Skip to content
This repository has been archived by the owner on Oct 29, 2021. It is now read-only.

Latest commit

 

History

History
55 lines (42 loc) · 2.54 KB

File metadata and controls

55 lines (42 loc) · 2.54 KB

[LAB] microk8s with pod security policies

Introduction

This laboratory is developed to have a first contact with the Pod Security Policies locally using microk8s.

LAB assumptions and requirements

This lab assumes you have basic knowledge about kubernetes, RBAC and basic linux commands and concepts. As a requirement, you must have installed (default installation) microk8s on your linux PC. Then enable the dns microk8s plugin: microk8s.enable dns.

To check that microk8s is running correctly, execute the following command, you should have an output like the one shown below:

$ sudo microk8s.inspect
Inspecting services
  Service snap.microk8s.daemon-docker is running
  Service snap.microk8s.daemon-apiserver is running
  Service snap.microk8s.daemon-proxy is running
  Service snap.microk8s.daemon-kubelet is running
  Service snap.microk8s.daemon-scheduler is running
  Service snap.microk8s.daemon-controller-manager is running
  Service snap.microk8s.daemon-etcd is running
  Copy service arguments to the final report tarball
Inspecting AppArmor configuration
Gathering system info
  Copy network configuration to the final report tarball
  Copy processes list to the final report tarball
  Copy snap list to the final report tarball
  Inspect kubernetes cluster

Building the report tarball
  Report tarball is at /var/snap/microk8s/383/inspection-report-20190123_110858.tar.gz

Guide

Notes

This is a laboratory and therefore may not function properly. It is designed to show the capabilities offered by pod security policies. Following this laboratory is enough to know at a high level the functionality of them.

Based on