restrict node access from compromised containers
The root access inside the service container should be avoided.
We are not sure if above actions when implemented will have an impact on cadvisor since we used default cadvisor configs which are in helm chart for cadvisor.
Could anyone from the community please help or guide us on below queries?
Have you tried implementing custom configs apart from default configs provided?
Do you have a view of the impact by any means if we go ahead and implement this?
Are there any other general recommendation towards achieving this?
The text was updated successfully, but these errors were encountered:
Hi Everyone
Needed advice from community members. We have deployed cadvisor 0.47.2 using helm in Microsoft Azure Kubernetes Service (AKS). Also during an assessment of our platform towards improved security & resilience angle received below recommendations from Microsoft experts to be implemented.
We are not sure if above actions when implemented will have an impact on cadvisor since we used default cadvisor configs which are in helm chart for cadvisor.
Could anyone from the community please help or guide us on below queries?
The text was updated successfully, but these errors were encountered: