Add admission controller for default storage class.

The admission controller adds a default class to PVCs that do not require any specific class. This way, users (=PVC authors) do not need to care about storage classes, administrator can configure a default one and all these PVCs that do not care about class will get the default one.
2025-09-25 20:29:56 +00:00 · 2016-08-18 18:55:35 +02:00
parent 214c916045
commit 82d35fb461
21 changed files with 423 additions and 19 deletions
--- a/cluster/centos/config-default.sh
+++ b/cluster/centos/config-default.sh
@@ -42,7 +42,7 @@ export FLANNEL_NET=${FLANNEL_NET:-"172.16.0.0/16"}

 # Admission Controllers to invoke prior to persisting objects in cluster
 # If we included ResourceQuota, we should keep it at the end of the list to prevent incremeting quota usage prematurely.
-export ADMISSION_CONTROL=NamespaceLifecycle,NamespaceExists,LimitRanger,ServiceAccount,SecurityContextDeny,ResourceQuota
+export ADMISSION_CONTROL=NamespaceLifecycle,NamespaceExists,LimitRanger,ServiceAccount,SecurityContextDeny,SimpleDefaultStorageClassForPVC,ResourceQuota

 # Extra options to set on the Docker command line.
 # This is useful for setting --insecure-registry for local registries.
--- a/cluster/centos/master/scripts/apiserver.sh
+++ b/cluster/centos/master/scripts/apiserver.sh
@@ -56,7 +56,7 @@ KUBE_SERVICE_ADDRESSES="--service-cluster-ip-range=${SERVICE_CLUSTER_IP_RANGE}"
 # Comma-delimited list of: 
 #   LimitRanger, AlwaysDeny, SecurityContextDeny, NamespaceExists, 
 #   NamespaceLifecycle, NamespaceAutoProvision,
-#   AlwaysAdmit, ServiceAccount, ResourceQuota
+#   AlwaysAdmit, ServiceAccount, ResourceQuota, SimpleDefaultStorageClassForPVC
 KUBE_ADMISSION_CONTROL="--admission-control=${ADMISSION_CONTROL}"

 # --client-ca-file="": If set, any request presenting a client certificate signed