NourDT
diff --git a/‎config/_default/menus/menus.en.yaml‎
Lines changed: 5 additions & 0 deletions b/‎config/_default/menus/menus.en.yaml‎
Lines changed: 5 additions & 0 deletions
diff --git a/‎content/en/containers/cluster_agent/admission_controller.md‎
Lines changed: 5 additions & 16 deletions b/‎content/en/containers/cluster_agent/admission_controller.md‎
Lines changed: 5 additions & 16 deletions
@@ -666,6 +666,11 @@ main:
  parent: containers_troubleshooting
  identifier: containers_troubleshooting_hpa
  weight: 804
+ - name: Admission Controller
+ url: containers/troubleshooting/admission-controller
+ parent: containers_troubleshooting
+ identifier: containers_troubleshooting_admission_controller
+ weight: 805
  - name: Guides
  url: containers/guide
  parent: containers
 
@@ -7,6 +7,9 @@ further_reading:
 - link: "/agent/cluster_agent/troubleshooting/"
  tag: "Documentation"
  text: "Troubleshooting the Datadog Cluster Agent"
+- link: "/containers/troubleshooting/admission-controller"
+ tag: "Documentation"
+ text: "Troubleshooting the Admission Controller"
 - link: "https://www.datadoghq.com/blog/auto-instrument-kubernetes-tracing-with-datadog/"
  tag: "Blog"
  text: "Use library injection to auto-instrument tracing for Kubernetes applications with Datadog APM"
@@ -185,22 +188,7 @@ Possible options:
 
 ## Troubleshooting
 
-- The Admission Controller needs to be deployed and configured before the creation of new application Pods. It cannot update Pods that already exist.
-
- View the Cluster Agent logs to ensure the Admission Controller has started successfully. Observe the following `INFO` logs:
-
-```
- <date/time> | CLUSTER | INFO | (pkg/clusteragent/admission/api_discovery.go:122 in useAdmissionV1) | Group version 'admissionregistration.k8s.io/v1' is available, using it
- <date/time> | CLUSTER | INFO | (pkg/clusteragent/admission/controllers/secret/controller.go:74 in Run) | Starting secrets controller for <namespace>/webhook-certificate
- <date/time> | CLUSTER | INFO | (pkg/clusteragent/admission/controllers/webhook/controller_v1.go:76 in Run) | Starting webhook
-```
-
-- To disable the Admission Controller injection feature, use the Cluster Agent configuration: `DD_ADMISSION_CONTROLLER_INJECT_CONFIG_ENABLED=false`
-- By using the Datadog Admission Controller, users can skip configuring the application Pods using downward API ([step 2 in Kubernetes Trace Collection setup][3]).
-- Private clusters need specific networking rules because Datadog's Admission Controller webhook receives requests on port `443` and directs to a service on port `8000`:
- - In a GKE private cluster, you need to [add a firewall rule for the control plane][4]. By default, the network for the cluster should have a firewall rule named `gke-<CLUSTER_NAME>-master`. This rule's source filters match the cluster's control plane address range. Edit this firewall rule to allow ingress to the TCP port `8000`.
- - In an EKS private cluster, you need to [add an inbound rule for the node security group][5], where the Datadog Cluster Agent is located. Edit this rule to allow TCP port `8000` with the `Source` referencing the cluster security group (automatically created by AWS corresponding to the EKS control plane).
-
+See [Admission Controller Troubleshooting][6].
 
 ## Further Reading
 
@@ -211,3 +199,4 @@ Possible options:
 [3]: https://docs.datadoghq.com/agent/kubernetes/apm/?tab=helm#setup
 [4]: https://cloud.google.com/kubernetes-engine/docs/how-to/private-clusters#add_firewall_rules
 [5]: https://docs.aws.amazon.com/vpc/latest/userguide/security-group-rules.html#security-group-rule-components
+[6]: /containers/troubleshooting/admission-controller