Skip to content

CIS Kubernetes Benchmark 1.5.1 tailored to Red Hat OpenShift v4

License

Notifications You must be signed in to change notification settings

luckylittle/ansible-role-openshift4-cis

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

8 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

WIP -- ansible-role-openshift4-cis

Based on CIS Kubernetes Benchmark v1.5.1 [14 Feb 2020].

Requirements

Tested on ansible 2.9.4. It also requires kubectl for the category 5 tasks.

Role Variables

  • scored
  • not_scored
  • level_1
  • level_2
  • path_to_cni_files
  • proxy_kubeconfig_file
  • client_ca_file
  • kubelet_config

Dependencies

Unknown at the moment

Example Playbook

Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too:

  • requirements.yml:
- src: https://github.com/luckylittle/ansible-role-openshift4-cis
  version: master
  • playbook.yaml:
- hosts: all
  remote_user: core
  roles:
    - ansible-role-openshift4-cis
  • Execution:
ansible-galaxy install --force -r requirements.yml -p roles/
ansible-playbook -i inventory

The inventory must contain specific host groups, that the role relies on:

[localhost]
localhost

[masters]
master[0:2]

[etcd:children]
masters

[workers]
worker[0:4]

License

MIT

Author Information

Lucian Maly <lucian@redhat.com>

Some inspiration from this source was used.


Last update: Mon Mar 30 04:25:20 UTC 2020