I want to create namespaces in IBM Cloud Private 3.1.1 using the cli. These namespaces need to be associated with pod security policies. I don't see this as a documented capability in the cloudctl commandline.
Asked
Active
Viewed 320 times
2 Answers
1
You can refer to namespace creating in management console. Once you create a new namespace with ibm-privileged-psp, the rolebinding=ibm-privileged-clusterrole-rolebinding will be created in the new namespace. Also you create another new namespace and rolebinding refer to this define with kubectl, the new namespace with your PSP will be enabled in kubectl.
Steve Lee
- 11
- 2
1
You can refer below ICP documentation to add the PSP to a namespace by CLI. https://www.ibm.com/support/knowledgecenter/SSBS6K_3.1.1/user_management/psp_addbind_ns.html
The command likes below:
kubectl -n appsales create rolebinding ibm-anyuid-clusterrole-rolebinding --clusterrole=ibm-anyuid-clusterrole --group=system:serviceaccounts:appsales
Or you can refer below ICP documentation for more details. https://www.ibm.com/support/knowledgecenter/SSBS6K_3.1.1/app_center/nd_helm.html
Happy new year.
AsirXing
- 706
- 6
- 3