d95c80d36f
Fixed merge conflict (RS) Signed-off-by: Rafael Jardim <rafaeljordao.jardim@windriver.com> Change-Id: I30b882a14196525f440db1108a56bbf862dfaf55 Signed-off-by: Ron Stone <ronald.stone@windriver.com>
33 lines
789 B
ReStructuredText
33 lines
789 B
ReStructuredText
|
|
.. vca1590088383576
|
|
.. _enable-pod-security-policy-checking:
|
|
|
|
===================================
|
|
Enable Pod Security Policy Checking
|
|
===================================
|
|
|
|
.. rubric:: |proc|
|
|
|
|
#. Set the kubernetes kube\_apiserver admission\_plugins system parameter to
|
|
include PodSecurityPolicy.
|
|
|
|
.. code-block:: none
|
|
|
|
~(keystone_admin)]$ system service-parameter-add kubernetes kube_apiserver admission_plugins=PodSecurityPolicy
|
|
|
|
#. Apply the Kubernetes system parameters.
|
|
|
|
.. code-block:: none
|
|
|
|
~(keystone_admin)]$ system service-parameter-apply kubernetes
|
|
|
|
#. View the automatically added pod security policies.
|
|
|
|
.. code-block:: none
|
|
|
|
$ kubectl get psp
|
|
$ kubectl describe <psp> privileged
|
|
$ kubectl describe <psp> restricted
|
|
|
|
|