Docker Engine v1.10 onwards runs with a default Seccomp profile. And so
when i inspect SecurityOpt on my containers, i see SecurityOpt=<no value>:
docker ps --quiet | xargs docker inspect --format '{{ .Id }}:
SecurityOpt={{.HostConfig.SecurityOpt }}'
eed533e68c512073ec765f26cd95b11f771e352a842ebae: SecurityOpt=<no value>
However, when I inspect SecurityOpt on CoreOS (running k8s on CoreOS), i
see all containers running as SecurityOpt=[seccomp:unconfined].
When I lookup the docker daemon process, i don't see any --security-opt
option:
docker daemon --host=fd:// --exec-opt native.cgroupdriver=systemd
--bip=10.1.50.1/24 --mtu=8951 --ip-masq=false --selinux-enabled
Any idea why my containers are running as "seccomp:unconfined"?
docker version: 1.10.3
CoreOS version: 1068.3.0
k8s version: 1.2.4
