Question

Is it possible to turn on an admission controller in DOKS?

Posted June 19, 2019 772 views
Kubernetes

I am in the need of turning on the PodSecurityPolicy admission controller to add an extra layer of security.

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
1 answer

Hi there,

Based off the kubernetes documentation at the bottome of this reply, users would need to modify the runtime parameters of the master API. This currently is not accessible to our users as the master and api settings are managed by DO. We currently use the following admission controllers by default:


--enable-admission-plugins=NamespaceLifecycle,NodeRestriction,LimitRanger,ServiceAccount,DefaultStorageClass,DefaultTolerationSeconds,MutatingAdmissionWebhook,ValidatingAdmissionWebhook,ResourceQuota

We are always looking at ways to improve the product, and the current admission controllers in use may change as the product matures and new features become available and more stable. SO just because it is not enabled now it doesn’t mean it never will be.

Regards,

John Kwiatkoski
Senior Developer Support Engineer

https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/

Submit an Answer