nginx-gateway-fabric icon indicating copy to clipboard operation
nginx-gateway-fabric copied to clipboard

Published 20 hours ago verified publisher icon nginxinc

CP/DP Split: Openshift support

Open sjberman opened this issue 7 months ago • 1 comments
trafficstars

Problem: Now that we have additional pods in the new architecture, we need the proper SecurityContextConstraints for running in Openshift.

Solution: Create an SCC for the cert-generator and an SCC for nginx data plane pods on startup. A Role and RoleBinding are created when deploying nginx to link to the SCC.

Testing: Verified that all objects are created and running with the proper permissions in OpenShift.

Closes #3064

Checklist

Before creating a PR, run through this checklist and mark each as complete.

  • [x] I have read the CONTRIBUTING doc
  • [x] I have added tests that prove my fix is effective or that my feature works
  • [x] I have checked that all unit tests pass after adding my changes
  • [ ] I have updated necessary documentation
  • [ ] I have rebased my branch onto main
  • [ ] I will ensure my PR is targeting the main branch and pulling from my branch from my own fork

Release notes

If this PR introduces a change that affects users and needs to be mentioned in the release notes, please add a brief note that summarizes the change.

sjberman avatar Apr 01 '25 19:04 sjberman