diff --git a/pkg/localkube/apiserver.go b/pkg/localkube/apiserver.go index 160d7a0604d8..1946e1166682 100644 --- a/pkg/localkube/apiserver.go +++ b/pkg/localkube/apiserver.go @@ -21,6 +21,8 @@ import ( "path" "strconv" + "k8s.io/minikube/pkg/util" + "github.com/coreos/etcd/embed" apiserveroptions "k8s.io/apiserver/pkg/server/options" @@ -48,14 +50,7 @@ func StartAPIServer(lk LocalkubeServer) func() error { config.SecureServing.ServerCert.CertKey.CertFile = lk.GetPublicKeyCertPath() config.SecureServing.ServerCert.CertKey.KeyFile = lk.GetPrivateKeyCertPath() - config.Admission.PluginNames = []string{ - "NamespaceLifecycle", - "LimitRanger", - "ServiceAccount", - "DefaultStorageClass", - "ResourceQuota", - "MutatingAdmissionWebhook", - } + config.Admission.PluginNames = util.DefaultAdmissionControllers // use localkube etcd config.Etcd.StorageConfig.ServerList = []string{embed.DefaultListenClientURLs} diff --git a/pkg/minikube/bootstrapper/kubeadm/versions.go b/pkg/minikube/bootstrapper/kubeadm/versions.go index 55b740d82e0e..c54700724085 100644 --- a/pkg/minikube/bootstrapper/kubeadm/versions.go +++ b/pkg/minikube/bootstrapper/kubeadm/versions.go @@ -191,6 +191,14 @@ var versionSpecificOpts = []VersionedExtraOption{ // Cgroup args NewUnversionedOption(Kubelet, "cadvisor-port", "0"), NewUnversionedOption(Kubelet, "cgroup-driver", "cgroupfs"), + { + Option: util.ExtraOption{ + Component: Apiserver, + Key: "admission-control", + Value: strings.Join(util.DefaultAdmissionControllers, ","), + }, + GreaterThanOrEqual: semver.MustParse("1.9.0-alpha.0"), + }, } func VersionIsBetween(version, gte, lte semver.Version) bool { diff --git a/pkg/util/constants.go b/pkg/util/constants.go index 16f26d37de39..d0d0336f91a7 100644 --- a/pkg/util/constants.go +++ b/pkg/util/constants.go @@ -32,6 +32,18 @@ const ( DefaultServiceCIDR = "10.96.0.0/12" ) +var DefaultAdmissionControllers = []string{ + "Initializers", + "NamespaceLifecycle", + "LimitRanger", + "ServiceAccount", + "DefaultStorageClass", + "DefaultTolerationSeconds", + "NodeRestriction", + "ResourceQuota", + "MutatingAdmissionWebhook", +} + // GetServiceClusterIP returns the first IP of the ServiceCIDR func GetServiceClusterIP(serviceCIDR string) (net.IP, error) { ip, _, err := net.ParseCIDR(serviceCIDR)