Uploaded image for project: 'OpenShift Migration Toolkit for Containers'
  1. OpenShift Migration Toolkit for Containers
  2. MIG-1691

PSA labels should be called out explicitely in the docs

XMLWordPrintable

    • False
    • Hide

      None

      Show
      None
    • False
    • ToDo
    • Important

      This documentation section should have these PSA labels explicitly called out since you can not run the rsync as a root without them: https://docs.openshift.com/container-platform/4.17/migration_toolkit_for_containers/mtc-direct-migration-requirements.html#ocp-running-rsync-root-or-non-root_mtc-direct-migration-requirements

      Here are the required labels:

          "pod-security.kubernetes.io/enforce": "privileged",
    "pod-security.kubernetes.io/audit": "privileged",
    "pod-security.kubernetes.io/warn": "privileged"

      The current version describes the labels but doesn’t explain how to set them:

      In both cases, you must set the following labels on the source side of any namespaces that are running workloads with higher privileges before migration: enforce, audit, and warn.
To learn more about Pod Security Admission and setting values for labels, see Controlling pod security admission synchronization.

        1. image-2025-02-06-15-25-53-198.png
          image-2025-02-06-15-25-53-198.png
          56 kB

              rhn-support-anarnold A Arnold
              rhn-support-asadawar Abhijeet Sadawarte
              Sachin Singla Sachin Singla
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Created:
                Updated: