set default enabled admission plugins by official document

hack/make-rules/test-cmd.sh

@@ -35,6 +35,7 @@ function run_kube_apiserver() {
 
   # Admission Controllers to invoke prior to persisting objects in cluster
   ENABLE_ADMISSION_PLUGINS="Initializers,LimitRanger,ResourceQuota"
+  DISABLE_ADMISSION_PLUGINS="ServiceAccount,PersistentVolumeLabel,DefaultStorageClass,DefaultTolerationSeconds,MutatingAdmissionWebhook,ValidatingAdmissionWebhook"
 
   # Include RBAC (to exercise bootstrapping), and AlwaysAllow to allow all actions
   AUTHORIZATION_MODE="RBAC,AlwaysAllow"
@@ -46,6 +47,7 @@ function run_kube_apiserver() {
     --authorization-mode="${AUTHORIZATION_MODE}" \
     --secure-port="${SECURE_API_PORT}" \
     --enable-admission-plugins="${ENABLE_ADMISSION_PLUGINS}" \
+    --disable-admission-plugins="${DISABLE_ADMISSION_PLUGINS}" \
     --etcd-servers="http://${ETCD_HOST}:${ETCD_PORT}" \
     --runtime-config=api/v1 \
     --storage-media-type="${KUBE_TEST_API_STORAGE_TYPE-}" \

hack/test-update-storage-objects.sh

@@ -46,6 +46,7 @@ RUNTIME_CONFIG=""
 ETCDCTL=$(which etcdctl)
 KUBECTL="${KUBE_OUTPUT_HOSTBIN}/kubectl"
 UPDATE_ETCD_OBJECTS_SCRIPT="${KUBE_ROOT}/cluster/update-storage-objects.sh"
+DISABLE_ADMISSION_PLUGINS="ServiceAccount,NamespaceLifecycle,LimitRanger,MutatingAdmissionWebhook,ValidatingAdmissionWebhook,ResourceQuota,PersistentVolumeLabel,DefaultStorageClass"
 
 function startApiServer() {
   local storage_versions=${1:-""}
@@ -64,6 +65,7 @@ function startApiServer() {
     --etcd-servers="http://${ETCD_HOST}:${ETCD_PORT}" \
     --etcd-prefix="/${ETCD_PREFIX}" \
     --runtime-config="${RUNTIME_CONFIG}" \
+    --disable-admission-plugins="${DISABLE_ADMISSION_PLUGINS}" \
     --cert-dir="${TMPDIR:-/tmp/}" \
     --service-cluster-ip-range="10.0.0.0/24" \
     --storage-versions="${storage_versions}" \