We list here some details on the APIs we expose, the software versions we use, and the resources we reserve on each node.
If you have never used the OVH API, see the First Steps with the OVHcloud API guide.
Admission plugins (defaults are not listed here):
AlwaysPullImages: Force every new pod to pull the required images every time. In a multi-tenant cluster users can be assured that their private images can only be used by those who have the credentials to pull them.
NodeRestriction: Ensure that the kubelet is restricted to the Node and Pod objects that it could modify as defined. Such kubelets will only be allowed to modify their own NodeAPI object and PodAPI objects that are bound to their node.
- Node: Authorize API requests made by kubelets.
- RBAC: Role-based access control is a method of regulating access to computer or network resources based on the roles of individual users within an organization.
TTLAfterFinished: Allow a TTL controller to clean up resources after they finish execution.
protect-kernel-defaults: Protect tuned kernel parameters from overriding kubelet default kernel parameter values.