[go: up one dir, main page]
Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

More 1.8 docs #643

Merged
merged 18 commits into from
Oct 11, 2022
Merged

More 1.8 docs #643

Changes from 1 commit
Commits
Show all changes
18 commits
Select commit Hold shift + click to select a range
0ee33ba
add initial docs for YAML manifest validation
chipzoller Sep 18, 2022
f4aee9f
Merge branch 'main' into main
chipzoller Oct 6, 2022
3f7cea9
Merge branch 'kyverno:main' into main
chipzoller Oct 8, 2022
e384b90
add podSecurity docs
chipzoller Oct 8, 2022
4519702
add deprecation note to splitPolicyReport
chipzoller Oct 10, 2022
0af90ed
add container flags
chipzoller Oct 10, 2022
4c58a57
address podSecurity comments
chipzoller Oct 10, 2022
aa68c48
Remove unneeded note about annotation secrets
chipzoller Oct 10, 2022
1977a84
Merge branch 'kyverno:main' into main
chipzoller Oct 10, 2022
4f58bdc
catch up on all container flags
chipzoller Oct 10, 2022
ebff3fe
Kyverno compat update
chipzoller Oct 10, 2022
d7f9f47
update docs on aggregated clusterrole
chipzoller Oct 10, 2022
cca26f4
add OpenTelemetry docs from PR 546
chipzoller Oct 11, 2022
cb24eac
incorporate generate CLI docs from PR 603
chipzoller Oct 11, 2022
119bca2
correct auto-gen behavior for JSON patch mutations
chipzoller Oct 11, 2022
0e01f0b
fix match example
chipzoller Oct 11, 2022
0f3e6e7
add docs on cloning multiple resources
chipzoller Oct 11, 2022
1aadb39
add x509_decode docs
chipzoller Oct 11, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
add container flags 
Signed-off-by: Chip Zoller <chipzoller@gmail.com>
  • Loading branch information
@chipzoller
chipzoller committed Oct 10, 2022
commit 0af90edff4c7bf036727d6ea62ed38d98ceadf8e
6 changes: 4 additions & 2 deletions content/en/docs/Installation/_index.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -457,11 +457,13 @@ The following flags can also be used to control the advanced behavior of Kyverno
13. `clientRateLimitQPS`: configure the maximum QPS to the control plane from Kyverno. Uses the client default if zero. Example: `20`
14. `clientRateLimitBurst`: configure the maximum burst for throttling. Uses the client default if zero. Example: `50`
15. `webhookTimeout`: specifies the timeout for webhooks. After the timeout passes, the webhook call will be ignored or the API call will fail based on the failure policy. The timeout value must be between 1 and 30 seconds, defaults to 10s.
16. `autogenInternals`: New in Kyverno 1.7.0, this flag activates the (currently beta) [auto-generate](/docs/writing-policies/autogen/) rule calculation to not write to the `.spec` field of Kyverno policies. This is under construction and the behavior will change in the future. Set to `false` by default. Set to `true` to activate this ability.
16. `autogenInternals`: activates the [auto-generate](/docs/writing-policies/autogen/) rule calculation to not write to the `.spec` field of Kyverno policies. Set to `true` by default. Set to `false` to disable this ability.
17. `maxQueuedEvents`: defines the upper limit of events that are queued internally. Value is an integer.
18. `maxReportChangeRequests`: defines the number of RCRs that can be created in a given Namespace. When this threshold is reached, no further RCRs will be created and Kyverno will begin to start the clean-up process. This flag should be used when there is high churn rate in a cluster leading to PolicyReport exhaustion and excessive memory growth. Value is an integer.
19. `splitPolicyReport`: splits ClusterPolicyReports and PolicyReports into individual reports per policy rather than a single entity per cluster and per Namespace. Useful when having Namespaces with many resources which apply to policies. Value is boolean. Deprecated in 1.8 and will be removed in 1.9.
20. `kubeconfig`: specifies the Kubeconfig file to be used when overriding the API server to which Kyverno should communicate.
20. `protectManagedResources`: protects the Kyverno resources from being altered by anyone other than the Kyverno Service Account. Defaults to `false`. Set to `true` to enable.
21. `kubeconfig`: specifies the Kubeconfig file to be used when overriding the API server to which Kyverno should communicate.
22. `serverIP`: Like the `kubeconfig` flag, used when running Kyverno outside of the cluster which it serves.

### Policy Report access

Expand Down