mirror of
https://github.com/openshift/openshift-docs.git
synced 2026-02-05 21:46:22 +01:00
BZ1867690: adding default admission plug-ins
This commit is contained in:
Kathryn Alexander
committed by
openshift-cherrypick-robot
openshift-cherrypick-robot
parent
49e818c109
commit
49f7ea6a67
@@ -6,4 +6,73 @@
|
||||
= Default admission plug-ins
|
||||
|
||||
//Future xref - A set of default admission plug-ins is enabled in {product-title} {product-version}. These default plug-ins contribute to fundamental control plane functionality, such as ingress policy, xref:../nodes/clusters/nodes-cluster-overcommit.adoc#nodes-cluster-resource-override_nodes-cluster-overcommit[cluster resource limit override] and quota policy.
|
||||
A set of default admission plug-ins is enabled in {product-title} {product-version}. These default plug-ins contribute to fundamental control plane functionality, such as ingress policy, cluster resource limit override and quota policy.
|
||||
Default validating and admission plug-ins are enabled in {product-title} {product-version}. These default plug-ins contribute to fundamental control plane functionality, such as ingress policy, cluster resource limit override and quota policy. The following lists contain the default admission plug-ins:
|
||||
|
||||
.Validating admission plug-ins
|
||||
[%collapsible]
|
||||
====
|
||||
* `LimitRanger`
|
||||
* `ServiceAccount`
|
||||
* `PodNodeSelector`
|
||||
* `Priority`
|
||||
* `PodTolerationRestriction`
|
||||
* `OwnerReferencesPermissionEnforcement`
|
||||
* `PersistentVolumeClaimResize`
|
||||
* `RuntimeClass`
|
||||
* `CertificateApproval`
|
||||
* `CertificateSigning`
|
||||
* `CertificateSubjectRestriction`
|
||||
* `autoscaling.openshift.io/ManagementCPUsOverride`
|
||||
* `authorization.openshift.io/RestrictSubjectBindings`
|
||||
* `scheduling.openshift.io/OriginPodNodeEnvironment`
|
||||
* `network.openshift.io/ExternalIPRanger`
|
||||
* `network.openshift.io/RestrictedEndpointsAdmission`
|
||||
* `image.openshift.io/ImagePolicy`
|
||||
* `security.openshift.io/SecurityContextConstraint`
|
||||
* `security.openshift.io/SCCExecRestrictions`
|
||||
* `route.openshift.io/IngressAdmission`
|
||||
* `config.openshift.io/ValidateAPIServer`
|
||||
* `config.openshift.io/ValidateAuthentication`
|
||||
* `config.openshift.io/ValidateFeatureGate`
|
||||
* `config.openshift.io/ValidateConsole`
|
||||
* `operator.openshift.io/ValidateDNS`
|
||||
* `config.openshift.io/ValidateImage`
|
||||
* `config.openshift.io/ValidateOAuth`
|
||||
* `config.openshift.io/ValidateProject`
|
||||
* `config.openshift.io/DenyDeleteClusterConfiguration`
|
||||
* `config.openshift.io/ValidateScheduler`
|
||||
* `quota.openshift.io/ValidateClusterResourceQuota`
|
||||
* `security.openshift.io/ValidateSecurityContextConstraints`
|
||||
* `authorization.openshift.io/ValidateRoleBindingRestriction`
|
||||
* `config.openshift.io/ValidateNetwork`
|
||||
* `operator.openshift.io/ValidateKubeControllerManager`
|
||||
* `ValidatingAdmissionWebhook`
|
||||
* `ResourceQuota`
|
||||
* `quota.openshift.io/ClusterResourceQuota`
|
||||
====
|
||||
|
||||
|
||||
.Mutating admission plug-ins
|
||||
[%collapsible]
|
||||
====
|
||||
* `NamespaceLifecycle`
|
||||
* `LimitRanger`
|
||||
* `ServiceAccount`
|
||||
* `NodeRestriction`
|
||||
* `TaintNodesByCondition`
|
||||
* `PodNodeSelector`
|
||||
* `Priority`
|
||||
* `DefaultTolerationSeconds`
|
||||
* `PodTolerationRestriction`
|
||||
* `PersistentVolumeLabel`
|
||||
* `DefaultStorageClass`
|
||||
* `StorageObjectInUseProtection`
|
||||
* `RuntimeClass`
|
||||
* `DefaultIngressClass`
|
||||
* `autoscaling.openshift.io/ManagementCPUsOverride`
|
||||
* `scheduling.openshift.io/OriginPodNodeEnvironment`
|
||||
* `image.openshift.io/ImagePolicy`
|
||||
* `security.openshift.io/SecurityContextConstraint`
|
||||
* `security.openshift.io/DefaultSecurityContextConstraints`
|
||||
* `MutatingAdmissionWebhook`
|
||||
====
|
||||
|
||||
Reference in New Issue
Block a user