mirrors/kubernetes-the-hard-way
1
0
Fork 0
mirror of https://github.com/kelseyhightower/kubernetes-the-hard-way.git synced 2025-12-15 01:08:58 +03:00
Code Issues Projects Releases Wiki Activity

Protect the Kubelet API

Browse Source 
Setting required to prevent: https://github.com/kayrus/kubelet-exploit
This commit is contained in:
bgeesaman
2017-09-01 23:45:42 -04:00
committed by GitHub
parent 4ca7c45046
commit 12ce8c5a89
1 changed files with 1 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
docs/09-bootstrapping-kubernetes-workers.md
View File

@@ -185,6 +185,7 @@ Requires=crio.service
[Service] [Service]
ExecStart=/usr/local/bin/kubelet \\ ExecStart=/usr/local/bin/kubelet \\
--authorization-mode=Webhook \\
--allow-privileged=true \\ --allow-privileged=true \\
--cluster-dns=10.32.0.10 \\ --cluster-dns=10.32.0.10 \\
--cluster-domain=cluster.local \\ --cluster-domain=cluster.local \\