-
Epic
-
Resolution: Unresolved
-
Normal
-
None
-
None
-
None
-
Enable developers to opt-in for Kata Container
-
False
-
False
-
To Do
-
OCPPLAN-8491 - Dev Tools and dev flows Integration
-
-
0
-
0%
-
Undefined
-
Not Supported
Problem:
Goal:
Why is it important?
Use cases:
- <case>
Acceptance criteria:
- <criteria>
Dependencies (External/Internal):
Design Artifacts:
Exploration:
Note:
OpenShift Docs: https://docs.openshift.com/container-platform/4.9/sandboxed_containers/understanding-sandboxed-containers.html
apiVersion: apiserver.config.k8s.io/v1
kind: AdmissionConfiguration
plugins:
- name: DefaultPodSecurity
configuration:
apiVersion: pod-security.admission.config.k8s.io/v1alpha1
kind: PodSecurityConfiguration
defaults:
enforce: "baseline"
enforce-version: "latest"
audit: "restricted"
audit-version: "latest"
warn: "restricted"
warn-version: "latest"
exemptions:
usernames: []
runtimeClassNames: []
namespaces: [kube-system]
CRD
There is a CRD - kataConfig as well as runtimeClassName ("kata') which will be present.
This is a cluster wide resource.
Example pod yaml
https://github.com/bpradipt/kata-demos/blob/main/webserver/web.yaml
runtimeClassName:
https://github.com/bpradipt/kata-demos/blob/main/webserver/web.yaml#L22
1.
|
Docs Tracker |
|
Closed | 
|
Unassigned |
2.
|
QE Tracker |
|
Closed |
|
Unassigned |
3.
|
TE Tracker |
|
Closed |
|
Unassigned |
