Skip to content

luojun96/k8s-admission-webhook-opt

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

42 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

A Simple Admission Controller Webhook

Introduction

This admission controller webhook is used to configure the security context for pods that are created in non Kubernetes-owned namespaces (kube-system and kube-public). The detail logic of the webhook is that for every pod that is created (outside of Kubernetes namespaces), it first checks if runAsNonRoot is set. If it is not, it is set to a default value of false. Furthermore, if runAsUser is not set (and runAsNonRoot was not initially set), it defaults runAsUser to a value of 1234.

Getting Started

Build

make 

Deploy

./resources/scripts/deploy.sh

About

No description, website, or topics provided.

Resources

Stars

Watchers

Forks

Packages

No packages published