Node Tuning Operator on Openshift Container Platform
Node Tuning Operator
The Operator manages the containerized Tuned daemon for OpenShift as a Kubernetes DaemonSet.
It ensures custom tuning specification is passed to all containerized Tuned daemons running in the cluster in the format that the daemon...
Posted on September 17th, 2020
Audit Policy
It is a policy which allows events to to logged/recorded in the way we want.
The granularity can be defined in the policy definition for various resource types and could be namespaced as well.
Each event can be classified into the following stages:...
Posted on September 17th, 2020
Admission Controllers , Dynamic Webhooks and OPA Gatekeeper
This is a piece of software which intercepts all requests going to the kube-apiserver
after the request has been authorized and authenticated, but before the requested objects have persisted in the cluster.
To enable admission Controllers, we use th...
Posted on September 16th, 2020
Kubernetes Pod Security Policies and Openshift Security Context Constraints
The motivation for PSP is to being able to restrict or permit creation/deletion of K8s objects within a Cluster or a given Namespace.
The allowance of any creation is governed by the Admission Controller setting on the kube-apiserver. This can be see...
Posted on September 16th, 2020