How to restrict node information like memory info, cpu info and block devices info from application pods?

Solution Verified - Updated -

Issue

  • If one does an rsh inside an application pod and tries to execute commands like lsblk, free,lscpu, it is observed that the output of those commands shows the info of the node on which the pod is scheduled and the user is able to view the same.
  • Can one restrict the user from viewing this node information from application pods?

Environment

  • Red Hat OpenShift Container Platform (OCP)
    • 3.x

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content