kube-bench icon indicating copy to clipboard operation
kube-bench copied to clipboard

Published 20 hours ago verified publisher icon aquasecurity

Kube-bench support for kubeadm testing

Open lizrice opened this issue 8 years ago • 5 comments
trafficstars

See discussion started under issue #56. It would be great to use kube-bench as part of kubeadm testing to ensure sensible defaults.

lizrice avatar Nov 01 '17 15:11 lizrice

Tagging @luxas who had the original idea :-)

lizrice avatar Nov 01 '17 15:11 lizrice

Could you test to run kube-bench against a kubeadm cluster and post the results here? I might be able to do it as well, but will be delayed a some weeks or so in that case :(

After we have the inital report for v1.8, we can see how both kube-bench and kubeadm can be improved. Eventually, as a consequence of that work, we can start automatically enforcing these test results in automated e2e tests.

Cheers, thanks for the great project!

luxas avatar Nov 01 '17 18:11 luxas

@luxas just as an FYI, I'm working on securing a cluster using kube-bench and generating a kubeadm configuration file using jsonnet. The project is here: https://github.com/apptio/kubeadm-bootstrap/issues/4

The complete configuration file will be here: https://github.com/apptio/kubeadm-bootstrap/blob/master/lib/kubeadm.libsonnet

This might help in future.

jaxxstorm avatar Jan 30 '18 17:01 jaxxstorm

Hey @jaxxstorm @luxas are you guys still looking into this?

robertojrojas avatar Nov 06 '19 23:11 robertojrojas

I'm not, I've stepped down from kubeadm day-to-day development.

luxas avatar Nov 24 '19 10:11 luxas