Merge "Add ovn4nfv addon helm chart"

2 files changed, 20 insertions, 0 deletions

diff --git a/kud/hosting_providers/containerized/inventory/group_vars/k8s-cluster.yml b/kud/hosting_providers/containerized/inventory/group_vars/k8s-cluster.yml
index 30e8bc42..7d0404a5 100644
--- a/kud/hosting_providers/containerized/inventory/group_vars/k8s-cluster.yml
+++ b/kud/hosting_providers/containerized/inventory/group_vars/k8s-cluster.yml
@@ -87,10 +87,20 @@ podsecuritypolicy_enabled: true
 #   allowedCapabilities:
 #     - '*'
 # by
+#  allowedCapabilities:
+#    - NET_ADMIN
+#    - SYS_ADMIN
+#    - SYS_NICE
+#    - SYS_PTRACE
 #   requiredDropCapabilities:
 #    - NET_RAW
 podsecuritypolicy_restricted_spec:
   privileged: true
+  allowedCapabilities:
+    - NET_ADMIN
+    - SYS_ADMIN
+    - SYS_NICE
+    - SYS_PTRACE
   allowPrivilegeEscalation: true
   volumes:
     - '*'
diff --git a/kud/hosting_providers/vagrant/inventory/group_vars/k8s-cluster.yml b/kud/hosting_providers/vagrant/inventory/group_vars/k8s-cluster.yml
index 8d4795be..7803f27a 100644
--- a/kud/hosting_providers/vagrant/inventory/group_vars/k8s-cluster.yml
+++ b/kud/hosting_providers/vagrant/inventory/group_vars/k8s-cluster.yml
@@ -84,10 +84,20 @@ podsecuritypolicy_enabled: true
 #   allowedCapabilities:
 #     - '*'
 # by
+#  allowedCapabilities:
+#    - NET_ADMIN
+#    - SYS_ADMIN
+#    - SYS_NICE
+#    - SYS_PTRACE
 #   requiredDropCapabilities:
 #    - NET_RAW
 podsecuritypolicy_restricted_spec:
   privileged: true
+  allowedCapabilities:
+    - NET_ADMIN
+    - SYS_ADMIN
+    - SYS_NICE
+    - SYS_PTRACE
   allowPrivilegeEscalation: true
   volumes:
     - '*'