starlingx/docs
Code Issues Proposed changes
d466920c10
docs/doc/source/security/kubernetes/disable-pod-security-policy-checking.rst
Rahul Roshan Kachchap f076c3a387 Adding note of PSP removal from the project documentation 
Removal of PSP Support as part of k8s 1.25/1.26 transition,
we are adding a note to each page that has pod security policy
contexts from the project doc about its existence in K8S v1.24
and removal from K8S v1.25

Story: 2010590
Task: 48324

Change-Id: Ifefeda7ac181267b66398dbf45af9f6ee1239090
Signed-off-by: Rahul Roshan Kachchap <rahulroshan.kachchap@windriver.com>
2023-07-17 08:35:10 -04:00

1.0 KiB
Raw Blame History

Disable Pod Security Policy Checking

Note

PodSecurityPolicy (PSP) ONLY applies if running on K8S v1.24 or earlier. PodSecurityPolicy (PSP) is deprecated as of Kubernetes v1.21 and removed from K8S v1.25. Instead of using PodSecurityPolicy, you can enforce similar restrictions on Pods using Pod Security Admission Controller <pod-security-admission-controller-8e9e6994100f>

You can delete the previously added PodSecurityPolicy service parameter to disable pod security policy checking.

  1. Remove the kubernetes kube_apiserver admission_plugins system parameter to exclude PodSecurityPolicy.

    ~(keystone_admin)]$ system service-parameter-delete <uuid>

  2. Apply the Kubernetes system parameters.

    ~(keystone_admin)]$ system service-parameter-apply kubernetes