Difference between revisions of "OpenShift Notes"
Jump to navigation
Jump to search
| Line 9: | Line 9: | ||
oc get pod --all-namespaces | awk '{print $2 " -n "$1}' | grep -v NAME | while read p ; do echo "======= pod $p" ; oc describe pod $p | grep scc: ; done | oc get pod --all-namespaces | awk '{print $2 " -n "$1}' | grep -v NAME | while read p ; do echo "======= pod $p" ; oc describe pod $p | grep scc: ; done | ||
; only show the interesting containers | ; only show the interesting containers | ||
| − | < | + | <bash> |
oc get pod --all-namespaces | awk '{print $2 " -n "$1}' | grep -v NAME | while read p | oc get pod --all-namespaces | awk '{print $2 " -n "$1}' | grep -v NAME | while read p | ||
do | do | ||
| Line 17: | Line 17: | ||
done | done | ||
done | column -t | done | column -t | ||
| − | </ | + | </bash> |
[[Category:OpenShift]] | [[Category:OpenShift]] | ||
[[Category:V4x]] | [[Category:V4x]] | ||
Revision as of 06:47, 2 April 2021
1 General
This is stuff I don't want to remember and don't want to forget! So I keep it here! BTW: I'm working with OKD current version (4.7)
2 Security
2.1 SCC Review
- Get a list with pods and their assigned scc
oc get pod --all-namespaces | awk '{print $2 " -n "$1}' | grep -v NAME | while read p ; do echo "======= pod $p" ; oc describe pod $p | grep scc: ; done
- only show the interesting containers
<bash> oc get pod --all-namespaces | awk '{print $2 " -n "$1}' | grep -v NAME | while read p do
oc describe pod $p | grep scc: | grep -v ": restricted" | while read perm do echo "$p -> $perm" done
done | column -t </bash>
