PSA: PodSecurity graduated to beta for 1.23, beta admission webhook available now

35 views
Skip to first unread message

Jordan Liggitt

unread,
Nov 4, 2021, 8:59:30 AM11/4/21
to kubernetes-...@googlegroups.com, kubernetes-sig-auth
For those who are interested, the PodSecurity feature has graduated to beta and will be enabled by default in Kubernetes 1.23. You can start a development cluster from kubernetes/kubernetes master to try it out now.

If you want to try the feature on an older cluster, the standalone admission webhook version has also been updated, and is available at https://git.k8s.io/pod-security-admission/webhook. To set up the admission webhook version:

cd pod-security-admission/webhook
make certs
kubectl apply -k .

To remove the webhook once you're done trying it out (or once the cluster is upgraded to a version with the built-in admission plugin enabled), delete the same manifests used to create it:

kubectl delete -k .

As always, early feedback is appreciated. Feel free to jump into #sig-auth slack with questions, or file issues you encounter (tag with `/sig auth`).

Many thanks to all who helped with the definition, implementation, and reviews for this!

Jordan
Reply all
Reply to author
Forward
0 new messages