Uploaded image for project: 'OpenShift Request For Enhancement'
  1. OpenShift Request For Enhancement
  2. RFE-1836

Add AllowedHostPaths to OpenShift SCC

    XMLWordPrintable

Details

    • 0
    • 0% 0%

    Description

      Add AllowedHostPaths to OpenShift SCC

      Goal: Have possibility for some PODs to mount host paths, but limited to specific ones, in best case also limit access type (readOnly/readWrite) - the same as in upstream kubernetes PodSecurityPolicy:

      https://kubernetes.io/docs/concepts/policy/pod-security-policy/#volumes-and-file-systems

       
      I searched Google, our documentation, internal mailing lists, bugzilla and our RFE process and there seems to be no equivalent of AllowedHostPaths in SCC.

      Instead of using hostPath, I recommend the use of local volumes which allow a better level of control: https://docs.openshift.com/container-platform/4.5/storage/persistent_storage/persistent-storage-local.html

      However, at this time, we already had requests from 2 different customers for AllowedHostPaths in SCC.

      Attachments

        Activity

          People

            anachand Anandnatraj Chandramohan (Inactive)
            anachand Anandnatraj Chandramohan (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: