...
| Code Block | ||||||
|---|---|---|---|---|---|---|
| ||||||
$ kubectl create -f psp.yaml podsecuritypolicy.policy/rook-nfs-policy created # To get it $ kubectl get psp NAME PRIV CAPS SELINUX RUNASUSER FSGROUP SUPGROUP READONLYROOTFS VOLUMES rook-nfs-policy true DAC_READ_SEARCH,SYS_RESOURCE RunAsAny RunAsAny RunAsAny RunAsAny false configMap,downwardAPI,emptyDir,persistentVolumeClaim,secret,hostPath |
| Info | ||
|---|---|---|
| ||
Pod Security Policies (PSP) enable fine-grained authorization of Pod creation and updates. It is a cluster-level resource that controls security sensitive aspects of the Pod specification. The PSP objects define a set of conditions that a Pod must run with in order to be accepted into the system, as well as defaults for the related fields. |
Before we create NFS Server we need to create ServiceAccount and RBAC rules
...