...
Code Block | ||
---|---|---|
| ||
kubectl apply -f dangerous-pod.yaml |
Docker for Desktop Setup - Doesn't Work
Enabling Pod Security Policies in Docker for Desktop
Code Block | ||
---|---|---|
| ||
docker run -it --privileged --pid=host debian nsenter -t 1 -m -u -n -i sh |
Code Block |
---|
Unable to find image 'debian:latest' locally
latest: Pulling from library/debian
172730635f67: Pull complete
Digest: sha256:e538a2f0566efc44db21503277c7312a142f4d0dedc5d2886932b92626104bff
Status: Downloaded newer image for debian:latest
/ #
/ #
/ # vi /etc/kubernetes/manifests/kube-apiserver.yaml |
Code Block |
---|
apiVersion: v1
kind: Pod
metadata:
annotations:
kubeadm.kubernetes.io/kube-apiserver.advertise-address.endpoint: 192.168.65.
creationTimestamp: null
labels:
component: kube-apiserver
tier: control-plane
name: kube-apiserver
namespace: kube-system
spec:
containers:
- command:
- kube-apiserver
- --advertise-address=192.168.65.4
- --allow-privileged=true
- --authorization-mode=Node,RBAC
- --client-ca-file=/run/config/pki/ca.crt
- --enable-admission-plugins=NodeRestriction,PodSecurityPolicy |
Restart Docker for DesktopYou should notice that it doesn't deploy. Now test some other installations and see what needs to be done to bypass.
References
Reference | URL |
---|---|
Using Minikube with Pod Security Policies | https://minikube.sigs.k8s.io/docs/tutorials/using_psp/ |
How to run a Minikube on Apple Silicon M1 | https://medium.com/@seohee.sophie.kwon/how-to-run-a-minikube-on-apple-silicon-m1-8373c248d669 |