Red Hat Training

A Red Hat training course is available for OpenShift Container Platform

32.4. 为自定义Seccomp 配置集配置 OpenShift Container Platform

确保集群中的 pod 使用自定义配置集运行:

  1. seccomp-profile-root 中创建 seccomp 配置集。

  2. 配置 seccomp-profile-root

    kubeletArguments:
  seccomp-profile-root:
    - "/your/path"

  3. 重启节点服务以应用更改: 

    # systemctl restart atomic-openshift-node

  4. 配置 SCC: 

    seccompProfiles:
- localhost/<profile-name>