Salt scripts for provisioning Kubernetes
No description set
- Download package
-
Checkout Package
osc -A https://api.opensuse.org checkout devel:CaaSP:Head:ControllerNode/kubernetes-salt && cd $_ - Create Badge
Refresh
Refresh
Source Files
| Filename | Size | Changed |
|---|---|---|
| _link | 0000000124 124 Bytes | |
| _service | 0000000614 614 Bytes | |
| kubernetes-salt.changes | 0000181232 177 KB | |
| kubernetes-salt.spec | 0000003047 2.98 KB | |
| master.tar.gz | 0000185078 181 KB |
Revision 360 (latest revision is 377)
Containers Team (containersteam)
committed
(revision 360)
new commit from concourse: Commit 8baefd4 by Panos Georgiadis drpaneas@gmail.com Run flannel in unprivileged mode (bsc#1121153 bsc#1121154) Fixes bsc#1121153 - High Security issue for Kubernetes: Flannel container runs in privileged mode This fix makes sure that flannel runs in unprivileged mode. This is done by changing the flannel manifests and also adding a new PSP policy that disables both privilege mode and privilege escallation. The new PSP activates 'NET_ADMIN' capability, hostNetwork and allowedHostPaths. _service kubernetes-salt.changes kubernetes-salt.spec master.tar.gz Fixes bsc#1121154 - High Security issue for Kubernetes: Flannel container has read/write access to /run, including docker.sock Change the path from '/run' into '/run/flannel' Co-authored-by: chentex <vzepedamas@suse.com> (cherry picked from commit 8216c9ce691c8174eb2fcd66a1a2fecc446ee106)
Comments 0