DevFW-CICD/ingress-nginx-helm
12
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
ingress-nginx-helm/docs/examples/psp
History
Andrew Konrath beca7f21e4 Added role binding for 'ingress-nginx-admission' to PSP example (#6018)
2020-11-12 14:05:29 -06:00
..
psp.yaml Added role binding for 'ingress-nginx-admission' to PSP example (#6018) 2020-11-12 14:05:29 -06:00
README.md Release 0.31.1 2020-04-27 10:43:23 -04:00

README.md

Pod Security Policy (PSP)

In most clusters today, by default, all resources (e.g. Deployments and ReplicatSets) have permissions to create pods. Kubernetes however provides a more fine-grained authorization policy called Pod Security Policy (PSP).

PSP allows the cluster owner to define the permission of each object, for example creating a pod. If you have PSP enabled on the cluster, and you deploy ingress-nginx, you will need to provide the Deployment with the permissions to create pods.

Before applying any objects, first apply the PSP permissions by running:

kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/master/docs/examples/psp/psp.yaml

Note: PSP permissions must be granted before to the creation of the Deployment and the ReplicaSet.