Is it possible to turn on an admission controller in DOKS?

June 19, 2019 381 views
Kubernetes

I am in the need of turning on the PodSecurityPolicy admission controller to add an extra layer of security.

1 Answer

Hi there,

Based off the kubernetes documentation at the bottome of this reply, users would need to modify the runtime parameters of the master API. This currently is not accessible to our users as the master and api settings are managed by DO. We currently use the following admission controllers by default:


--enable-admission-plugins=NamespaceLifecycle,NodeRestriction,LimitRanger,ServiceAccount,DefaultStorageClass,DefaultTolerationSeconds,MutatingAdmissionWebhook,ValidatingAdmissionWebhook,ResourceQuota

We are always looking at ways to improve the product, and the current admission controllers in use may change as the product matures and new features become available and more stable. SO just because it is not enabled now it doesn’t mean it never will be.

Regards,

John Kwiatkoski
Senior Developer Support Engineer

https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/

Have another answer? Share your knowledge.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!