kubernetes-sigs
/
kubespray
mirror of https://github.com/kubernetes-sigs/kubespray.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

enchance security with CIS Kubernetes V1.23 (#10304) 

Benchmark item number 4.1.9
pull/10308/head
satandyh 2023-07-24 05:24:11 +03:00 committed by GitHub
parent fe32de94b9
commit 050bd0527f
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
roles/kubernetes/node/tasks/kubelet.yml
View File

@ -12,7 +12,7 @@
dest: "{{ kube_config_dir }}/kubelet.env" dest: "{{ kube_config_dir }}/kubelet.env"
setype: "{{ (preinstall_selinux_state != 'disabled') | ternary('etc_t', omit) }}" setype: "{{ (preinstall_selinux_state != 'disabled') | ternary('etc_t', omit) }}"
backup: yes backup: yes
mode: 0640 mode: 0600
notify: Node | restart kubelet notify: Node | restart kubelet
tags: tags:
- kubelet - kubelet
@ -22,7 +22,7 @@
template: template:
src: "kubelet-config.{{ kubeletConfig_api_version }}.yaml.j2" src: "kubelet-config.{{ kubeletConfig_api_version }}.yaml.j2"
dest: "{{ kube_config_dir }}/kubelet-config.yaml" dest: "{{ kube_config_dir }}/kubelet-config.yaml"
mode: 0640 mode: 0600
notify: Kubelet | restart kubelet notify: Kubelet | restart kubelet
tags: tags:
- kubelet - kubelet