From 8a86d4850fd5efcb8bb498e89fb7993fda335901 Mon Sep 17 00:00:00 2001 From: Cici Huang Date: Sat, 19 Nov 2022 18:09:15 +0000 Subject: [PATCH] Add fg, add admission plugin --- .../docs/reference/access-authn-authz/admission-controllers.md | 2 +- .../reference/command-line-tools-reference/feature-gates.md | 2 ++ 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/content/en/docs/reference/access-authn-authz/admission-controllers.md b/content/en/docs/reference/access-authn-authz/admission-controllers.md index 099409f2e5a56..bda95bb53d321 100644 --- a/content/en/docs/reference/access-authn-authz/admission-controllers.md +++ b/content/en/docs/reference/access-authn-authz/admission-controllers.md @@ -102,7 +102,7 @@ kube-apiserver -h | grep enable-admission-plugins In Kubernetes {{< skew currentVersion >}}, the default ones are: ```shell -CertificateApproval, CertificateSigning, CertificateSubjectRestriction, DefaultIngressClass, DefaultStorageClass, DefaultTolerationSeconds, LimitRanger, MutatingAdmissionWebhook, NamespaceLifecycle, PersistentVolumeClaimResize, PodSecurity, Priority, ResourceQuota, RuntimeClass, ServiceAccount, StorageObjectInUseProtection, TaintNodesByCondition, ValidatingAdmissionWebhook +CertificateApproval, CertificateSigning, CertificateSubjectRestriction, DefaultIngressClass, DefaultStorageClass, DefaultTolerationSeconds, LimitRanger, MutatingAdmissionWebhook, NamespaceLifecycle, PersistentVolumeClaimResize, PodSecurity, Priority, ResourceQuota, RuntimeClass, ServiceAccount, StorageObjectInUseProtection, TaintNodesByCondition, ValidatingAdmissionPolicy, ValidatingAdmissionWebhook ``` ## What does each admission controller do? diff --git a/content/en/docs/reference/command-line-tools-reference/feature-gates.md b/content/en/docs/reference/command-line-tools-reference/feature-gates.md index 598d46d83ab96..29e33c2856dbc 100644 --- a/content/en/docs/reference/command-line-tools-reference/feature-gates.md +++ b/content/en/docs/reference/command-line-tools-reference/feature-gates.md @@ -186,6 +186,7 @@ For a reference to old feature gates that are removed, please refer to | `TopologyManager` | `false` | Alpha | 1.16 | 1.17 | | `TopologyManager` | `true` | Beta | 1.18 | | | `UserNamespacesStatelessPodsSupport` | `false` | Alpha | 1.25 | | +| `ValidatingAdmissionPolicy` | `false` | Alpha | 1.26 | | | `VolumeCapacityPriority` | `false` | Alpha | 1.21 | - | | `WinDSR` | `false` | Alpha | 1.14 | | | `WinOverlay` | `false` | Alpha | 1.14 | 1.19 | @@ -729,6 +730,7 @@ Each feature gate is designed for enabling/disabling a specific feature: assignments for different components in Kubernetes. See [Control Topology Management Policies on a node](/docs/tasks/administer-cluster/topology-manager/). - `UserNamespacesStatelessPodsSupport`: Enable user namespace support for stateless Pods. +- `ValidatingAdmissionPolicy`: Enable support for CEL validations be used in Admission Control. - `VolumeCapacityPriority`: Enable support for prioritizing nodes in different topologies based on available PV capacity. - `WatchBookmark`: Enable support for watch bookmark events.