lacework-global-738

Set the --make-iptables-util-chains argument to true (Automated)

Description

Allow Kubelet to manage iptables.

Remediation

If using a Kubelet config file:

Edit the file to set makeIPTablesUtilChains: true.

If using command line arguments:

Edit the kubelet service file /etc/systemd/system/kubelet.service.d/10-kubeadm.conf on each worker node and remove the --make-iptables-util-chains argument from the KUBELET_SYSTEM_PODS_ARGS variable.

Reload the configuration to update it with the changes made using:

systemctl daemon-reload

Then restart the kubelet service using:

systemctl restart kubelet.service

References

https://kubernetes.io/docs/reference/config-api/kubelet-config.v1beta1/
https://kubernetes.io/docs/tasks/administer-cluster/kubelet-config-file/
https://kubernetes.io/docs/reference/command-line-tools-reference/kubelet/

Set the --make-iptables-util-chains argument to true (Automated)​

Description​

Remediation​

References​

Set the --make-iptables-util-chains argument to true (Automated)

Description

Remediation

References