Kubernetes Admission Controller Concepts: Difference between revisions
Jump to navigation
Jump to search
| Line 14: | Line 14: | ||
==PodSecurityPolicy== | ==PodSecurityPolicy== | ||
{{Internal|Kubernetes_Pod_Security_Policy_Concepts#PodSecurityPolicy_Admission_Controller|PodSecurityPolicy Admission Controller}} | {{Internal|Kubernetes_Pod_Security_Policy_Concepts#PodSecurityPolicy_Admission_Controller|PodSecurityPolicy Admission Controller}} | ||
=Admission Controller Operations= | |||
{{Internal|Admission Controller Operations|Admission Controller Operations}} | |||
Revision as of 01:55, 3 September 2020
External
Internal
Overview
An admission controller is a piece of code that intercepts requests to the Kubernetes API server prior to persistence of the metadata, but after the request is authenticated and authorized. There is a fixed set of admission controller that include AlwaysPullImages, PodSecurityPolicy, etc. The controllers are compiled into the kube-apiserver binary, and may only be configured by the cluster administrator.