In the event Policy Controller is causing issues in your cluster and the
webhook needs to be disabled, the fastest way to do this is to run kubectl edit
:
kubectl edit validatingwebhookconfigurations.admissionregistration.k8s.io gatekeeper-validating-webhook-configuration
Delete the webhooks
field and everything underneath it.
To re-enable Policy Controller, run
kubectl delete validatingwebhookconfigurations.admissionregistration.k8s.io gatekeeper-validating-webhook-configuration
This will cause the operator to regenerate the webhook configuration, which will reconfigure the API server to use Policy Controller as an admission webhook.
What's next?
- Learn more about Policy Controller
- Install Policy Controller
- Use the constraint template library
- Learn how to use constraints instead of PodSecurityPolicies