Update list of admission controllers

Question

Update list of admission controllers

cryslith opened this issue 5 years ago · 0 comments

Currently we set

--admission-control "NamespaceLifecycle,LimitRanger,ServiceAccount,TaintNodesByCondition,Priority,DefaultTolerationSeconds,DefaultStorageClass,StorageObjectInUseProtection,PersistentVolumeClaimResize,MutatingAdmissionWebhook,ValidatingAdmissionWebhook,RuntimeClass,ResourceQuota,DenyEscalatingExec,SecurityContextDeny,NodeRestriction"

The --admission-control flag is deprecated (replaced with --enable-admission-plugins), and several of the admission controllers we use are no longer in the default set. We should determine which of these we want to enable.