You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
@@ -340,7 +340,7 @@ When you deploy to Kubernetes, the container must be granted the `CHECKPOINT_RES
==== Red Hat OpenShift security context constraints
To deploy applications to Red Hat OpenShift with InstantOn, you must specify a security context constraint (SCC) that at a minimum grants the capabilities to the defaults that are needed for InstantOn. The following example defines an SCC with these capabilities that is called `defaultAddCapabilities`:
To deploy applications to Red Hat OpenShift with InstantOn, you must specify a security context constraint (SCC) that at a minimum specifies a list of additional capabilities that are added to any pod. The following SSC yaml file example defines an SCC with the required capabilities by using the `defaultAddCapabilities` parameter :
[source,yaml]
----
Expand All
@@ -349,11 +349,11 @@ defaultAddCapabilities:
- SETPCAP
----
The applications you deploy must be associated with this SCC, for example, by specifying the `serviceAccountName` setting in the deployment yaml file. The following example specifies the `defaultAddCapabilities` SCC that was defined in the previous example:
The applications you deploy must be associated with an SCC that adds the required capabilities. For example, you might deploy an SCC called `liberty-instanton-scc` that adds the required capabilities. The following example specifies the `serviceAccountName` parameter to set the SCC name to `liberty-instanton-scc`:
