Class BaselinePodSecurityProvider
java.lang.Object
io.strimzi.plugin.security.profiles.impl.BaselinePodSecurityProvider
- All Implemented Interfaces:
PodSecurityProvider
- Direct Known Subclasses:
RestrictedPodSecurityProvider
The default implementation of the PodSecurityProvider. It implements the Baseline Kubernetes security profile.
-
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionvoidconfigure(PlatformFeatures platformFeatures) A method called first to initiate the provider.io.fabric8.kubernetes.api.model.PodSecurityContextProvides the Pod security context for the Kafka pods.io.fabric8.kubernetes.api.model.PodSecurityContextProvides the Pod security context for the ZooKeeper pods.Methods inherited from class java.lang.Object
equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, waitMethods inherited from interface io.strimzi.plugin.security.profiles.PodSecurityProvider
bridgeContainerSecurityContext, bridgeInitContainerSecurityContext, bridgePodSecurityContext, cruiseControlContainerSecurityContext, cruiseControlPodSecurityContext, entityOperatorPodSecurityContext, entityOperatorTlsSidecarContainerSecurityContext, entityTopicOperatorContainerSecurityContext, entityUserOperatorContainerSecurityContext, jmxTransContainerSecurityContext, jmxTransPodSecurityContext, kafkaConnectBuildContainerSecurityContext, kafkaConnectBuildPodSecurityContext, kafkaConnectContainerSecurityContext, kafkaConnectInitContainerSecurityContext, kafkaConnectPodSecurityContext, kafkaContainerSecurityContext, kafkaExporterContainerSecurityContext, kafkaExporterPodSecurityContext, kafkaInitContainerSecurityContext, kafkaMirrorMakerContainerSecurityContext, kafkaMirrorMakerPodSecurityContext, zooKeeperContainerSecurityContext
-
Constructor Details
-
BaselinePodSecurityProvider
public BaselinePodSecurityProvider()
-
-
Method Details
-
configure
Description copied from interface:PodSecurityProviderA method called first to initiate the provider. It is always called before any of the other methods for providing security context are called. This method can be used to preconfigure the provider based on the platform it is running on. But it can also configure the provider based on information from additional sources (for example environment variables).- Specified by:
configurein interfacePodSecurityProvider- Parameters:
platformFeatures- Describes the platform we are running on and the features it provides
-
zooKeeperPodSecurityContext
public io.fabric8.kubernetes.api.model.PodSecurityContext zooKeeperPodSecurityContext(PodSecurityProviderContext context) Description copied from interface:PodSecurityProviderProvides the Pod security context for the ZooKeeper pods. The default implementation just returns the security context configured by the user in the template section or null (no Pod security context).- Specified by:
zooKeeperPodSecurityContextin interfacePodSecurityProvider- Parameters:
context- Provides the context which can be used to generate the Pod security context- Returns:
- Pod security context which will be set for the ZooKeeper pods
-
kafkaPodSecurityContext
public io.fabric8.kubernetes.api.model.PodSecurityContext kafkaPodSecurityContext(PodSecurityProviderContext context) Description copied from interface:PodSecurityProviderProvides the Pod security context for the Kafka pods. The default implementation just returns the security context configured by the user in the template section or null (no Pod security context).- Specified by:
kafkaPodSecurityContextin interfacePodSecurityProvider- Parameters:
context- Provides the context which can be used to generate the Pod security context- Returns:
- Pod security context which will be set for the Kafka pods
-