diff options
author | Kiran Kamineni <kiran.k.kamineni@intel.com> | 2019-08-20 22:56:28 +0000 |
---|---|---|
committer | Gerrit Code Review <gerrit@onap.org> | 2019-08-20 22:56:28 +0000 |
commit | 644c005d9f434ec5400e8f74b7456dfc419f74b0 (patch) | |
tree | 048ba354d39412da87c43c760b606f688aaa52bf /deployments/helm/servicemesh/metallb/templates/psp.yaml | |
parent | 177d3560420953f7cd0dcecfc2b2701ac44244da (diff) | |
parent | 00aef564fd76691a99de65d11e3632506a0c6d36 (diff) |
Merge "Adding Helm charts of MetalLB"
Diffstat (limited to 'deployments/helm/servicemesh/metallb/templates/psp.yaml')
-rw-r--r-- | deployments/helm/servicemesh/metallb/templates/psp.yaml | 33 |
1 files changed, 33 insertions, 0 deletions
diff --git a/deployments/helm/servicemesh/metallb/templates/psp.yaml b/deployments/helm/servicemesh/metallb/templates/psp.yaml new file mode 100644 index 00000000..891aeb60 --- /dev/null +++ b/deployments/helm/servicemesh/metallb/templates/psp.yaml @@ -0,0 +1,33 @@ +{{- if .Values.psp.create -}} + +apiVersion: policy/v1beta1 +kind: PodSecurityPolicy +metadata: + name: {{ template "metallb.fullname" . }}-speaker + labels: + heritage: {{ .Release.Service | quote }} + release: {{ .Release.Name | quote }} + chart: {{ template "metallb.chart" . }} + app: {{ template "metallb.name" . }} +spec: + hostNetwork: true + hostPorts: + - min: 7472 + max: 7472 + privileged: true + allowPrivilegeEscalation: false + allowedCapabilities: + - 'NET_ADMIN' + - 'NET_RAW' + - 'SYS_ADMIN' + volumes: + - '*' + fsGroup: + rule: RunAsAny + runAsUser: + rule: RunAsAny + seLinux: + rule: RunAsAny + supplementalGroups: + rule: RunAsAny +{{- end -}} |