lacework-global-736

Set the --read-only-port argument to 0 (Automated)

Description

Disable the read-only port.

Remediation

Note: Kubernetes deprecated this parameter. Set via the kubelet's --config flag instead.

If using a Kubelet config file:

Edit the file to set readOnlyPort to 0.

If using command line arguments:

Edit the kubelet service file /etc/systemd/system/kubelet.service.d/10-kubeadm.conf on each worker node and set the below parameter in KUBELET_SYSTEM_PODS_ARGS variable.

--read-only-port=0

Reload the configuration to update it with the changes made using:

systemctl daemon-reload

Then restart the kubelet service using:

systemctl restart kubelet.service

References

https://kubernetes.io/docs/reference/access-authn-authz/node/
https://kubernetes.io/docs/tasks/administer-cluster/kubelet-config-file/

Set the --read-only-port argument to 0 (Automated)​

Description​

Remediation​

References​

Set the --read-only-port argument to 0 (Automated)

Description

Remediation

References