Aleksandra Fedorova :fedora: on Nostr: So many third-party applications rely on cluster-admin privileges to be deployed to ...
So many third-party applications rely on cluster-admin privileges to be deployed to Kubernetes.
No, your Helm charts must not create new namespaces, they must not require "privileged" security context, they can not rely on the availability of the admin storage API..
The whole point of having a cloud infra is that a regular user of the infrastructure does not need to access the admin layer.
If I have to be admin to deploy an app, the app is not cloud-ready and I'll better deploy it on a vm.
No, your Helm charts must not create new namespaces, they must not require "privileged" security context, they can not rely on the availability of the admin storage API..
The whole point of having a cloud infra is that a regular user of the infrastructure does not need to access the admin layer.
If I have to be admin to deploy an app, the app is not cloud-ready and I'll better deploy it on a vm.