API server should have the anonymous-auth argument set to false

kubernetes

Set up the kubernetes integration.

이 페이지는 아직 영어로 제공되지 않습니다. 번역 작업 중입니다.
현재 번역 프로젝트에 대한 질문이나 피드백이 있으신 경우 언제든지 연락주시기 바랍니다.

Description

Anonymous requests to the kubelet server should be disabled. When enabled, requests that are not rejected by other configured authentication methods are treated as anonymous requests. These requests are then served by the kubelet server.

Remediation

  1. If using a kubelet config file, edit the file to set authentication: anonymous:enabled to authentication: anonymous:false.

  2. If using executable arguments, edit the kubelet service file /etc/systemd/system/kubelet.service.d/10-kubeadm.conf on each worker node and set the below parameter in the KUBELET_SYSTEM_PODS_ARGS variable:

--anonymous-auth=false
  1. Restart the kubelet service.