API server should have the anonymous-auth argument set to false

kubernetes

Set up the kubernetes integration.

이 페이지는 아직 한국어로 제공되지 않으며 번역 작업 중입니다. 번역에 관한 질문이나 의견이 있으시면 언제든지 저희에게 연락해 주십시오.

Description

Anonymous requests to the kubelet server should be disabled. When enabled, requests that are not rejected by other configured authentication methods are treated as anonymous requests. These requests are then served by the kubelet server.

Remediation

  1. If using a kubelet config file, edit the file to set authentication: anonymous:enabled to authentication: anonymous:false.

  2. If using executable arguments, edit the kubelet service file /etc/systemd/system/kubelet.service.d/10-kubeadm.conf on each worker node and set the below parameter in the KUBELET_SYSTEM_PODS_ARGS variable:

--anonymous-auth=false
  1. Restart the kubelet service.