compliantkubernetes-apps
compliantkubernetes-apps copied to clipboard
elastisys
**What this PR does / why we need it**: rook network policies should be enabled only on env that are using rook-ceph. I propose to disabled them in the default...
**What this PR does / why we need it**: https://github.com/elastisys/compliantkubernetes-apps/issues/1287 **Which issue this PR fixes** *(use the format `fixes #(, fixes #, ...)` to automatically close the issue when PR...
**Describe the bug** The rook-ceph network policies fail wit the [new rook version](https://github.com/elastisys/compliantkubernetes-kubespray/tree/main/rook) **To Reproduce** Steps to reproduce the behaviour: 1. Install the new rook-ceph 2. Add the tolerations in...
**Describe the bug** fluentd is using a lot of CPU (up to 2) on ingress-nginx logs, but it doesn't manage to process them. It also keeps trying to ingest this...
**Is your feature request related to a problem? Please describe.** We currently do not have any network policies for the services/apps we install in ck8s. It is important to have...
**What this PR does / why we need it**: Network Policies for coredns, node-local-dns, dns-autoscaler, calico-accountant **Special notes for reviewer**: I have added the Calico IPIPTunnel ip's in the sc-nodes...
**Is your feature request related to a problem? Please describe.** We recently found that [warn](https://open-policy-agent.github.io/gatekeeper/website/docs/violations/#warn-enforcement-action) is an option for enforcement, which serves as a nice middle ground between deny and...
**Describe the bug** Since the upgrade of Opensearch/Opensearch dashboards in ck8s `v0.26` the users with the `alerting_full_access` role can no longer see notification channels. Seems like there was a new...
**What should be investigated.** What technology/product/concept should be investigated? Take a look [here](https://github.com/open-policy-agent/gatekeeper-library/tree/master/library/pod-security-policy) and try to setup these policies to act as a replacement for PSPs Since we think that...
**Is your feature request related to a problem? Please describe.** Compliant Kubernetes needs more troubleshooting scripts to help operators quickly figure out faults in an environment. We could use some...
