🖊️
Notes
  • Notes
  • aws
    • CloudWatch
    • EKS
    • IAM
    • Key Management Service (KMS)
    • security
      • Attacks against AWS infrastructure
    • vpc
      • AWS Transit Gateway
  • azure
    • Azure AD
    • Azure CDN
    • DNS in Azure
    • Hub-spoke network topology
    • Identity and access management
    • Azure Landing zones
    • Storage
  • certifications
    • aws-sa-pro
    • Certified Kubernetes Administrator
  • containers
    • Examples
    • Linux Container Primitives
  • databases
    • Relational databases
  • gcp
    • IAM
  • git
    • Git
  • golang
    • Building Go projects
    • Concurrency
    • Project structure
  • infosec
    • SSH
    • SSL
  • Kubernetes
    • Admission Controllers
    • Autoscaling
    • Debugging
    • Multi-tenancy
    • Network Policies
    • Pod Priority
    • Pod Security Policies
    • Secrets
    • StatefulSet
    • additional-services
      • Debugging ArgoCD RBAC
      • open-policy-agent
  • misc
    • FFmpeg
    • PDFs
  • programming
    • Learning resources
    • concepts
      • Serialization
  • rabbitmq
    • Clustering and HA
    • Shovel plugin
  • shells
    • Bash
  • terraform
    • Moving resources between remote states
  • vim
    • Fzf (plugin)
    • Registers
    • Spell Check
  • linux
    • arch
      • Arch Linux installation
Powered by GitBook
On this page
  1. Kubernetes

Admission Controllers

PreviousKubernetesNextAutoscaling

Last updated 4 years ago

  • Admission controllers checks whether request to apiserver should be allowed or not (after authentication and authorization)

  • Dynamic admission controllers

    • can call validating service with webhook

    • this is beneficial for example in managed Kubernetes environments where API server can't be modified

    • configured with ValidatingWebhookConfiguration

  • Mutating admission controller can modify workloads, for example inject init containers

  • Kubernetes can send out AdmissionReview object to admission controller, which wraps the object which will be validated

  • Admission controller need then respond with the validation results to the apiserver

Resources

  • TGI Kubernetes 119: Gatekeeper and OPA -

https://www.youtube.com/watch?v=ZJgaGJm9NJE&