Kubernetes Limitations in Orka

Your Orka environment is a Kubernetes cluster that you can manage with kubectl. The cluster is helm-enabled and has RBAC configured. Your control over the cluster is limited via pod security policies, cluster roles, and role bindings.

Allowed namespaces

You can access and interact with the sandbox namespace only.

You cannot access and interact with the kube-system, kube-public, and default namespaces.

Volumes

You can work with the following volume types:

configMap
persistentVolumeClaim
emptyDir
secret
projected
nfs

You cannot work with any volume types not listed above. If you need to work with another volume type that's not allowed by default, contact the MacStadium team.

📘

Need persistent volumes?

The default RBAC does not let you work with persistent volumes directly. You need to work closely with the MacStadium team to enable persistent volumes for your cluster. See Persistent Volumes.

Resources

Read/Write

configmaps
endpoints
persistentvolumeclaims
pods (including attach, exec, port-forward, and proxy; excluding privileged pods)
replicationcontrollers (including scaling)
secrets
services (including proxies)
daemonsets
deployments (including rollback and scaling)
replicasets (including scaling)
statefulsets (including scaling)
horizontalpodautoscalers
cronjobs
jobs
ingresses
networkpolicies

Read-only

controllerrevisions
events
limitranges
current namespace status
pod logs
pod status
replicationcontroller status
resourcequotas (including status)

What's next

Start using kubectl and helm.