Disable the Datadog Admission Controller with the Cluster Agent

이 페이지는 아직 한국어로 제공되지 않으며 번역 작업 중입니다. 번역에 관한 질문이나 의견이 있으시면 언제든지 저희에게 연락해 주십시오.

Overview

The Datadog Cluster Agent manages the Datadog Admission Controller by creating, updating, and deleting Admission Controllers as needed. To disable the Admission Controller or remove the Cluster Agent, you must first disable the Admission Controller features in the Cluster Agent configuration and redeploy the Cluster Agent. Once the Admission Controllers are removed, the Cluster Agent can be safely removed if necessary.

Prerequisites

Datadog Cluster Agent v7.63+

Steps

    To disable the Admission Controllers with your Cluster Agent managed by the Datadog Operator:

    1. Set features.admissionController.enabled to true in your DatadogAgent configuration.
    2. Set features.admissionController.validation.enabled to false in your DatadogAgent configuration.
    3. Set features.admissionController.mutation.enabled to false in your DatadogAgent configuration.
      apiVersion: datadoghq.com/v2alpha1
  kind: DatadogAgent
  metadata:
    name: datadog
  spec:
    features:
      admissionController:
        enabled: true
        validation:
          enabled: false
        mutation:
          enabled: false

    Note: The the features.admissionController.enabled parameter is set to true to allow the Cluster Agent to manage the Kubernetes Admission Controllers.

    After redeploying the Cluster Agent with the updated configuration, the Admission Controllers are removed.

    To disable the Admission Controllers with your Cluster Agent managed by the Datadog Helm Chart:

    1. Set clusterAgent.admissionController.enabled to true.
    2. Set clusterAgent.admissionController.validation.enabled to false.
    3. Set clusterAgent.admissionController.mutation.enabled to false.
    clusterAgent:
  enabled: true
  admissionController:
    enabled: true
    validation:
      enabled: false
    mutation:
      enabled: false

    You can confirm the Admission Controllers are removed by checking ValidatingWebhookConfiguration and MutatingWebhookConfiguration resources in your cluster.

    kubectl get validatingwebhookconfigurations.admissionregistration.k8s.io

    kubectl get mutatingwebhookconfigurations.admissionregistration.k8s.io

    Further Reading

    추가 유용한 문서, 링크 및 기사:

    Introducing the Datadog Cluster AgentBLOG more more Datadog Admission ControllerDOCUMENTATION more more Troubleshooting the Datadog Cluster AgentDOCUMENTATION more more