Michael Fornaro
Michael Fornaro
`kube-seal` added by @onedr0p https://github.com/stefanprodan/kube-tools/pull/23
5.2.1 Minimize the admission of privileged containers This policy has been completed by virtue of the KubeSec benchmark https://github.com/raspbernetes/k8s-gitops/blob/master/policies/K.SEC.05.rego Even though there is double up might be worth just using...
Same situation with the following: 5.2.2 Minimize the admission of containers wishing to share the host process ID namespace https://github.com/raspbernetes/k8s-gitops/blob/master/policies/K.SEC.12.rego 5.2.3 Minimize the admission of containers wishing to share the...
@Newbsylberry is this still occurring? Where there any errors in the playbook execution? Is this also a single node cluster?
@Newbsylberry just confirming if this is still an occurring issue or if I can close this ticket?
We'll need to update this with the new control-plane/node PR to remove `master/worker` logic.
Yep, this is a good idea - we'll likely need to document to users to use arm64 architecture
Yep thanks for raising this I did run into this issue myself and had it in my list of TODOS.
This final issue will be caused due to this configuration https://github.com/raspbernetes/k8s-cluster-installation/blob/93df5197a7b647db481b56c2dfd4b0ad635192c1/ansible/group_vars/controlplane.yml#L16 You've done well to troubleshoot these issues, if you want to push a fix for the cilium feel free...
@RobReus @crutonjohn how did we wanna tackle some of these items, and which ones have we already fixed?