Securing k3s deployment

templates/kubeadm-config.yaml.j2

@@ -55,7 +55,7 @@ controlPlaneEndpoint: "{{ lookup('vars', 'ansible_' + kubernetes_interface ).ipv
 {% endif %}
 apiServer:
   extraArgs:
-    enable-admission-plugins: NodeRestriction
+    enable-admission-plugins: NodeRestriction,AlwaysPullImages,EventRateLimit
     authorization-mode: "Node,RBAC"
     audit-policy-file: "/etc/kubernetes/policies/audit-policy.yaml"
     audit-log-path: "/var/log/apiserver/audit.log"