apiVersion: v1 kind: Pod metadata: name: nginx-selinux labels: app: nginx-selinux spec: containers: - name: nginx image: nginx securityContext: seLinuxOptions: level: s1:c234,c567 user: sysadm_u role: sysadm_r type: svirt_lxc_net_t resources: limits: cpu: "100m" memory: "30Mi"