How to restrict node information like memory info, cpu info and block devices info from application pods?
Issue
- If one does an
rsh
inside an application pod and tries to execute commands likelsblk
,free
,lscpu
, it is observed that the output of those commands shows the info of the node on which the pod is scheduled and the user is able to view the same. - Can one restrict the user from viewing this node information from application pods?
Environment
- Red Hat OpenShift Container Platform (OCP)
- 3.x
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.