Security best practice fixes (#1783)

* Disable basic and token auth by default * Add recommended security params * allow basic auth to fail in tests * Enable TLS authentication for kubelet
2025-12-14 05:45:06 +03:00 · 2017-10-15 20:41:17 +01:00
parent 66e5e14bac
commit d487b2f927
9 changed files with 23 additions and 8 deletions
--- a/docs/getting-started.md
+++ b/docs/getting-started.md
@@ -93,7 +93,8 @@ the Kubernetes [documentation](https://kubernetes.io/docs/tasks/access-applicati
 Accessing Kubernetes Dashboard
 ------------------------------

-If the variable `dashboard_enabled` is set (default is true), then you can
+If the variable `dashboard_enabled` is set (default is true) as well as
+kube_basic_auth (default is false), then you can
 access the Kubernetes Dashboard at the following URL:

  https://kube:_kube-password_@_host_:6443/ui/
@@ -102,6 +103,9 @@ To see the password, refer to the section above, titled *Connecting to
 Kubernetes*. The host can be any kube-master or kube-node or loadbalancer
 (when enabled).

+To access the Dashboard with basic auth disabled, follow the instructions here:
+https://kubernetes.io/docs/tasks/access-application-cluster/web-ui-dashboard/#command-line-proxy
+
 Accessing Kubernetes API
 ------------------------