From 00aef564fd76691a99de65d11e3632506a0c6d36 Mon Sep 17 00:00:00 2001 From: Pramod Date: Wed, 14 Aug 2019 11:25:56 -0700 Subject: Adding Helm charts of MetalLB MetalLB is the loadbalancer for Kubernetes Issue-ID: MULTICLOUD-747 Signed-off-by: Pramod Change-Id: Ic07877234f9b0f80cb636f7b4e3c265b8be8a945 --- .../helm/servicemesh/metallb/templates/psp.yaml | 33 ++++++++++++++++++++++ 1 file changed, 33 insertions(+) create mode 100644 deployments/helm/servicemesh/metallb/templates/psp.yaml (limited to 'deployments/helm/servicemesh/metallb/templates/psp.yaml') diff --git a/deployments/helm/servicemesh/metallb/templates/psp.yaml b/deployments/helm/servicemesh/metallb/templates/psp.yaml new file mode 100644 index 00000000..891aeb60 --- /dev/null +++ b/deployments/helm/servicemesh/metallb/templates/psp.yaml @@ -0,0 +1,33 @@ +{{- if .Values.psp.create -}} + +apiVersion: policy/v1beta1 +kind: PodSecurityPolicy +metadata: + name: {{ template "metallb.fullname" . }}-speaker + labels: + heritage: {{ .Release.Service | quote }} + release: {{ .Release.Name | quote }} + chart: {{ template "metallb.chart" . }} + app: {{ template "metallb.name" . }} +spec: + hostNetwork: true + hostPorts: + - min: 7472 + max: 7472 + privileged: true + allowPrivilegeEscalation: false + allowedCapabilities: + - 'NET_ADMIN' + - 'NET_RAW' + - 'SYS_ADMIN' + volumes: + - '*' + fsGroup: + rule: RunAsAny + runAsUser: + rule: RunAsAny + seLinux: + rule: RunAsAny + supplementalGroups: + rule: RunAsAny +{{- end -}} -- cgit 1.2.3-korg