mirror of https://github.com/linkerd/linkerd2.git
2528e3d62d
`linkerd check` validates whether PSP's exist, and if the caller has the `NET_ADMIN` capability. This check was previously failing if `NET_ADMIN` was not found, even in the case where the PSP admission controller was not running. Related, `linkerd install` now includes a PSP, so `linkerd check` should also validate that the caller can create PSP's. Modify the `NET_ADMIN` check to warn, but not fail, if PSP's are found but the caller does not have `NET_ADMIN`. Update the warning message to mention that this is only a problem if the PSP admission controller is running (and will only be a problem during injection, since #2920 handles control plane installation by adding its own PSP). Also introduce a check to validate the caller can create PSP's. Fixes #2884, #2849 Signed-off-by: Andrew Seigner <siggy@buoyant.io> |
||
|---|---|---|
| .. | ||
| addr | ||
| admin | ||
| config | ||
| filesonly | ||
| flags | ||
| healthcheck | ||
| identity | ||
| inject | ||
| k8s | ||
| profiles | ||
| prometheus | ||
| tls | ||
| util | ||
| version | ||