Is it possible to turn on an admission controller in DOKS?

Question

I am in the need of turning on the PodSecurityPolicy admission controller to add an extra layer of security.

Answer 1

jkwiatkoski June 21, 2019

Hi there,

Based off the kubernetes documentation at the bottome of this reply, users would need to modify the runtime parameters of the master API. This currently is not accessible to our users as the master and api settings are managed by DO. We currently use the following admission controllers by default:


--enable-admission-plugins=NamespaceLifecycle,NodeRestriction,LimitRanger,ServiceAccount,DefaultStorageClass,DefaultTolerationSeconds,MutatingAdmissionWebhook,ValidatingAdmissionWebhook,ResourceQuota

We are always looking at ways to improve the product, and the current admission controllers in use may change as the product matures and new features become available and more stable. SO just because it is not enabled now it doesn’t mean it never will be.

Regards,

John Kwiatkoski
Senior Developer Support Engineer

https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/

Reply Report

cr7392b6b5a2e554b9227c92d1 June 22, 2019

Thank you for the transparency. It looks like the Validating Admission Webhook could do the trick.
Reply Report

Answer 2

cr7392b6b5a2e554b9227c92d1 June 22, 2019

Thank you for the transparency. It looks like the Validating Admission Webhook could do the trick.
Reply Report

Related

Question

Is it possible to turn on an admission controller in DOKS?

Related

Leave a comment

Looking for something else?

Sign up for our newsletter

Related

Question

Is it possible to turn on an admission controller in DOKS?

Related

Leave a comment

Related

question

Will kubernetes have autoscaling by default?

question

Firewall blocks hostPort

question

Private docker registry

question

Get metrics from Kubernetes nodes

Looking for something else?