Creating namespaces with pod security policy binding

You can create a namespace and bind it to a pod security policy with the IBM® Cloud Private console and the command line.

Create a namespace with pod security policy binding with the IBM Cloud Private console

Complete the following steps to create a new namespace and bind it to a pod security policy:

1. Log in to your IBM Cloud Private cluster as a cluster administrator.

2. From the navigation menu, click Manage > Namespaces.

3. Click the Create Namespace button.

4. In the Create Namespace dialog box, enter the name of the new namespace.

5. Click the Pod Security drop-down menu and select an existing pod security policy.

6. Click Create.

Using the command line

To create a namespace with pod security policy binding with the command line, complete the following steps:

1. Setup the kubectl command-line.

2. Create a namespace. For example, create a appsales namespace. Run that following command:

    kubectl create namespace appsales
   

3. Bind the ibm-anyuid-psp PodSecurityPolicy to all service accounts in the appsales namespace example. Run the following command:

    kubectl -n appsales create rolebinding ibm-anyuid-clusterrole-rolebinding --clusterrole=ibm-anyuid-clusterrole --group=system:serviceaccounts:appsales
   

A namespace is created with pod security policy bindings.