Moritz Eckert
6dc97590fe
Enable and configure k8s audit-log ( #160 )
...
* Enable and configure k8s audit-log
* Update coordinator/kubernetes/k8sapi/kubeadm_config.go
Co-authored-by: Malte Poll <mp@edgeless.systems>
* add mount point for audit log dir in kubeadm conf
* Mount audit policy into kube-apiserver static pod
* Write default auditpolicy on cluster init / cluster join
Co-authored-by: Malte Poll <mp@edgeless.systems>
2022-05-20 17:30:37 +02:00
Moritz Eckert
5ad34e0425
Apply CIS benchmark to kubelet conf
...
Signed-off-by: Malte Poll <mp@edgeless.systems>
Co-authored-by: Moritz Eckert <me@edgeless.systems>
2022-05-12 17:25:45 +02:00
Moritz Eckert
adda637609
Apply CIS benchmark for kubeadm clusterconf
...
Signed-off-by: Malte Poll <mp@edgeless.systems>
2022-05-12 17:25:45 +02:00
Malte Poll
ddcb4dc95f
Pin kubernetes version deployed by kubeadm init
...
Signed-off-by: Malte Poll <mp@edgeless.systems>
2022-05-05 09:15:41 +02:00
Daniel Weiße
d9940fddae
Only set cloud-provider as external if supported by the CSP
...
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-04-28 14:46:24 +02:00
Benedict Schlueter
0ac9617dac
kubernetes: support for certKey request / support for control-plane join
...
Signed-off-by: Benedict Schlueter <bs@edgeless.systems>
2022-04-25 17:39:18 +02:00
Malte Poll
f77536b38b
Use containerd CRI socket in kubernetes
2022-04-04 10:57:54 +02:00
Leonard Cohnen
2d8fcd9bf4
monorepo
...
Co-authored-by: Malte Poll <mp@edgeless.systems>
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
Co-authored-by: Daniel Weiße <dw@edgeless.systems>
Co-authored-by: Thomas Tendyck <tt@edgeless.systems>
Co-authored-by: Benedict Schlueter <bs@edgeless.systems>
Co-authored-by: leongross <leon.gross@rub.de>
Co-authored-by: Moritz Eckert <m1gh7ym0@gmail.com>
2022-03-22 16:09:39 +01:00