diff --git a/Dockerfile b/Dockerfile
index 2a943d02..2da559a8 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -22,7 +22,7 @@ RUN mkdir -p build && \
     -ldflags "${LDFLAGS}" .
 
 FROM --platform=$BUILDPLATFORM alpine:3.17
-RUN apk add --no-cache ca-certificates
+RUN apk add --no-cache ca-certificates libcap
 RUN adduser \
         --disabled-password \
         --gecos "" \
@@ -32,6 +32,8 @@ RUN adduser \
         kafka-proxy
 
 COPY --from=builder /go/src/github.com/grepplabs/kafka-proxy/build /opt/kafka-proxy/bin
+RUN setcap 'cap_net_bind_service=+ep' /opt/kafka-proxy/bin/kafka-proxy
+
 USER kafka-proxy
 ENTRYPOINT ["/opt/kafka-proxy/bin/kafka-proxy"]
 CMD ["--help"]
diff --git a/README.md b/README.md
index 6e59be35..da2c08e6 100644
--- a/README.md
+++ b/README.md
@@ -451,6 +451,9 @@ metadata:
    name: myapp
 spec:
   replicas: 1
+  selector:
+    matchLabels:
+      app: myapp
   template:
     metadata:
       labels: