A GKE Cluster's Kubelet should have the eventRecordQPS entry set

このページは日本語には対応しておりません。随時翻訳に取り組んでいます。
翻訳に関してご質問やご意見ございましたら、お気軽にご連絡ください

Description

Security relevant information should be captured. The eventRecordQPS setting in the Kubelet configuration controls the rate at which events are recorded, limiting the maximum number of events created per second. Setting this value too low may result in important events not being logged. Conversely, setting it to 0 (unlimited) could lead to a denial of service on the Kubelet.

Remediation

Choose one of the following remediation methods. For both methods, a restart of the Kubelet service is required.

Kubelet config file

  1. Add the following JSON to the <path-to-file>/10-kubeadm.conf file.
"eventRecordQPS": <integer>

Note: The default value is 50. The recommended value is 0 for unlimited.

Executable arguments

Note: The executable argument has been deprecated for this feature.