From f28e78b0803a3340f26538c11441cba113dbff9d Mon Sep 17 00:00:00 2001
From: Jim Galasyn <jim.galasyn@docker.com>
Date: Tue, 20 Feb 2018 14:59:30 -0800
Subject: [PATCH] Add Kubernetes differences/value adds (#507)

* Add Kubernetes differences/value adds

* Add feedback
---
 ee/index.md | 16 +++++++++++++++-
 1 file changed, 15 insertions(+), 1 deletion(-)

diff --git a/ee/index.md b/ee/index.md
index 97ab9c322d..7dc56c7399 100644
--- a/ee/index.md
+++ b/ee/index.md
@@ -73,7 +73,21 @@ Kubernetes features on Docker EE include:
 - Interoperability between Swarm and Kubernetes workloads for networking and
   storage
 
-The default Docker EE installation includes both  Kubernetes and Swarm
+In addition, UCP integrates with Kubernetes by using admission controllers,
+which enable:
+
+- Authenticating user client bundle certificates when communicating directly
+  with the Kubernetes API server
+- Authorizing requests via the UCP role-based access control model
+- Assigning nodes to a namespace by injecting a `NodeSelector` automatically
+  to workloads via admission control
+- Keeping all nodes in both Kubernetes and Swarm orchestrator inventories
+- Fine-grained access control and privilege escalation prevention without
+  the `PodSecurityPolicy` admission controller
+- Resolving images of deployed workloads automatically, and accepting or
+  rejecting images based on UCP's signing-policy feature
+
+The default Docker EE installation includes both Kubernetes and Swarm
 components across the cluster, so every newly joined worker node is ready
 to schedule Kubernetes or Swarm workloads.