Resource validation
Prevent invalid gateway configuration from being applied to your Kubernetes cluster by using the K8sGateway validating admission webhook.
About the validating admission webhook
The validating admission webhook configuration is enabled by default when you install K8sGateway. By default, the webhook only logs the validation result without rejecting invalid K8sGateway resource configuration. If the configuration you provide is written in valid YAML format, it is accepted by the Kubernetes API server and written to etcd. However, the configuration might contain invalid settings or inconsistencies that K8sGateway cannot interpret or process. This mode is also referred to as permissive validation.
You can enable strict validation by setting the alwaysAcceptResources
Helm option to false. Note that only resources that result in a rejected
status are rejected on admission. Resources that result in a warning
status are still admitted. To also reject resources with a warning
status, set alwaysAcceptResources=false
and allowWarnings=false
in your Helm file.
For more information, see Enable resource validation.
Validated resources
The following K8sGateway custom resources can be validated:
To see an example for how to trigger the resource validation API, see Test resources.