The option to mount volumes readonly has existed since early releases (not sure exactly when it was added), but that needs to be manually specified on every volume mount.
The fix to always mount the managed volumes read only is only backported to 1.7 (our oldest supported branch). On Mon, Mar 12, 2018 at 1:36 PM eli via Kubernetes user discussion and Q&A < kubernetes-users@googlegroups.com> wrote: > Hi, > > https://issue.k8s.io/60814 says the fix impact is that secret, config > map, etc will be mounted as read only. Is this a mitigation option in <1.7? > > Thanks, > Eli > > -- > You received this message because you are subscribed to the Google Groups > "Kubernetes user discussion and Q&A" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to kubernetes-users+unsubscr...@googlegroups.com. > To post to this group, send email to kubernetes-users@googlegroups.com. > Visit this group at https://groups.google.com/group/kubernetes-users. > For more options, visit https://groups.google.com/d/optout. > -- You received this message because you are subscribed to the Google Groups "Kubernetes user discussion and Q&A" group. To unsubscribe from this group and stop receiving emails from it, send an email to kubernetes-users+unsubscr...@googlegroups.com. To post to this group, send email to kubernetes-users@googlegroups.com. Visit this group at https://groups.google.com/group/kubernetes-users. For more options, visit https://groups.google.com/d/optout.
