Henry Xie 's blog: OKE Admission Control Webhook Sample

Tuesday, November 08, 2022

OKE Admission Control Webhook Sample

Requirement:

We need to implement a policy requested by the security team that Kubernetes service should have an annotation : service.beta.kubernetes.io/oci-load-balancer-security-list-management-mode: None Thus no security list will be updated by Kubernetes. This is an example that how we build our own admission controller which implements various policies from security or other teams. ie we can add only internal load balancer is allowed for internal service.....etc

Solution:

Please refer github repo
git clone https://github.com/HenryXie1/oke-admission-webhook
go build -o oke-admission-webhook
docker build --no-cache -t repo-url/oke-admission-webhook:v1 .
rm -rf oke-admission-webhook
docker push repo-url/oke-admission-webhook:v1
./deployment/webhook-create-signed-cert.sh --service oke-admission-webhook-svc --namespace kube-system --secret oke-admission-webhook-secret
kubectl replace --force -f deployment/validatingwebhook.yaml
kubectl replace --force -f deployment/deployment.yaml
kubectl replace --force -f deployment/service.yaml

Demo:

7 comments:

tejaswini said...: On the off chance that your searching for Online Illinois tag sticker restorations, at that point you have to need to go to the privileged place.
https://360digitmg.com/course/certification-program-in-data-science; 9:49 PM
360DigiTMG said...: informative blog
hrdf training course; 8:21 PM
Bhavana said...: I need to communicate my deference of your composing aptitude and capacity to make perusers read from the earliest starting point as far as possible. I might want to peruse more up to date presents and on share my musings with you.
360DigiTMG; 10:13 PM
360DigiTMGMY said...: Brilliant work done by you indeed here. This is only the motivation behind why I've generally enjoyed your work. You have stunning composing aptitudes and you show them in each article. Prop it up!
"
hrdf claimable courses"; 2:20 AM
360digitmg said...: I curious more interest in some of them hope you will give more information on this topics in your next articles.
data science course in hyderabad; 9:36 PM
360digiTMG Training said...: I am impressed by the information that you have on this blog. It shows how well you understand this subject.

business analytics course; 11:55 PM
360DigiTMG-Pune said...: Informative article. Thanks for sharing with us.keep it up.
best data science online course; 8:41 PM