Uploaded image for project: 'OpenShift Bugs'
  1. OpenShift Bugs
  2. OCPBUGS-20277

Edited multus-admission-controller deployment config to not add automountServiceAccountToken

XMLWordPrintable

    • Moderate
    • No
    • Rejected
    • False
    • Hide

      None

      Show
      None

      Description of problem: Our control plane security requires that cluster master pods not automount service acount tokens unless absolutely necessary.

      Version-Release number of selected component (if applicable):

       

      How reproducible:

       

      Steps to Reproduce:

      1. Retrieved the deployment files for both cluster-node-tuning-operator and multus-admission-controller
      2. Add the automountServiceAccountToken: false field
      3. Apply them again under the master namespace

      Actual results:

      automountServiceAccountToken: false

      Expected results:

      automountServiceAccountToken: false

      Additional info:

       

            cpeterssonibm Carl Petersson (Inactive)
            cpeterssonibm Carl Petersson (Inactive)
            Weibin Liang Weibin Liang
            Votes:
            0 Vote for this issue
            Watchers:
            6 Start watching this issue

              Created:
              Updated:
              Resolved: