openshift/openshift-docs
1
0
Fork 0
mirror of https://github.com/openshift/openshift-docs.git synced 2026-02-05 12:46:18 +01:00
Code Issues Releases Activity

WMCO remove Hyper-V statements as it is not supported

Browse Source
This commit is contained in:
Michael Burke
2025-04-08 13:06:22 -04:00
committed by openshift-cherrypick-robot
parent e4a3a15106
commit 3bd458c31c
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
windows_containers/understanding-windows-container-workloads.adoc
View File

@@ -14,7 +14,7 @@ Multi-tenancy for clusters that have Windows nodes is not supported. Clusters ar
Hostile multi-tenant clusters introduce security concerns in all Kubernetes environments. Additional security features like link:https://kubernetes.io/docs/concepts/policy/pod-security-policy/[pod security policies], or more fine-grained role-based access control (RBAC) for nodes, make exploiting your environment more difficult. However, if you choose to run hostile multi-tenant workloads, a hypervisor is the only security option you should use. The security domain for Kubernetes encompasses the entire cluster, not an individual node. For these types of hostile multi-tenant workloads, you should use physically isolated clusters.
Windows Server Containers provide resource isolation using a shared kernel but are not intended to be used in hostile multitenancy scenarios. Scenarios that involve hostile multitenancy should use Hyper-V Isolated Containers to strongly isolate tenants.
Windows Server Containers provide resource isolation using a shared kernel but are not intended to be used in hostile multitenancy scenarios.
====
[role="_additional-resources"]