adrien/ansible-role-kubernetes
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

Enable PodSecurityPolicy and configure auditing
Some checks failed
continuous-integration/drone/push Build is failing
Details

Browse source
This commit is contained in:
Adrien Reslinger 2020-07-08 00:27:43 +02:00
parent e8ebff30cc
commit cc7227c86d
3 changed files with 82 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

2
templates/kubeadm-config.yaml.j2
View file

@ -78,7 +78,9 @@ controlPlaneEndpoint: "{{ ansible_default_ipv4.address }}:6443"
{% endif %}
apiServer:
extraArgs:
enable-admission-plugins: NodeRestriction,PodSecurityPolicy
authorization-mode: "Node,RBAC"
audit-policy-file: "/etc/kubernetes/audit-policy.yaml"
audit-log-path: "/var/log/apiserver/audit.log"
audit-log-maxage: "30"
audit-log-maxbackup: "10"