Why is my PodSecurityPolicy applied even if I don't have access?
问题 I have two PodSecurityPolicy: 000-privileged (only kube-system service accounts and admin users) 100-restricted (everything else) I have a problem with their assignment to pods. First policy binding: kind: ClusterRole apiVersion: rbac.authorization.k8s.io/v1 metadata: name: psp:privileged rules: - apiGroups: - extensions resources: - podsecuritypolicies resourceNames: - 000-privileged verbs: - use --- kind: RoleBinding apiVersion: rbac.authorization.k8s.io/v1 metadata: name: psp:privileged