Uploaded image for project: 'AMQ Broker'
  1. AMQ Broker
  2. ENTMQBR-7386

Document AMQ Broker Operator behavior wih regard to Pod Security Admission

XMLWordPrintable

    • Icon: Task Task
    • Resolution: Obsolete
    • Icon: Undefined Undefined
    • None
    • None
    • documentation
    • None
    • False
    • None
    • False

      Operator 7.10.2 will be available on OCP 4.12 that enforces Pod Security Admission (PSa).
      There are some new behaviors that need to be mentioned in the release notes:

      • User is not recommended to use default or other openshift pre-created namespaces to deploy the operator as those namespaces don't have proper PSa configurations.
      • * on OCP 4.11 the operator will give some warnings like:
      configmap/activemq-artemis-manager-config created
      W1031 11:43:02.427082  667463 warnings.go:70] would violate PodSecurity "restricted:v1.24": unrestricted capabilities (container "manager" must set securityContext.capabilities.drop=["ALL"]), seccompProfile (pod or container "manager" must set securityContext.seccompProfile.type to "RuntimeDefault" or "Localhost")
      deployment.apps/activemq-artemis-controller-manager created
      

      which is expected.

              jcliffor@redhat.com John Clifford
              gaohoward Howard Gao
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

                Created:
                Updated:
                Resolved: