mirror of
https://github.com/aquasecurity/kube-bench.git
synced 2024-11-25 17:38:21 +00:00
a9422a6623
* Overhaul K3s 1.X checks Signed-off-by: Derek Nola <derek.nola@suse.com> * Overhaul K3s 2.X Checks Signed-off-by: Derek Nola <derek.nola@suse.com> * Overhaul K3s 4.X checks Signed-off-by: Derek Nola <derek.nola@suse.com> * Overhaul K3s 5.X checks Signed-off-by: Derek Nola <derek.nola@suse.com> * Add K3s cis-1.8 scan Signed-off-by: Derek Nola <derek.nola@suse.com> * Fix K3s 1.1.10 check Signed-off-by: Derek Nola <derek.nola@suse.com> * Merge journalctl checks for K3s Signed-off-by: Derek Nola <derek.nola@suse.com> * Matched Manual/Automated to correct scoring (false/true) Signed-off-by: Derek Nola <derek.nola@suse.com> * Remove incorrect use of check_for_default_sa.sh script Signed-off-by: Derek Nola <derek.nola@suse.com> --------- Signed-off-by: Derek Nola <derek.nola@suse.com> Co-authored-by: afdesk <work@afdesk.com>
59 lines
977 B
YAML
59 lines
977 B
YAML
---
|
|
## Version-specific settings that override the values in cfg/config.yaml
|
|
|
|
master:
|
|
components:
|
|
- apiserver
|
|
- scheduler
|
|
- controllermanager
|
|
- etcd
|
|
- policies
|
|
|
|
apiserver:
|
|
bins:
|
|
- containerd
|
|
|
|
scheduler:
|
|
bins:
|
|
- containerd
|
|
kubeconfig:
|
|
- /var/lib/rancher/k3s/server/cred/scheduler.kubeconfig
|
|
|
|
controllermanager:
|
|
bins:
|
|
- containerd
|
|
kubeconfig:
|
|
- /var/lib/rancher/k3s/server/cred/controller.kubeconfig
|
|
|
|
|
|
etcd:
|
|
bins:
|
|
- containerd
|
|
|
|
etcd:
|
|
components:
|
|
- etcd
|
|
|
|
etcd:
|
|
confs: /var/lib/rancher/k3s/server/db/etcd/config
|
|
|
|
node:
|
|
components:
|
|
- kubelet
|
|
- proxy
|
|
|
|
kubelet:
|
|
bins:
|
|
- containerd
|
|
defaultkubeconfig: /var/lib/rancher/k3s/agent/kubelet.kubeconfig
|
|
defaultcafile: /var/lib/rancher/k3s/agent/client-ca.crt
|
|
|
|
proxy:
|
|
bins:
|
|
- containerd
|
|
defaultkubeconfig: /var/lib/rancher/k3s/agent/kubeproxy.kubeconfig
|
|
|
|
policies:
|
|
components:
|
|
- policies
|