hardening: Add SeccompDefault admission plugin for kubelet (#9074)

* docs(hardening): add SeccompDefault admission plugin to kubelet feature gates * fix(kubelet-config): enable config through kubelet_feature_gates * feat(kubelet): add kubelet_seccomp_default variable
2025-12-14 13:54:37 +03:00 · 2022-07-19 09:50:07 +02:00
parent 98c194735c
commit 3ce5458f32
2 changed files with 7 additions and 3 deletions
--- a/docs/hardening.md
+++ b/docs/hardening.md
@@ -83,7 +83,8 @@ kubelet_event_record_qps: 1
 kubelet_rotate_certificates: true
 kubelet_streaming_connection_idle_timeout: "5m"
 kubelet_make_iptables_util_chains: true
-kubelet_feature_gates: ["RotateKubeletServerCertificate=true"]
+kubelet_feature_gates: ["RotateKubeletServerCertificate=true","SeccompDefault=true"]
+kubelet_seccomp_default: true

 # additional configurations
 kube_owner: root