kubernetes
/
website
mirror of https://github.com/kubernetes/website.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Merge pull request #6651 from ericchiang/securing-a-cluster/tweak-kubelet-api-docs 

securing a cluster: update language of kubelet API recommendations
reviewable/pr6670/r1
Joseph Heck 2018-01-07 17:16:47 -08:00 committed by GitHub
parent 29870ef75b f9ae051650
commit 982fbbda34
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 2 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
docs/tasks/administer-cluster/securing-a-cluster.md
View File

@ -73,11 +73,9 @@ Consult the [authorization reference section](/docs/admin/authorization/) for mo
## Controlling access to the Kubelet
Kubelets expose HTTPS endpoints which give access to data of varying sensitivity, and allow performing operations with varying levels of power on the node and within containers.
Kubelets expose HTTPS endpoints which grant powerful control over the node and containers. By default Kubelets allow unauthenticated access to this API.
By default, Kubelets allow full access to those endpoints.
To secure access to those endpoints, enable Kubelet authentication and authorization.
Production clusters should enable Kubelet authentication and authorization.
Consult the [Kubelet authentication/authorization reference](/docs/admin/kubelet-authentication-authorization) for more information.