A GKE Cluster's Kubelet should have the eventRecordQPS entry set
このページは日本語には対応しておりません。随時翻訳に取り組んでいます。
翻訳に関してご質問やご意見ございましたら、
お気軽にご連絡ください。
Description
Security relevant information should be captured. The eventRecordQPS
setting in the Kubelet configuration controls the rate at which events are recorded, limiting the maximum number of events created per second. Setting this value too low may result in important events not being logged. Conversely, setting it to 0 (unlimited) could lead to a denial of service on the Kubelet.
Choose one of the following remediation methods. For both methods, a restart of the Kubelet service is required.
Kubelet config file
- Add the following JSON to the
<path-to-file>/10-kubeadm.conf
file.
"eventRecordQPS": <integer>
Note: The default value is 50. The recommended value is 0 for unlimited.
Executable arguments
Note: The executable argument has been deprecated
for this feature.