k8s-device-plugin icon indicating copy to clipboard operation
k8s-device-plugin copied to clipboard

Published 20 hours ago verified publisher icon NVIDIA

Daemonset container and initContainer can run only in privleged mode for daemonset-mps-control-daemon

Open kndoni opened this issue 8 months ago • 2 comments

Notes

Dear team.

I noticed following issue on daemonset-mps-control-daemon.yml. There is one container and initContainer that can run only in privileged mode true. But in security context when implementing security policies like for example with kyverno, privileged should be set to false by default and capabilities might be added.

Can you please take this issue in consideration. I have created one PR but I don't think the PR will solve this issue completely in mps daemonset

https://github.com/NVIDIA/k8s-device-plugin/pull/756

kndoni avatar Jun 11 '24 14:06 kndoni