When you install and set up your Kubernetes clusters, the system includes three ready-to-use scopes: Kubernetes System, CBContainers dataplane, and Default Namespace.
The built-in scopes are assigned to built-in hardening policies. The scopes are available as a starting point for your configuration, and you can either edit or delete them. For more information about built-in hardening policies, see Built-in Kubernetes Hardening Policies.
Pre-Packaged Scope | Scope Target | Scope Description |
---|---|---|
Kubernetes System | Target: Deploy phase Namespaces: kube-system |
Matches the namespace for objects created by the Kubernetes system. This system typically contains services for DNS, proxy, controller manager, and other system components. |
CBContainers dataplane | Target: Deploy phase Namespaces: cbcontainers-dataplane octarine-dataplane |
Matches the namespace where the Carbon Black Kubernetes agent runs and deploys its resources.
Note: Two namespaces are listed here.
Octarine-dataplane is the namespace name before version 3.0.0 of the agent.
Cbcontainers-dataplane is the current namespace name.
|
Default Namespace | Target: Deploy phase Namespaces: default |
Matches Kubernetes built-in default namespace that holds objects that have no specified no namespace. |
If the built-in scopes are not modified, the Last modified by parameter is Carbon Black. After you edit a scope, the Last modified by parameter changes.