This message was deleted Rancher Users #general

Join Slack

This message was deleted.

# general

adamant-kite-43734

05/05/2023, 7:22 PM

This message was deleted.

brainy-printer-12087

05/08/2023, 9:40 AM

you can either not allow the deployment by project/namespace or simply hide system namespaces from the preferences

brainy-printer-12087

05/08/2023, 9:41 AM

in the latest version I’ve filtered out them pretty much like on the top

hundreds-evening-84071

05/08/2023, 10:04 PM

sorry - a newbie follow up question... do you have an example on where I can set the same filter(s)?

brainy-printer-12087

05/09/2023, 7:52 AM

If is a single user case and you can simply hint to disable it, hide the system namespaces is the easiest way

brainy-printer-12087

05/09/2023, 7:55 AM

if instead you are configuring the users, you can sets some restrictions in the namespace or in the cluster, depends by yours needs

hundreds-evening-84071

05/09/2023, 6:49 PM

Thank you!

acoustic-sugar-94270

05/09/2023, 6:53 PM

Maybe late to the party… But since you are checking out NeuVector, yes, you can set admission control filters to block deployments to specific namespaces..

acoustic-sugar-94270

05/09/2023, 6:55 PM

The “monitor” mode won’t block the image, but will report that it was violating the admission control rule… In “protect” mode, the image will not be allowed to schedule in the cluster (blocked)

👏 1

hundreds-evening-84071

05/09/2023, 7:03 PM

this is fantastic! I did try above filter with default namespace. For setting same filter on kube-system and cattle-system would it still allow future kubernetes upgrades which would update things in kube-system?

4 Views

Open in Slack

Previous Next