By default, Rackspace KaaS security features enforce a set of limitations for deployments, ReplicationControllers, and pods.
The containers cannot perform the following actions:
- Run as root
- Run as privileged
- Use host networking
- Use root namespaces
See Configure pod security policies for workarounds for all of the preceding limitations.