0

I'm fixing pentest issues on a k8s bare metal infrastructure, deployed with ansible playbooks.

I've found that most of the modification to be done lay on the /etc/kubernetes/manifests/kube-apiserver.yaml file on the k8s master node.

I'm not really use to kubespray deep dived into the and wasn't able to identify where the API Server specification file is pulled from.

I aim to accurately modify ansible playbooks in order to automate changes. Can one here guide through with it please?

Frant
  • 5,382
  • 1
  • 16
  • 22
nixmind
  • 2,060
  • 6
  • 32
  • 54

1 Answers1

1

Kubespray supports kubeadm for cluster creation since v2.3.

kubeadm uses /etc/kuberntes/manifests as the path where kubelet should look for stating pod manifests. If you change anything in the files containing on that directory then kubelet detect the changes and deploy the change.

To learn more click here

hoque
  • 5,735
  • 1
  • 19
  • 29
  • Yes I understand @hoque but that still doesn't let me know where this file is hosted or from where it's generated before being rendered by `ansible` in the above manifests path – nixmind May 08 '20 at 22:26
  • I'm trying to play with `kube_kubeadm_apiserver_extra_args`, `kube_kubeadm_controller_extra_args`, `kube_kubeadm_scheduler_extra_args` , but still don't get to the alterate the config on the master node... – nixmind May 12 '20 at 19:29