mirror of
https://github.com/rancher/rancher-docs.git
synced 2026-05-04 12:13:19 +00:00
Billy Tat
1.9 KiB
1.9 KiB
title, weight
| title | weight |
|---|---|
| Pod Security Policies | 5600 |
These cluster options are only available for clusters in which Rancher has launched Kubernetes.
You can always assign a pod security policy (PSP) to an existing project if you didn't assign one during creation.
Prerequisites
- Create a Pod Security Policy within Rancher. Before you can assign a default PSP to an existing project, you must have a PSP available for assignment. For instruction, see Creating Pod Security Policies.
- Assign a default Pod Security Policy to the project's cluster. You can't assign a PSP to a project until one is already applied to the cluster. For more information, see the documentation about adding a pod security policy to a cluster.
Applying a Pod Security Policy
- In the upper left corner, click ☰ > Cluster Management.
- On the Clusters page, go to the cluster where you want to move a namespace and click Explore.
- Click Cluster > Projects/Namespaces.
- Find the project that you want to add a PSP to. From that project, select ⋮ > Edit Config.
- From the Pod Security Policy drop-down, select the PSP you want to apply to the project. Assigning a PSP to a project will:
- Override the cluster's default PSP.
- Apply the PSP to the project.
- Apply the PSP to any namespaces you add to the project later.
- Click Save.
Result: The PSP is applied to the project and any namespaces added to the project.
Note: Any workloads that are already running in a cluster or project before a PSP is assigned will not be checked to determine if they comply with the PSP. Workloads would need to be cloned or upgraded to see if they pass the PSP.