diff options
Diffstat (limited to 'kud/hosting_providers/vagrant')
-rw-r--r-- | kud/hosting_providers/vagrant/inventory/group_vars/k8s-cluster.yml | 10 | ||||
-rwxr-xr-x | kud/hosting_providers/vagrant/setup.sh | 3 |
2 files changed, 11 insertions, 2 deletions
diff --git a/kud/hosting_providers/vagrant/inventory/group_vars/k8s-cluster.yml b/kud/hosting_providers/vagrant/inventory/group_vars/k8s-cluster.yml index 8d4795be..7803f27a 100644 --- a/kud/hosting_providers/vagrant/inventory/group_vars/k8s-cluster.yml +++ b/kud/hosting_providers/vagrant/inventory/group_vars/k8s-cluster.yml @@ -84,10 +84,20 @@ podsecuritypolicy_enabled: true # allowedCapabilities: # - '*' # by +# allowedCapabilities: +# - NET_ADMIN +# - SYS_ADMIN +# - SYS_NICE +# - SYS_PTRACE # requiredDropCapabilities: # - NET_RAW podsecuritypolicy_restricted_spec: privileged: true + allowedCapabilities: + - NET_ADMIN + - SYS_ADMIN + - SYS_NICE + - SYS_PTRACE allowPrivilegeEscalation: true volumes: - '*' diff --git a/kud/hosting_providers/vagrant/setup.sh b/kud/hosting_providers/vagrant/setup.sh index db6a732c..7251872a 100755 --- a/kud/hosting_providers/vagrant/setup.sh +++ b/kud/hosting_providers/vagrant/setup.sh @@ -11,7 +11,7 @@ set -o nounset set -o pipefail -vagrant_version=2.2.4 +vagrant_version=2.2.14 if ! vagrant version &>/dev/null; then enable_vagrant_install=true else @@ -94,7 +94,6 @@ case ${ID,,} in ;; ubuntu|debian) - libvirt_group="libvirtd" INSTALLER_CMD="sudo -H -E apt-get -y -q=3 install" packages+=(python-dev) |