No description
| api-deployment.yaml | ||
| api-ingress.yaml | ||
| api-service.yaml | ||
| instalaEjemplo.sh | ||
| instalaKyverno.sh | ||
| namespace.yaml | ||
| policy-deployment.yaml | ||
| policy-namespace.yaml | ||
| policy-service.yaml | ||
| README.md | ||
| ui-deploymen.yaml | ||
| ui-service.yaml | ||
Kyverno
Instalar Kyverno
Lanzar la shell
instalaKyverno.sh
Ejemplos
Lanzar la shell
instalaEjemplo.sh
Proteger todos los namespaces
kubectl create -f policy-namespace.yaml
Probar configuración
kubectl --dry-run=server delete ns test
lo de
--dry-run=serveres para probar pero sin hacer nada realmente
Resultado:
Error from server: admission webhook "validate.kyverno.svc-fail" denied the request:
resource Namespace//test was blocked due to the following policies
block-ns-updates-deletes:
block-updates-deletes: This resource is protected and changes are not allowed. Please
seek a cluster-admin.