This message was deleted.
# generala
adamant-kite-43734
06/26/2024, 6:23 PMThis message was deleted.
c
creamy-pencil-82913
06/26/2024, 7:20 PMBecause the apiserver generally does not run as a pod in the cluster?
creamy-pencil-82913
06/26/2024, 7:21 PMOr when it does it usually runs with host network, so you need to allow the node IP
n
nice-businessperson-14225
06/27/2024, 1:44 PM@creamy-pencil-82913 I'm not sure I understand the nuance of what you're saying. the
kube-apiserverThe kube-apiserver entity represents the kube-apiserver in a Kubernetes cluster. This entity represents both deployments of the kube-apiserver: within the cluster and outside of the cluster.
c
creamy-pencil-82913
06/27/2024, 5:19 PMI suspect that using the kube-apiserver entity as the source in the policy was found to not work properly in some environments, otherwise we would have suggested that instead. I’m not sure though. Feel free to open an issue, I can see if someone on the team responsible for that component can comment.
n
nice-businessperson-14225
07/08/2024, 2:50 PMHi @creamy-pencil-82913, I opened an issue to clarify the matter and would be grateful if someone could take a look at it. Thanks, your help is much appreciated.
https://github.com/rancher/rancher/issues/46051
nice-businessperson-14225
09/20/2024, 2:30 PMHi @creamy-pencil-82913 I'm still looking into this. Would it still be possible to get someone on the team to comment?
3 Views