Creating namespaces with pod security policy binding
You can create a namespace and bind it to a pod security policy with the IBM® Cloud Private console and the command line.
Create a namespace with pod security policy binding with the IBM Cloud Private console
Complete the following steps to create a new namespace and bind it to a pod security policy:
-
Log in to your IBM Cloud Private cluster as a cluster administrator.
-
From the navigation menu, click Manage > Namespaces.
-
Click the Create Namespace button.
-
In the Create Namespace dialog box, enter the name of the new namespace.
-
Click the Pod Security drop-down menu and select an existing pod security policy.
-
Click Create.
Using the command line
To create a namespace with pod security policy binding with the command line, complete the following steps:
-
Create a namespace. For example, create a
appsales
namespace. Run that following command:kubectl create namespace appsales
-
Bind the
ibm-anyuid-psp
PodSecurityPolicy to all service accounts in theappsales
namespace example. Run the following command:kubectl -n appsales create rolebinding ibm-anyuid-clusterrole-rolebinding --clusterrole=ibm-anyuid-clusterrole --group=system:serviceaccounts:appsales
A namespace is created with pod security policy bindings.