mirror of
https://github.com/aquasecurity/kube-bench.git
synced 2025-02-07 13:12:56 +00:00
Add config paths for microk8s (#556)
* Add config paths for microk8s * Fix order for kube-proxy conf path and fix yaml linting issue Co-authored-by: Mathis Kretz <mathis@bespinian.io> Co-authored-by: Liz Rice <liz@lizrice.com>
This commit is contained in:
Mathis Kretz
GitHub
parent
60f2fb592a
commit
9efd942bcc
@ -30,6 +30,7 @@ master:
|
|||||||
- /etc/kubernetes/manifests/kube-apiserver.yml
|
- /etc/kubernetes/manifests/kube-apiserver.yml
|
||||||
- /etc/kubernetes/manifests/kube-apiserver.manifest
|
- /etc/kubernetes/manifests/kube-apiserver.manifest
|
||||||
- /var/snap/kube-apiserver/current/args
|
- /var/snap/kube-apiserver/current/args
|
||||||
|
- /var/snap/microk8s/current/args/kube-apiserver
|
||||||
defaultconf: /etc/kubernetes/manifests/kube-apiserver.yaml
|
defaultconf: /etc/kubernetes/manifests/kube-apiserver.yaml
|
||||||
|
|
||||||
scheduler:
|
scheduler:
|
||||||
@ -43,6 +44,7 @@ master:
|
|||||||
- /etc/kubernetes/manifests/kube-scheduler.yml
|
- /etc/kubernetes/manifests/kube-scheduler.yml
|
||||||
- /etc/kubernetes/manifests/kube-scheduler.manifest
|
- /etc/kubernetes/manifests/kube-scheduler.manifest
|
||||||
- /var/snap/kube-scheduler/current/args
|
- /var/snap/kube-scheduler/current/args
|
||||||
|
- /var/snap/microk8s/current/args/kube-scheduler
|
||||||
defaultconf: /etc/kubernetes/manifests/kube-scheduler.yaml
|
defaultconf: /etc/kubernetes/manifests/kube-scheduler.yaml
|
||||||
|
|
||||||
controllermanager:
|
controllermanager:
|
||||||
@ -57,6 +59,7 @@ master:
|
|||||||
- /etc/kubernetes/manifests/kube-controller-manager.yml
|
- /etc/kubernetes/manifests/kube-controller-manager.yml
|
||||||
- /etc/kubernetes/manifests/kube-controller-manager.manifest
|
- /etc/kubernetes/manifests/kube-controller-manager.manifest
|
||||||
- /var/snap/kube-controller-manager/current/args
|
- /var/snap/kube-controller-manager/current/args
|
||||||
|
- /var/snap/microk8s/current/args/kube-controller-manager
|
||||||
defaultconf: /etc/kubernetes/manifests/kube-controller-manager.yaml
|
defaultconf: /etc/kubernetes/manifests/kube-controller-manager.yaml
|
||||||
|
|
||||||
etcd:
|
etcd:
|
||||||
@ -70,6 +73,7 @@ master:
|
|||||||
- /etc/etcd/etcd.conf
|
- /etc/etcd/etcd.conf
|
||||||
- /var/snap/etcd/common/etcd.conf.yml
|
- /var/snap/etcd/common/etcd.conf.yml
|
||||||
- /var/snap/etcd/common/etcd.conf.yaml
|
- /var/snap/etcd/common/etcd.conf.yaml
|
||||||
|
- /var/snap/microk8s/current/args/etcd
|
||||||
defaultconf: /etc/kubernetes/manifests/etcd.yaml
|
defaultconf: /etc/kubernetes/manifests/etcd.yaml
|
||||||
|
|
||||||
flanneld:
|
flanneld:
|
||||||
@ -93,6 +97,7 @@ node:
|
|||||||
- "/etc/kubernetes/pki/ca.crt"
|
- "/etc/kubernetes/pki/ca.crt"
|
||||||
- "/etc/kubernetes/certs/ca.crt"
|
- "/etc/kubernetes/certs/ca.crt"
|
||||||
- "/etc/kubernetes/cert/ca.pem"
|
- "/etc/kubernetes/cert/ca.pem"
|
||||||
|
- "/var/snap/microk8s/current/certs/ca.crt"
|
||||||
svc:
|
svc:
|
||||||
# These paths must also be included
|
# These paths must also be included
|
||||||
# in the 'confs' property below
|
# in the 'confs' property below
|
||||||
@ -100,6 +105,7 @@ node:
|
|||||||
- "/etc/systemd/system/kubelet.service"
|
- "/etc/systemd/system/kubelet.service"
|
||||||
- "/lib/systemd/system/kubelet.service"
|
- "/lib/systemd/system/kubelet.service"
|
||||||
- "/etc/systemd/system/snap.kubelet.daemon.service"
|
- "/etc/systemd/system/snap.kubelet.daemon.service"
|
||||||
|
- "/etc/systemd/system/snap.microk8s.daemon-kubelet.service"
|
||||||
bins:
|
bins:
|
||||||
- "hyperkube kubelet"
|
- "hyperkube kubelet"
|
||||||
- "kubelet"
|
- "kubelet"
|
||||||
@ -107,6 +113,7 @@ node:
|
|||||||
- "/etc/kubernetes/kubelet.conf"
|
- "/etc/kubernetes/kubelet.conf"
|
||||||
- "/var/lib/kubelet/kubeconfig"
|
- "/var/lib/kubelet/kubeconfig"
|
||||||
- "/etc/kubernetes/kubelet-kubeconfig"
|
- "/etc/kubernetes/kubelet-kubeconfig"
|
||||||
|
- "/var/snap/microk8s/current/credentials/kubelet.config"
|
||||||
confs:
|
confs:
|
||||||
- "/var/lib/kubelet/config.yaml"
|
- "/var/lib/kubelet/config.yaml"
|
||||||
- "/var/lib/kubelet/config.yml"
|
- "/var/lib/kubelet/config.yml"
|
||||||
@ -116,6 +123,7 @@ node:
|
|||||||
- "/etc/default/kubelet"
|
- "/etc/default/kubelet"
|
||||||
- "/var/lib/kubelet/kubeconfig"
|
- "/var/lib/kubelet/kubeconfig"
|
||||||
- "/var/snap/kubelet/current/args"
|
- "/var/snap/kubelet/current/args"
|
||||||
|
- "/var/snap/microk8s/current/args/kubelet"
|
||||||
## Due to the fact that the kubelet might be configured
|
## Due to the fact that the kubelet might be configured
|
||||||
## without a kubelet-config file, we use a work-around
|
## without a kubelet-config file, we use a work-around
|
||||||
## of pointing to the systemd service file (which can also
|
## of pointing to the systemd service file (which can also
|
||||||
@ -125,6 +133,7 @@ node:
|
|||||||
- "/etc/systemd/system/kubelet.service"
|
- "/etc/systemd/system/kubelet.service"
|
||||||
- "/lib/systemd/system/kubelet.service"
|
- "/lib/systemd/system/kubelet.service"
|
||||||
- "/etc/systemd/system/snap.kubelet.daemon.service"
|
- "/etc/systemd/system/snap.kubelet.daemon.service"
|
||||||
|
- "/etc/systemd/system/snap.microk8s.daemon-kubelet.service"
|
||||||
defaultconf: "/var/lib/kubelet/config.yaml"
|
defaultconf: "/var/lib/kubelet/config.yaml"
|
||||||
defaultsvc: "/etc/systemd/system/kubelet.service.d/10-kubeadm.conf"
|
defaultsvc: "/etc/systemd/system/kubelet.service.d/10-kubeadm.conf"
|
||||||
defaultkubeconfig: "/etc/kubernetes/kubelet.conf"
|
defaultkubeconfig: "/etc/kubernetes/kubelet.conf"
|
||||||
@ -142,11 +151,14 @@ node:
|
|||||||
- /etc/kubernetes/addons/kube-proxy-daemonset.yaml
|
- /etc/kubernetes/addons/kube-proxy-daemonset.yaml
|
||||||
- /etc/kubernetes/addons/kube-proxy-daemonset.yml
|
- /etc/kubernetes/addons/kube-proxy-daemonset.yml
|
||||||
- /var/snap/kube-proxy/current/args
|
- /var/snap/kube-proxy/current/args
|
||||||
|
- /var/snap/microk8s/current/args/kube-proxy
|
||||||
kubeconfig:
|
kubeconfig:
|
||||||
- "/etc/kubernetes/kubelet-kubeconfig"
|
- "/etc/kubernetes/kubelet-kubeconfig"
|
||||||
- "/var/lib/kubelet/kubeconfig"
|
- "/var/lib/kubelet/kubeconfig"
|
||||||
|
- "/var/snap/microk8s/current/credentials/proxy.config"
|
||||||
svc:
|
svc:
|
||||||
- "/lib/systemd/system/kube-proxy.service"
|
- "/lib/systemd/system/kube-proxy.service"
|
||||||
|
- "/etc/systemd/system/snap.microk8s.daemon-proxy.service"
|
||||||
defaultconf: /etc/kubernetes/addons/kube-proxy-daemonset.yaml
|
defaultconf: /etc/kubernetes/addons/kube-proxy-daemonset.yaml
|
||||||
defaultkubeconfig: "/etc/kubernetes/proxy.conf"
|
defaultkubeconfig: "/etc/kubernetes/proxy.conf"
|
||||||
|
|
||||||
@ -164,6 +176,7 @@ etcd:
|
|||||||
- /etc/etcd/etcd.conf
|
- /etc/etcd/etcd.conf
|
||||||
- /var/snap/etcd/common/etcd.conf.yml
|
- /var/snap/etcd/common/etcd.conf.yml
|
||||||
- /var/snap/etcd/common/etcd.conf.yaml
|
- /var/snap/etcd/common/etcd.conf.yaml
|
||||||
|
- /var/snap/microk8s/current/args/etcd
|
||||||
defaultconf: /etc/kubernetes/manifests/etcd.yaml
|
defaultconf: /etc/kubernetes/manifests/etcd.yaml
|
||||||
|
|
||||||
controlplane:
|
controlplane:
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user