Kubelet nodes should only be authorized to read objects they are associated with
Set up the kubernetes integration.
このページは日本語には対応しておりません。随時翻訳に取り組んでいます。翻訳に関してご質問やご意見ございましたら、お気軽にご連絡ください。
Description
Kubelet nodes should only read objects associated to them. The Node authorization mode only allows kubelets to read Secret
, ConfigMap
, PersistentVolume
, and PersistentVolumeClaim
objects associated with their nodes.
Edit the API server pod specification file /etc/kubernetes/manifests/kube-apiserver.yaml
on the master node, and set the --authorization-mode
parameter to a value that includes Node
. For example, --authorization-mode=Node,RBAC
.