disable kubelet_authorization_mode_webhook by default (#9239)
This commit is contained in:
parent
4a6600002f
commit
453dbcef1d
2 changed files with 1 additions and 2 deletions
|
@ -74,7 +74,6 @@ kube_kubeadm_scheduler_extra_args:
|
||||||
etcd_deployment_type: kubeadm
|
etcd_deployment_type: kubeadm
|
||||||
|
|
||||||
## kubelet
|
## kubelet
|
||||||
kubelet_authorization_mode_webhook: true
|
|
||||||
kubelet_authentication_token_webhook: true
|
kubelet_authentication_token_webhook: true
|
||||||
kube_read_only_port: 0
|
kube_read_only_port: 0
|
||||||
kubelet_rotate_server_certificates: true
|
kubelet_rotate_server_certificates: true
|
||||||
|
|
|
@ -484,7 +484,7 @@ rbac_enabled: "{{ 'RBAC' in authorization_modes }}"
|
||||||
kubelet_authentication_token_webhook: true
|
kubelet_authentication_token_webhook: true
|
||||||
|
|
||||||
# When enabled, access to the kubelet API requires authorization by delegation to the API server
|
# When enabled, access to the kubelet API requires authorization by delegation to the API server
|
||||||
kubelet_authorization_mode_webhook: true
|
kubelet_authorization_mode_webhook: false
|
||||||
|
|
||||||
# kubelet uses certificates for authenticating to the Kubernetes API
|
# kubelet uses certificates for authenticating to the Kubernetes API
|
||||||
# Automatically generate a new key and request a new certificate from the Kubernetes API as the current certificate approaches expiration
|
# Automatically generate a new key and request a new certificate from the Kubernetes API as the current certificate approaches expiration
|
||||||
|
|
Loading…
Reference in a new issue