diff --git a/content/en/docs/tutorials/clusters/apparmor.md b/content/en/docs/tutorials/clusters/apparmor.md index 4de988270df44..2d1894b545d0e 100644 --- a/content/en/docs/tutorials/clusters/apparmor.md +++ b/content/en/docs/tutorials/clusters/apparmor.md @@ -178,7 +178,18 @@ k8s-apparmor-example-deny-write (enforce) First, we need to load the profile we want to use onto our nodes. The profile we'll use simply denies all file writes: -{{< code language="text" file="deny-write.profile" >}} +```shell +#include + +profile k8s-apparmor-example-deny-write flags=(attach_disconnected) { + #include + + file, + + # Deny all file writes. + deny /** w, +} +``` Since we don't know where the Pod will be scheduled, we'll need to load the profile on all our nodes. For this example we'll just use SSH to install the profiles, but other approaches are diff --git a/content/en/docs/tutorials/clusters/deny-write.profile b/content/en/docs/tutorials/clusters/deny-write.profile deleted file mode 100644 index c2653c7112865..0000000000000 --- a/content/en/docs/tutorials/clusters/deny-write.profile +++ /dev/null @@ -1,10 +0,0 @@ -#include - -profile k8s-apparmor-example-deny-write flags=(attach_disconnected) { - #include - - file, - - # Deny all file writes. - deny /** w, -} diff --git a/content/ko/docs/tutorials/clusters/apparmor.md b/content/ko/docs/tutorials/clusters/apparmor.md index b370a7e613ae1..d5b311d327385 100644 --- a/content/ko/docs/tutorials/clusters/apparmor.md +++ b/content/ko/docs/tutorials/clusters/apparmor.md @@ -177,7 +177,18 @@ k8s-apparmor-example-deny-write (enforce) 먼저 노드에서 사용하려는 프로파일을 적재해야 한다. 사용할 프로파일은 단순히 파일 쓰기를 거부할 것이다. -{{< code language="text" file="deny-write.profile" >}} +```shell +#include + +profile k8s-apparmor-example-deny-write flags=(attach_disconnected) { + #include + + file, + + # Deny all file writes. + deny /** w, +} +``` 파드를 언제 스케줄할지 알지 못하므로 모든 노드에 프로파일을 적재해야 한다. 이 예시에서는 SSH를 이용하여 프로파일을 설치할 것이나 다른 방법은 diff --git a/content/ko/docs/tutorials/clusters/deny-write.profile b/content/ko/docs/tutorials/clusters/deny-write.profile deleted file mode 100644 index af56e5cd7d67f..0000000000000 --- a/content/ko/docs/tutorials/clusters/deny-write.profile +++ /dev/null @@ -1,10 +0,0 @@ -#include - -profile k8s-apparmor-example-deny-write flags=(attach_disconnected) { - #include - - file, - - # 모든 파일에 저장을 금지한다. - deny /** w, -}