Bird
0
0

A pod fails to deploy with error about 'runAsNonRoot' violation, but the namespace is labeled with

medium📝 Troubleshoot Q7 of 15
Kubernetes - RBAC and Security
A pod fails to deploy with error about 'runAsNonRoot' violation, but the namespace is labeled with 
pod-security.kubernetes.io/enforce: baseline
. What is a possible fix?
ARemove the 'runAsNonRoot' setting from pod spec
BAdd 'privileged: true' to container security context
CChange namespace label to 'privileged'
DSet 'runAsNonRoot: true' in pod security context
Step-by-Step Solution
Solution:

  1. Step 1: Understand baseline policy requirements

    Baseline requires pods to run as non-root user for security.

  2. Step 2: Fix pod spec to comply

    Setting 'runAsNonRoot: true' in pod security context ensures compliance.

  3. Final Answer:

    Set 'runAsNonRoot: true' in pod security context -> Option D

  4. Quick Check:

    Baseline requires runAsNonRoot = true for pods [OK]
Quick Trick: Set runAsNonRoot: true to meet baseline security [OK]
Common Mistakes:
  • Removing runAsNonRoot setting
  • Using privileged mode incorrectly
  • Misunderstanding security context fields

Want More Practice?

15+ quiz questions · All difficulty levels · Free

Free Signup - Practice All Questions
More Kubernetes Quizzes
Helm Package Manager - Adding chart repositories - Quiz 6medium Helm Package Manager - Upgrading and rolling back releases - Quiz 12easy Helm Package Manager - Chart templates and values.yaml - Quiz 12easy Helm Package Manager - Installing Helm - Quiz 8hard Operators and Custom Resources - Custom Resource Definitions (CRDs) - Quiz 14medium Production Best Practices - Why production readiness matters - Quiz 12easy Service Mesh - Why service mesh matters - Quiz 12easy Service Mesh - Mutual TLS for service communication - Quiz 13medium Service Mesh - Service mesh vs library-based approach - Quiz 8hard Troubleshooting - Node troubleshooting - Quiz 5medium