Uploaded image for project: 'OpenShift Request For Enhancement'
  1. OpenShift Request For Enhancement
  2. RFE-1115

[RFE] Add AllowedHostPaths to OpenShift SCC

XMLWordPrintable

      Add AllowedHostPaths to OpenShift SCC

      Goal: Have possibility for some PODs to mount host paths, but limited to specific ones, in best case also limit access type (readOnly/readWrite) - the same as in upstream kubernetes PodSecurityPolicy:

      https://kubernetes.io/docs/concepts/policy/pod-security-policy/#volumes-and-file-systems

       
      I searched Google, our documentation, internal mailing lists, bugzilla and our RFE process and there seems to be no equivalent of AllowedHostPaths in SCC.

      Instead of using hostPath, I recommend the use of local volumes which allow a better level of control: https://docs.openshift.com/container-platform/4.5/storage/persistent_storage/persistent-storage-local.html

      However, at this time, we already had requests from 2 different customers for AllowedHostPaths in SCC.

              anachand Anandnatraj Chandramohan (Inactive)
              akaris@redhat.com Andreas Karis
              Votes:
              5 Vote for this issue
              Watchers:
              11 Start watching this issue

                Created:
                Updated:
                Resolved: