Rahul Roshan Kachchap f076c3a387 Adding note of PSP removal from the project documentation

Removal of PSP Support as part of k8s 1.25/1.26 transition,
we are adding a note to each page that has pod security policy
contexts from the project doc about its existence in K8S v1.24
and removal from K8S v1.25

Story: 2010590
Task: 48324

Change-Id: Ifefeda7ac181267b66398dbf45af9f6ee1239090
Signed-off-by: Rahul Roshan Kachchap <rahulroshan.kachchap@windriver.com>

2023-07-17 08:35:10 -04:00

1.1 KiB

Raw Blame History

Enable Pod Security Policy Checking

Note

PodSecurityPolicy (PSP) ONLY applies if running on K8S v1.24 or earlier. PodSecurityPolicy (PSP) is deprecated as of Kubernetes v1.21 and removed from K8S v1.25. Instead of using PodSecurityPolicy, you can enforce similar restrictions on Pods using Pod Security Admission Controller <pod-security-admission-controller-8e9e6994100f>

Set the kubernetes kube_apiserver admission_plugins system parameter to include PodSecurityPolicy.

~(keystone_admin)]$ system service-parameter-add kubernetes kube_apiserver admission_plugins=PodSecurityPolicy

Apply the Kubernetes system parameters.

~(keystone_admin)]$ system service-parameter-apply kubernetes

View the automatically added pod security policies.

$ kubectl get psp
$ kubectl describe <psp> privileged
$ kubectl describe <psp> restricted

1.1 KiB Raw Blame History

Enable Pod Security Policy Checking

1.1 KiB

Raw Blame History