kubernetes-sigs
/
kubespray
mirror of https://github.com/kubernetes-sigs/kubespray.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
kubespray/roles/kubernetes/control-plane/templates
History
Nicolas Goudry c6fcbf6ee0
Remove access to cluster from anonymous users (#11016) 
* feat: add user facing variable with default

* feat: remove rolebinding to anonymous users after init and upgrade

* feat: use file discovery for secondary control plane nodes

* feat: use file discovery for nodes

* fix: do not fail if rolebinding does not exist

* docs: add warning about kube_api_anonymous_auth

* style: improve readability of delegate_to parameter

* refactor: rename discovery kubeconfig file

* test: enable new variable in hardening and upgrade test cases

* docs: add option to config parameters

* test: multiple instances and upgrade
 		2024-04-02 23:54:12 -07:00
..
admission-controls.yaml.j2 project: fix var-spacing ansible rule (#10266) 2023-07-04 20:36:54 -07:00
apiserver-audit-policy.yaml.j2 make sure serviceaccounts/token is only in the metadata stage (#7679) 2021-06-07 08:38:40 -07:00
apiserver-audit-webhook-config.yaml.j2 Move kubernetes/master to kubernetes/control-plane (#7218) 2021-02-01 07:15:49 -08:00
apiserver-tracing.yaml.j2 [apiserver-kubelet/tracing]: add distributed tracing config variables (#10795) 2024-01-25 10:24:35 +01:00
eventratelimit.yaml.j2 [kubeadm] use v1beta3 configuration version 2022-06-15 00:57:20 -07:00
k8s-certs-renew.service.j2 Auto renew control plane certificates (#7358) 2021-03-22 11:22:48 -07:00
k8s-certs-renew.sh.j2 fix(k8s-certs-renew): Use kube_apiserver_port instead of hard-coding (#9620) 2022-12-27 18:17:35 -08:00
k8s-certs-renew.timer.j2 Move control plane certs renewal "spread out" into the systemd timer (#10596) 2023-11-08 12:35:20 +01:00
kubeadm-config.v1beta3.yaml.j2 fix: config hostname as string type in kubeadmConf rendering (#10997) 2024-03-22 03:54:25 -07:00
kubeadm-controlplane.v1beta3.yaml.j2 Remove access to cluster from anonymous users (#11016) 2024-04-02 23:54:12 -07:00
kubescheduler-config.yaml.j2 [kubernetes] Kube-scheduler: remove/update deprecated component config v1beta3 (#10484) 2023-09-29 00:22:45 -07:00
podnodeselector.yaml.j2 New PR default node selector (#10607) 2023-12-12 14:51:26 +01:00
podsecurity.yaml.j2 project: fix var-spacing ansible rule (#10266) 2023-07-04 20:36:54 -07:00
secrets_encryption.yaml.j2 project: fix var-spacing ansible rule (#10266) 2023-07-04 20:36:54 -07:00
webhook-authorization-config.yaml.j2 Move kubernetes/master to kubernetes/control-plane (#7218) 2021-02-01 07:15:49 -08:00
webhook-token-auth-config.yaml.j2 Add optional setting for ca data in auth webhook (#8777) 2022-05-05 14:52:43 -07:00