Hi Team,
I’m looking for the recommended way how to enable seccomp feature during Istio installation based on the istioctl operator / istioctl installation methods. The default configuration settings applied by Istio do not enable this feature.
Please advise how to enable seccomp profile for the operator deployment.
Many thanks
Ewa
Hi,
I would be also interested in some official seccomp profiles with the recommended permissions for the different non-privileged containers (discovery/istio-proxy/istio-validation).
Does Istio collect and provide that information anywhere? Or is there a good way to obtain it using a profiler like SPO? For instance, how could I exercise every relevant code path (while running under an audit profile)?
Thanks!