Set namespace-based isolation levels for pods

Kubernetes version 1.25+

You can set namespace-based isolation levels for pods using Pod Security Standards.

If the defaults property in the built-in admission controller is set to baseline or restricted, you need to mark the dynatrace namespace as privileged, as only the Privileged policy is supported by Dynatrace Operator (the CSI driver and OneAgent pods require more permissions than the Baseline or Restricted policies allow).

To do that, run the command below.

1kubectl label namespace dynatrace pod-security.kubernetes.io/enforce=privileged pod-security.kubernetes.io/audit=privileged pod-security.kubernetes.io/warn=privileged

Platform

Overview
Pricing
Supported technologies
Application Observability
Infrastructure Observability
Automations
Application Security
Digital Experience
AIOps
Full stack
Davis, AI-engine
Open ecosystem
AppEngine
AutomationEngine

Solutions

Overview
Cloud operations
Microservices
Container monitoring
DevOps monitoring
Observability
Cloud monitoring
Application monitoring
Site Reliability Engineering
Log Management and Analytics

Resources

Overview
Blog
Demos
Webinars
Customer stories
Podcasts
Free trial
Request demo
Glossary
2023 Gartner APM Magic Quadrant
Is It Observable
2022 Global CIO report
Cloud done right
Knowledge Base

Services & Support

Overview
Success and Support
Software Intelligence Hub
ACE Services
University
Support Center
Product news
Documentation
Community

About

Overview
Leadership
Investor Relations
News
Media kit
Events
Careers
Partners
Locations
ESG
Contact us
Privacy Notice
Legal disclosure

Trust Center
Dynatrace status
Terms of use
Policies
Sitemap