检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
beta.kubernetes.io/os 表示节点的操作系统 例如:linux,表示Linux操作系统 kubernetes.io/availablezone 表示节点所在区域的可用区 kubernetes.io/hostname 表示节点主机名称 os.architecture 表示节点处理器架构
metadata: name: repo-is-openpolicyagent spec: match: kinds: - apiGroups: [""] kinds: ["Pod"] namespaces: - "default"
K8sPSPProcMount metadata: name: psp-proc-mount spec: match: kinds: - apiGroups: [""] kinds: ["Pod"] parameters: procMount: Default
K8sExternalIPs metadata: name: external-ips spec: match: kinds: - apiGroups: [""] kinds: ["Service"] parameters: allowedIPs:
metadata: name: psp-forbidden-sysctls spec: match: kinds: - apiGroups: [""] kinds: ["Pod"] parameters: forbiddenSysctls:
metadata: name: psp-privileged-container spec: match: kinds: - apiGroups: [""] kinds: ["Pod"] excludedNamespaces: ["kube-system"]
psp-automount-serviceaccount-token-pod spec: match: kinds: - apiGroups: [""] kinds: ["Pod"] excludedNamespaces: ["kube-system"]
K8sPSPFSGroup metadata: name: psp-fsgroup spec: match: kinds: - apiGroups: [""] kinds: ["Pod"] parameters: rule: "MayRunAs"
metadata: name: all-must-have-owner spec: match: kinds: - apiGroups: [""] kinds: ["Namespace"] parameters: message: "All
K8sReplicaLimits metadata: name: replica-limits spec: match: kinds: - apiGroups: ["apps"] kinds: ["Deployment"] parameters: ranges:
name: container-must-have-requests spec: match: kinds: - apiGroups: [""] kinds: ["Pod"] parameters: cpu: "200m"
container-image-must-not-have-latest-tag spec: match: kinds: - apiGroups: [""] kinds: ["Pod"] namespaces: - "default"
metadata: name: psp-flexvolume-drivers spec: match: kinds: - apiGroups: [""] kinds: ["Pod"] parameters: allowedFlexVolumes:
K8sPSPAppArmor metadata: name: psp-apparmor spec: match: kinds: - apiGroups: [""] kinds: ["Pod"] parameters: allowedProfiles:
metadata: name: psp-host-filesystem spec: match: kinds: - apiGroups: [""] kinds: ["Pod"] parameters: allowedHostPaths:
quests-memory-limits-and-requests spec: match: kinds: - apiGroups: [""] kinds: ["Pod"] parameters: limits: -
K8sPSPSELinuxV2 metadata: name: psp-selinux-v2 spec: match: kinds: - apiGroups: [""] kinds: ["Pod"] parameters: allowedSELinuxOptions:
metadata: name: must-have-probes spec: match: kinds: - apiGroups: [""] kinds: ["Pod"] parameters: probes: ["readinessProbe"
算、网络、存储等资源划分成多个集群。一个Region中的多个AZ间通过高速光纤相连,以满足用户跨AZ构建高可用性系统的需求。 项目 区域默认对应一个项目,这个项目由系统预置,用来隔离物理区域间的资源(计算资源、存储资源和网络资源),以默认项目为单位进行授权,用户可以访问您账号中该
VPN网关 互联子网 用于VPN网关和VPC通信,不能和VPC已有子网重叠 10.188.2.0/24 EIP地址 EIP地址在购买EIP时由系统自动生成,无需填写,VPN网关默认使用2个EIP。本示例假设EIP地址生成如下: 主EIP:11.xx.xx.11 备EIP:11.xx.xx
长按/截图保存,微信识别二维码
或者关注公众号“华为云”
