sigs.k8s.io/seccomp-operator@v0.1.0/README.md

sigs.k8s.io/seccomp-operator@v0.1.0/README.md (about)

     1  # Kubernetes Seccomp Operator
     2  
     3  This project is the starting point for the _Seccomp Operator_, an out-of-tree
     4  Kubernetes enhancement which aims to make managing and applying seccomp profiles
     5  more easy and straight forward in Kubernetes.
     6  
     7  - [Testgrid Dashboard](https://testgrid.k8s.io/sig-node-seccomp-operator)
     8  - [Installation and Usage](installation-usage.md)
     9  - [Container Images](https://console.cloud.google.com/gcr/images/k8s-staging-seccomp-operator/GLOBAL/seccomp-operator)
    10  
    11  ## About
    12  
    13  The motivation behind the project can be found in the corresponding [RFC][0].
    14  
    15  [0]: RFC.md
    16  
    17  Related Kubernetes Enhancement Proposals (KEPs) which have direct influence on
    18  this project:
    19  
    20  - [Promote seccomp to GA][1]
    21  - [Add ConfigMap support for seccomp custom profiles][2]
    22  - [Add KEP to create seccomp built-in profiles and add complain mode][3]
    23  
    24  Next to those KEPs, here are existing approaches for security profiles in
    25  the Kubernetes world:
    26  
    27  - [AppArmor Loader][4]
    28  - [OpenShift's Machine config operator, in charge of file management and security profiles on hosts][5]
    29  - [seccomp-config][6]
    30  
    31  [1]: https://github.com/kubernetes/enhancements/pull/1148
    32  [2]: https://github.com/kubernetes/enhancements/pull/1269
    33  [3]: https://github.com/kubernetes/enhancements/pull/1257
    34  [4]: https://github.com/kubernetes/kubernetes/tree/c30da3839c8e13fdff59ef5115e982362b2c90ed/test/images/apparmor-loader
    35  [5]: https://github.com/openshift/machine-config-operator/tree/master/docs
    36  [6]: https://github.com/UKHomeOffice/seccomp-config
    37  
    38  The project tries to not overlap with those existing implementations to provide
    39  valuable additions in a more secure Kubernetes context. We created a [MindMup
    40  Mind-Map][7] to get a better feeling about the current situation around the
    41  operator and seccomp support in Kubernetes in general:
    42  
    43  ![mind-map](.github/mindmap.svg)
    44  
    45  [7]: https://app.mindmup.com
    46  
    47  ## Community, discussion, contribution, and support
    48  
    49  Learn how to engage with the Kubernetes community on the [community
    50  page](http://kubernetes.io/community/).
    51  
    52  You can reach the maintainers of this project at:
    53  
    54  - [Slack #seccomp-operator](https://app.slack.com/client/T09NY5SBT/C013FQNB0A2)
    55  - [Mailing List](https://groups.google.com/forum/#!forum/kubernetes-dev)
    56  
    57  ### Code of conduct
    58  
    59  Participation in the Kubernetes community is governed by the [Kubernetes Code of
    60  Conduct](code-of-conduct.md).
    61  
    62  [owners]: https://git.k8s.io/community/contributors/guide/owners.md
    63  [creative commons 4.0]: https://git.k8s.io/website/LICENSE