intel-device-plugins-for-kubernetes icon indicating copy to clipboard operation
intel-device-plugins-for-kubernetes copied to clipboard

Published 20 hours ago verified publisher icon intel

document PodSecurity admission settings

Open mythi opened this issue 3 years ago • 1 comments

kubernetes 1.24 turns on PodSecurity admission on by default. Our plugin deployments need hostPath mounts so the baseline policy fails by default.

We want to document how to comply with Pod Security Standards when using the plugins. https://kubernetes.io/docs/concepts/security/pod-security-admission/

mythi avatar May 18 '22 06:05 mythi

Our plugin deployments need hostPath mounts so the baseline policy fails by default.

Looks like the default configuration is not baseline after all but privileged so there's no immediate blocker for running the plugins with defaults. Closing.

mythi avatar Aug 31 '22 08:08 mythi