首页 文库资料 文章资讯  上传文档  发布文章  登录账户

分类

全部云计算&大数据(7)rancher(7)

语言

全部英语(7)

格式

全部PDF文档 PDF(7)
 
本次搜索耗时 0.033 秒,为您找到相关结果约 7 个.

  • pdf文档 CIS 1.6 Benchmark - Self-Assessment Guide - Rancher v2.5.4

    --insecure-port=0 -- requestheader-group-headers=X-Remote-Group --secure-port=6443 --enable-admission- plugins=NamespaceLifecycle,LimitRanger,ServiceAccount,DefaultS torageClass,DefaultTolerationSeconds,Mut --insecure-port=0 -- requestheader-group-headers=X-Remote-Group --secure-port=6443 --enable-admission- plugins=NamespaceLifecycle,LimitRanger,ServiceAccount,DefaultS CIS 1.6 Benchmark - Self-Assessment Guide --insecure-port=0 -- requestheader-group-headers=X-Remote-Group --secure-port=6443 --enable-admission- plugins=NamespaceLifecycle,LimitRanger,ServiceAccount,DefaultS torageClass,DefaultTolerationSeconds,Mut
    0 码力 | 132 页 | 1.12 MB | 1 年前
    3

  • pdf文档 CIS Benchmark Rancher Self-Assessment Guide - v2.4

    kubernetes/manifests/kube-apiserver.yaml on the master node and either remove the --enable-admission-plugins parameter, or set it to a value that does not include AlwaysAdmit. Audit: /bin/ps -ef | grep kube-apiserver PersistentVolumeClaimResize,PodSecurityPoli cy,EventRateLimit' not have 'AlwaysAdmit' OR '--enable- admission-plugins' is not present CIS Benchmark Rancher Self-Assessment Guide - v2.4 18 1.2.14 Ensure that the admission /etc/kubernetes/manifests/kube-apiserver.yaml on the master node and ensure that the --disable-admission- plugins parameter is set to a value that does not include ServiceAcco unt. Audit: /bin/ps -ef | grep kube-apiserver
    0 码力 | 54 页 | 447.77 KB | 1 年前
    3

  • pdf文档 CIS 1.5 Benchmark - Self-Assessment Guide - Rancher v2.5

    kubernetes/manifests/kube-apiserver.yaml on the master node and either remove the --enable-admission-plugins parameter, or set it to a value that does not include AlwaysAdmit. Audit: /bin/ps -ef | grep kube-apiserver PersistentVolumeClaimResize,PodSecurityPoli cy,EventRateLimit' not have 'AlwaysAdmit' OR '--enable- admission-plugins' is not present CIS 1.5 Benchmark - Self-Assessment Guide - Rancher v2.5 18 1.2.14 Ensure that /etc/kubernetes/manifests/kube-apiserver.yaml on the master node and ensure that the --disable-admission- plugins parameter is set to a value that does not include ServiceAcco unt. Audit: /bin/ps -ef | grep kube-apiserver
    0 码力 | 54 页 | 447.97 KB | 1 年前
    3

  • pdf文档 Hardening Guide - Rancher v2.3.3+

    u t : --anonymous-auth=false --profiling=false --service-account-lookup=true --enable-admission-plugins=ServiceAccount,NamespaceLifecycle,LimitRanger,PersistentVolumeLabel,DefaultStorageClass,ResourceQuota secrets_encryption_config: enabled: true extra_args: anonymous-auth: "false" enable-admission-plugins: "ServiceAccount,NamespaceLifecycle,LimitRanger,PersistentVolumeLabel,DefaultStorageClass,ResourceQuota extra_binds: - "/opt/kubernetes:/opt/kubernetes" F or k 8s 1. 14 enable-admission-plugins s h ou l d b e enable-admission-plugins: "ServiceAccount,NamespaceLifecycle,LimitRanger,PersistentVolumeLabel,DefaultStorageClass
    0 码力 | 44 页 | 279.78 KB | 1 年前
    3

  • pdf文档 Rancher CIS Kubernetes v.1.4.0 Benchmark Self Assessment

    (Scored) Audit docker inspect kube-apiserver | jq -e '.[0].Args[] | match("--enable-admission-plugins=.*(AlwaysAdmit).*").captures[].string' Returned Value: null Result: Pass 1.1.11 - Ensure that (Scored) Audit docker inspect kube-apiserver | jq -e '.[0].Args[] | match("--enable-admission-plugins=.*(AlwaysPullImages).*").captures[].string' Returned Value: AlwaysPullImages Result: Pass 1 (Scored) Audit docker inspect kube-apiserver | jq -e '.[0].Args[] | match("--enable-admission-plugins=.*(DenyEscalatingExec).*").captures[].string' Returned Value: DenyEscalatingExec Result: Pass
    0 码力 | 47 页 | 302.56 KB | 1 年前
    3

  • pdf文档 Rancher Hardening Guide Rancher v2.1.x

    ensure that the file contains: apiVersion: apiserver.k8s.io/v1alpha1 kind: AdmissionConfiguration plugins: - name: EventRateLimit path: /etc/kubernetes/event.yaml For event.yaml ensure that the file yaml set the contents to: apiVersion: apiserver.k8s.io/v1alpha1 kind: AdmissionConfiguration plugins: - name: EventRateLimit path: /etc/kubernetes/event.yaml For event.yaml set the contents to: --profiling=false --repair-malformed-updates=false --service-account-lookup=true --enable-admission-plugins= "ServiceAccount,NamespaceLifecycle,LimitRanger,PersistentVolumeLabel,D efaultStorageClass,ResourceQuota
    0 码力 | 24 页 | 336.27 KB | 1 年前
    3

  • pdf文档 Cloud Native Contrail Networking Installation and Life Cycle ManagementGuide for Rancher RKE2

    'https://github.com/containernetworking/plugins/releases/download/v1.1.1/cni-plugins- linux-amd64-v1.1.1.tgz' c. Untar and gunzip the .tgz file. tar -xzvf cni-plugins-linux-amd64-v1.1.1.tgz 62 Configure 'https://github.com/containernetworking/plugins/releases/download/v1.1.1/cni-plugins- linux-amd64-v1.1.1.tgz' c. Untar and gunzip the .tgz file. tar -xzvf cni-plugins-linux-amd64-v1.1.1.tgz 65 Configure
    0 码力 | 72 页 | 1.01 MB | 1 年前
    3
共 7 条
  • 1
前往
相关搜索词
CIS1.6BenchmarkSelfAssessmentGuideRancherv25.41.5Hardening3.3Kubernetes1.4CloudNativeContrailNetworkingInstallationandLifeCycleManagementGuideforRKE2