Enabling PodSecurityPolicies

Now, let's try this with a cluster that can utilize PodSecurityPolicies. If you are using GKE, it is quite easy to create a cluster with PodSecurityPolicy enabled. Note you will need the Beta APIs enabled for this:

$ gcloud beta container clusters create [Cluster Name] --enable-pod-security-policy --zone=[Zone To Deply Cluster]
If you have an existing GKE cluster, you can enable it with a command similar to the preceding one. Simply replace the create keyword with update. For clusters created with kube-up, like we saw in Chapter 1, Introduction to Kubernetes, you'll need to enable the admission controller on the API server. Take a look here for more information: https://kubernetes.io/docs/concepts/policy/pod-security-policy/#enabling-pod-security-policies ...

Get Getting Started with Kubernetes - Third Edition now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.