Containers running with privilegeEscalation enabled are allowing container processes to elevate privileges they don’t have to begin with. This would be the equivalent of providing sudo access to your Linux servers. With the same care you provide access to your servers, the same attention should be given to your running containers.
As part of our best practices, Magalix KubeAdvisor ships with a governance Advisor that detects when your pods are running with privilegeEscalated set to true. We identify when all of your clusters have potential issues, so you don’t have to.
When logging into the Magalix console, find your cluster and drill down to Issues using the navigation bar on the left.
#devops #kubernetes #governance #policies