kubernetes-csi-addons icon indicating copy to clipboard operation
kubernetes-csi-addons copied to clipboard
verified publisher icon csi-addons

Consider using NetworkPolicies to allow/deny access to the CSI-driver sidecar

Open Madhu-1 opened this issue 1 year ago • 1 comments

the kube-proxy container has a warning for insecure access https://github.com/kubernetes-sigs/kubebuilder/pull/3899, we need to adopt as per https://github.com/kubernetes-sigs/kubebuilder/blob/master/designs/discontinue_usage_of_kube_rbac_proxy.md

Madhu-1 avatar Aug 16 '24 05:08 Madhu-1

Fome rge summary:

Existing users are encouraged to switch to images hosted by the project on quay.io OR to adapt their projects to utilize Network Policies, following the updated scaffold guidelines.

NetworkPolicies would require additional configuration on the deployment by users. They need to open-up the port of the CSI-Addons sidecar that is running as part of their CSI-driver. This requires a bit more consideration than replacing the container-image repository.

nixpanic avatar Aug 16 '24 08:08 nixpanic