-
Notifications
You must be signed in to change notification settings - Fork 306
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Question]Pod security policy deprecation #2077
Comments
Hi mo-saeed, AKS bot here 👋 I might be just a bot, but I'm told my suggestions are normally quite good, as such:
|
Triage required from @Azure/aks-pm |
Action required from @Azure/aks-pm |
@ruchikaguptaa, @az-policy-kube would you be able to assist? Issue DetailsHi Guys, in here it's written that pod security policy will not be longer available after May 31st but based on Kubernetes up-stream kubernetes/enhancements#5 (comment) PSP will be removed in kubernetes 1.25 so the question is, will PSP in AKS still usable after May 31st and till 1.25 release? Thanks
|
@az-policy-kube would you be able to assist? |
@mo-saeed we will be pushing the deprecation date to 06.30.2021. So you can continue to use PSP until that date. After that you will need to use Azure Policy. I am in the process of updating the document to reflect that date as well. |
@miwithro Thank you for your reply but that doesn't answer my question, even if AKS deprecates PSP will we still be able to use it in our cluster till it's deprecated in the upstream? |
No you will not. |
@miwithro can you clarify on this please: How do I need to understand this: I was in a discussion with the Azure Support and I understood it will stop working only after upgrade to specific Kubernetes version or newly created cluster. |
Hello, After pod security policy (preview) is deprecated, you must disable the feature on any existing clusters using the deprecated feature to perform future cluster upgrades and stay within Azure support. So in short, they can continue to use as long as they don’t upgrade. |
Thank you for the clarification. |
Action required from @Azure/aks-pm |
We have updated our guidance around Pod Security Policies: Pod security policy (preview), will begin deprecation with Kubernetes version 1.21, with its removal in version 1.25. As Kubernetes Upstream approaches that milestone, the Kubernetes community will be working to document viable alternatives. The previous deprecation announcement was made at the time as there was not a viable option for customers. Now that the Kubernetes community is working on an alternative, there no longer is a pressing need to deprecate ahead of Kubernetes. https://docs.microsoft.com/en-us/azure/aks/use-pod-security-policies |
Thanks for reaching out. I'm closing this issue as it was marked with "Answer Provided" and it hasn't had activity for 2 days. |
Hi Guys,
in here it's written that pod security policy will not be longer available after May 31st but based on Kubernetes up-stream kubernetes/enhancements#5 (comment) PSP will be removed in kubernetes 1.25 so the question is, will PSP in AKS still usable after May 31st and till 1.25 release?
Thanks
The text was updated successfully, but these errors were encountered: