Skip to content
Snippets Groups Projects
Unverified Commit 050bd052 authored by satandyh's avatar satandyh Committed by GitHub
Browse files

enchance security with CIS Kubernetes V1.23 (#10304) 

Benchmark item number 4.1.9
parent fe32de94
No related branches found
No related tags found
No related merge requests found
Show whitespace changes
Inline Side-by-side
roles/kubernetes/node/tasks/kubelet.yml
+ 2
2
View file @ 050bd052
...@@ -12,7 +12,7 @@ ...@@ -12,7 +12,7 @@
dest: "{{ kube_config_dir }}/kubelet.env" dest: "{{ kube_config_dir }}/kubelet.env"
setype: "{{ (preinstall_selinux_state != 'disabled') | ternary('etc_t', omit) }}" setype: "{{ (preinstall_selinux_state != 'disabled') | ternary('etc_t', omit) }}"
backup: yes backup: yes
mode: 0640 mode: 0600
notify: Node | restart kubelet notify: Node | restart kubelet
tags: tags:
- kubelet - kubelet
...@@ -22,7 +22,7 @@ ...@@ -22,7 +22,7 @@
template: template:
src: "kubelet-config.{{ kubeletConfig_api_version }}.yaml.j2" src: "kubelet-config.{{ kubeletConfig_api_version }}.yaml.j2"
dest: "{{ kube_config_dir }}/kubelet-config.yaml" dest: "{{ kube_config_dir }}/kubelet-config.yaml"
mode: 0640 mode: 0600
notify: Kubelet | restart kubelet notify: Kubelet | restart kubelet
tags: tags:
- kubelet - kubelet
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment