{
"imagePolicy": {
"kubeConfigFile": "/etc/kubernetes/kube-image-bouncer.yml",
"allowTTL": 50,
"denyTTL": 50,
"retryBackoff": 500,
"defaultAllow": true
}
}
命令
vim /etc/kubernetes/epconfig/kubeconfig.yaml
文件内容如下:
apiVersion: v1
kind: Config
# clusters refers to the remote service.
clusters:
- cluster:
certificate-authority: /etc/kubernetes/epconfig/external-cert.pem # CA for verifying the remote service.
server: server # URL of remote service to query. Must use 'https'.
name: image-checker
contexts:
- context:
cluster: image-checker
user: api-server
name: image-checker
current-context: image-checker
preferences: {}
# users refers to the API server's webhook configuration.
users:
- name: api-server
user:
client-certificate: /etc/kubernetes/epconfig/apiserver-