Skip to content

Commit

Permalink
Add Node IPs to kubelet systemd service allowed IP addresses for clus…
Browse files Browse the repository at this point in the history 
…ter hardening
  • Loading branch information
Hadi Azaddel committed Jun 10, 2024
1 parent f85e969 commit a720c2b
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion docs/operations/hardening.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -107,7 +107,7 @@ kubelet_systemd_hardening: true
# IP addresses, kubelet_secure_addresses allows you
# to specify the IP from which the kubelet
# will receive the packets.
kubelet_secure_addresses: "localhost link-local {{ kube_pods_subnet }} 192.168.10.110 192.168.10.111 192.168.10.112"
kubelet_secure_addresses: "localhost link-local {{ kube_pods_subnet }} {{ groups['all'] | map('extract', hostvars, ['ansible_host']) | join(' ') }}""
# additional configurations
kube_owner: root
Expand Down

0 comments on commit a720c2b

Please sign in to comment.