10.2. 기본 승인 플러그인
OpenShift Container Platform 4.13에서는 기본 검증 및 승인 플러그인이 활성화됩니다. 이러한 기본 플러그인은 수신 정책, 클러스터 리소스 제한 덮어쓰기 및 할당량 정책과 같은 기본 컨트롤 플레인 기능에 기여합니다.
다음 목록에는 기본 승인 플러그인이 포함되어 있습니다.
예 10.1. 검증 승인 플러그인
-
LimitRanger
-
ServiceAccount
-
PodNodeSelector
-
Priority
-
PodTolerationRestriction
-
OwnerReferencesPermissionEnforcement
-
PersistentVolumeClaimResize
-
RuntimeClass
-
CertificateApproval
-
CertificateSigning
-
CertificateSubjectRestriction
-
autoscaling.openshift.io/ManagementCPUsOverride
-
authorization.openshift.io/RestrictSubjectBindings
-
scheduling.openshift.io/OriginPodNodeEnvironment
-
network.openshift.io/ExternalIPRanger
-
network.openshift.io/RestrictedEndpointsAdmission
-
image.openshift.io/ImagePolicy
-
security.openshift.io/SecurityContextConstraint
-
security.openshift.io/SCCExecRestrictions
-
route.openshift.io/IngressAdmission
-
config.openshift.io/ValidateAPIServer
-
config.openshift.io/ValidateAuthentication
-
config.openshift.io/ValidateFeatureGate
-
config.openshift.io/ValidateConsole
-
operator.openshift.io/ValidateDNS
-
config.openshift.io/ValidateImage
-
config.openshift.io/ValidateOAuth
-
config.openshift.io/ValidateProject
-
config.openshift.io/DenyDeleteClusterConfiguration
-
config.openshift.io/ValidateScheduler
-
quota.openshift.io/ValidateClusterResourceQuota
-
security.openshift.io/ValidateSecurityContextConstraints
-
authorization.openshift.io/ValidateRoleBindingRestriction
-
config.openshift.io/ValidateNetwork
-
operator.openshift.io/ValidateKubeControllerManager
-
ValidatingAdmissionWebhook
-
resourceQuota
-
quota.openshift.io/ClusterResourceQuota
예 10.2. 변경 승인 플러그인
-
NamespaceLifecycle
-
LimitRanger
-
ServiceAccount
-
NodeRestriction
-
TaintNodesByCondition
-
PodNodeSelector
-
Priority
-
DefaultTolerationSeconds
-
PodTolerationRestriction
-
DefaultStorageClass
-
StorageObjectInUseProtection
-
RuntimeClass
-
DefaultIngressClass
-
autoscaling.openshift.io/ManagementCPUsOverride
-
scheduling.openshift.io/OriginPodNodeEnvironment
-
image.openshift.io/ImagePolicy
-
security.openshift.io/SecurityContextConstraint
-
security.openshift.io/DefaultSecurityContextConstraints
-
MutatingAdmissionWebhook