ReplicaSet

Jan 1, 0001

Definition

A ReplicaSet is a Kubernetes resource that ensures a specified number of pod replicas are running at any given time. It is responsible for maintaining the desired state of pod replicas by scaling them up or down as needed. ReplicaSets are often used to ensure high availability and reliability of applications by automatically replacing failed or deleted pods.

Secure Settings Example

apiVersion: apps/v1
kind: ReplicaSet
metadata:
  name: secure-replicaset
spec:
  replicas: 3
  selector:
    matchLabels:
      app: secure-app
  template:
    metadata:
      labels:
        app: secure-app
    spec:
      containers:
      - name: secure-container
        image: secure-image:latest
        securityContext:
          runAsNonRoot: true
          readOnlyRootFilesystem: true
          capabilities:
            drop:
            - ALL

Insecure Settings Example

apiVersion: apps/v1
kind: ReplicaSet
metadata:
  name: insecure-replicaset
spec:
  replicas: 3
  selector:
    matchLabels:
      app: insecure-app
  template:
    metadata:
      labels:
        app: insecure-app
    spec:
      containers:
      - name: insecure-container
        image: insecure-image:latest
        securityContext:
          runAsNonRoot: false
          readOnlyRootFilesystem: false
          capabilities:
            add:
            - ALL

ReplicaSet

Definition

Secure Settings Example

Insecure Settings Example

Ask AppSec: free security newsletter

Ask AppSec: free security newsletter