Validating Admission Webhooks

Explore how validating admission webhooks function within Kubernetes to enforce policies by intercepting API requests. Learn to configure webhooks for controlling creation and modification of resources, ensuring cluster security and consistent workloads through dynamic admission control.

We'll cover the following...

Validating admission webhooks
- Configuration
How it works

Validating admission webhooks

Kubernetes provides advanced dynamic mechanisms to gate and govern changes on the configurations and workloads. With admission controllers, we can have granular control over things such as vulnerable container images, containers injections, labels checking, etc. Kubernetes provides not only built-in admission plugins, but also supports external webhooks, such as ImagePolicyWebhook, Validating AdmissionWebhook, and MutatingAdmissionWebhook.

With these pluggable webhooks, we can easily hook our own business logic into the admission control phase in the kube-apiserver. In this lesson, we’re going to dive into the validating admission webhooks.

1.Before Getting Started

2.Kubernetes Architecture

3.Customizing AuthX

4.Dynamic Admission Control

5.Customizing Schedulers

6.Extending APIs with CustomResourceDefinition (CRD)

7.Extending APIs with Aggregated APIServer

8.Container Network Interface

9.Container Runtime Interface

10.Extend kubectl

11.How to Write Good Kubernetes Operators

Assessment

12.Wrap Up

Validating Admission Webhooks

Validating admission webhooks

Configuration