![]() ![]() ![]() When using the annotations method, you should redeploy the Pods or services after saving the changes to the configuration files by using the kubectl apply command. Navigate to metadata: > annotations. If annotations: does not exist, create an annotations: section underneath metadata.Apply the change using kubectl commands.The following Illumio label key fields can be under the annotations: section. Navigate to spec: > template: > metadata: > annotations. If annotations: does not exist, create an annotations: section underneath metadata.Edit the deployment configuration file:.To manually annotate the different resources created in a Kubernetes namespace or OpenShift project, use the steps described in the sections below. Regardless of how you assign labels, it is not required for Pods or services to have all labels in order for the PCE to manage them. This security mechanism ensures that a malicious actor cannot spoof labels and get a preferential security policy based on a different scope. If there is a conflict between a label assigned via the Container Workload Profile and the annotations in the deployment configuration, the label from the Container Workload Profile will override the deployment configuration file. If there is a label which is not assigned, then you can insert annotations in the deployment configuration (or application configuration) to assign labels. When assigning labels, you can assign no labels, some labels, or all labels to the namespace. ![]()
0 Comments
Leave a Reply. |