Skip to content
This repository has been archived by the owner on Oct 24, 2023. It is now read-only.

feat: adding windows defender process exclusions #2967

Merged
merged 1 commit into from Apr 2, 2020
Merged

feat: adding windows defender process exclusions #2967

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
8 changes: 8 additions & 0 deletions parts/k8s/kuberneteswindowsfunctions.ps1
View file
Open in desktop
Expand Up @@ -233,3 +233,11 @@ function Assert-FileExists {
throw "$Filename does not exist"
}
}

function Update-DefenderPreferences {
Add-MpPreference -ExclusionProcess "c:\k\kubelet.exe"

if ($global:EnableCsiProxy) {
Add-MpPreference -ExclusionProcess "c:\k\csi-proxy-server.exe"
}
}
3 changes: 2 additions & 1 deletion parts/k8s/kuberneteswindowssetup.ps1
View file
Open in desktop
Expand Up @@ -406,7 +406,8 @@ try
Adjust-DynamicPortRange
Register-LogsCleanupScriptTask
Register-NodeResetScriptTask

Update-DefenderPreferences

if (Test-Path $CacheDir)
{
Write-Log "Removing aks-engine bits cache directory"
Expand Down
11 changes: 10 additions & 1 deletion pkg/engine/templates_generated.go
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.