Pod Security Policies (PSP) are used on Kubernetes clusters to enable granular authorization of pod creation and to control security aspects of pods. PodSecurityPolicy objects define the conditions for a pod to be accepted into the cluster and run as expected.
In this section, we will cover the recreation and configuration of PSPs on Kubernetes.
Make sure you have an RBAC-enabled Kubernetes cluster ready (since Kubernetes 1.6, RBAC is enabled by default) and kubectl and helm configured to manage the cluster resources.
Clone the k8sdevopscookbook/src repository to your workstation to use the manifest files in the chapter9 directory, as follows:
$ git clone https://github.com/k8sdevopscookbook/src.git
$ cd src/chapter9/psp
Verify if PodSecurityPolicy needs to be enabled on your cluster by running the kubectl get psp command. If you get a message stating the server doesn't have a resource type "podSecurityPolicies"., then PSP...