public/rancher-docs
1
0
Fork 0
mirror of https://github.com/rancher/rancher-docs.git synced 2026-05-16 01:53:51 +00:00
Code Issues Packages Projects Releases Wiki Activity

Applied same fix for 2.1 and 2.2.

Browse Source
This commit is contained in:
David Noland
2019-10-23 21:49:06 -07:00
parent 50cb4dadd1
commit e7119e1fd1
2 changed files with 4 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files
content/rancher/v2.x/en/security/hardening-2.1/_index.md
+2 -2
View File
@@ -366,8 +366,8 @@ To pass the following controls in the CIS benchmark, ensure the appropriate flag
Inspect the Kubelet containers on all hosts and verify that they are running with the following options:
- `--streaming-connection-idle-timeout=<duration greater than 0>`
- `--protect-kernel-defaults=false`
- `--make-iptables-util-chains=false`
- `--protect-kernel-defaults=true`
- `--make-iptables-util-chains=true`
- `--event-qps=0`
**Remediation**
content/rancher/v2.x/en/security/hardening-2.2/_index.md
+2 -2
View File
@@ -385,8 +385,8 @@ Inspect the Kubelet containers on all hosts and verify that they are running wit
- `--streaming-connection-idle-timeout=<duration greater than 0>`
- `--authorization-mode=Webhook`
- `--protect-kernel-defaults=false`
- `--make-iptables-util-chains=false`
- `--protect-kernel-defaults=true`
- `--make-iptables-util-chains=true`
- `--event-qps=0`
- `--anonymous-auth=false`
- `--feature-gates="RotateKubeletServerCertificate=true"`