mirror of
https://github.com/aquasecurity/kube-bench.git
synced 2024-12-25 16:08:08 +00:00
Merge pull request #233 from aquasecurity/clean-ocp-configs
Clean up OCP benchmark config.
This commit is contained in:
commit
8745df170a
cfg/ocp-3.10
@ -11,25 +11,20 @@ master:
|
|||||||
apiserver:
|
apiserver:
|
||||||
bins:
|
bins:
|
||||||
- openshift start master api
|
- openshift start master api
|
||||||
defaultconf: /etc/origin/master/master-config.yaml
|
|
||||||
|
|
||||||
scheduler:
|
scheduler:
|
||||||
bins:
|
bins:
|
||||||
- openshift start master controllers
|
- openshift start master controllers
|
||||||
defaultconf: /etc/origin/master/master-config.yaml
|
|
||||||
|
|
||||||
controllermanager:
|
controllermanager:
|
||||||
bins:
|
bins:
|
||||||
- openshift start master controllers
|
- openshift start master controllers
|
||||||
defaultconf: /etc/origin/master/master-config.yaml
|
|
||||||
|
|
||||||
etcd:
|
|
||||||
defaultconf: /etc/kubernetes/manifests/etcd.yaml
|
|
||||||
|
|
||||||
node:
|
node:
|
||||||
kubelet:
|
kubelet:
|
||||||
defaultconf: /etc/kubernetes/kubelet.conf
|
bins:
|
||||||
defaultsvc: /etc/systemd/system/kubelet.service.d/10-kubeadm.conf
|
- openshift start network
|
||||||
|
|
||||||
proxy:
|
proxy:
|
||||||
defaultconf: /etc/kubernetes/addons/kube-proxy-daemonset.yaml
|
bins:
|
||||||
|
- openshift start network
|
||||||
|
@ -1043,7 +1043,7 @@ groups:
|
|||||||
remediation: |
|
remediation: |
|
||||||
On the etcd server node, get the etcd data directory, passed as an argument --data-dir ,
|
On the etcd server node, get the etcd data directory, passed as an argument --data-dir ,
|
||||||
from the below command:
|
from the below command:
|
||||||
ps -ef | grep $etcdbin
|
ps -ef | grep etcd
|
||||||
Run the below command (based on the etcd data directory found above). For example,
|
Run the below command (based on the etcd data directory found above). For example,
|
||||||
chmod 700 /var/lib/etcd
|
chmod 700 /var/lib/etcd
|
||||||
scored: true
|
scored: true
|
||||||
|
Loading…
Reference in New Issue
Block a user