Added --set flag to disable PSP

[portega-inbrain]

This flags disables the use of the Pod Security Policy in the installation of the aws-node-termination-handler giving a v1beta1 version error.
This is just a hack put in place to remember the issue #52. See issue's description for more detailed information.

[asmacdo]

When running this we hit the same issue with the PodSecurityPolicy. Adding this worked, thanks!

Seems like we should merge, but also file an issue to keep track?

[satra]

@asmacdo - did you see the last comment on the original issue. it seemed while this continues it doesn't launch pods. are you able to launch pods?

[asmacdo]

I wasn't able to login, we stopped at "hub is deployed" due to Misconfigured Oauthapp/route/ingress/cert/subdomain or something.

This is all thats up right now:

[ec2-user@ip-172-31-32-161 ~]$ kubectl get pods -n fakedandihub
NAME                              READY   STATUS    RESTARTS   AGE
hub-85dc6c6fdb-ms7gl              1/1     Running   0          3h27m
proxy-85976f9cc7-5pjwv            1/1     Running   0          3h27m
user-scheduler-78559769fb-j44zh   1/1     Running   0          3h27m
user-scheduler-78559769fb-qcvx5   1/1     Running   0          3h27m

[asmacdo]

But as of 8 minutes ago, we might be ok?? aws/aws-node-termination-handler#758

@portega-inbrain If aws-node-termination-handler 1.19.0 works we can probably close this PR.

[portega-inbrain]

Hi @asmacdo. I would say so! For what I gather the effect of setting the flag as in my original post is the same as what they are now including as part of the aws-node-termination-handler in your link i.e. disabling PSP altogether. What I'm unsure about are the implications this has on security (if at all).
I'll close the PR with the link to the official link aws/aws-node-termination-handler#758.