kube-bench 不适用于 k8s
[英]kube-bench is not applying on k8s
问题描述
I am trying to apply the kube-bench on k8s cluster on gcp environment.
我正在尝试在 gcp 环境中的 k8s 集群上应用 kube-bench。 while creating the cluster it is failing with message:在创建集群时它失败并显示消息:
Error: failed to generate container "<container_id>" spec: failed to generate spec: failed to mkdir "/srv/kubernetes": mkdir /srv: read-only file system
job.yml https://raw.githubusercontent.com/aquasecurity/kube-bench/main/job-master.yaml job.yml https://raw.githubusercontent.com/aquasecurity/kube-bench/main/job-master.yaml
git link: https://github.com/aquasecurity/kube-bench#installation git 链接: https://github.com/aquasecurity/kube-bench#installation
1 个解决方案
解决方案1
0 2022-01-17 23:38:20
Your trying to create folder inside folder with permission ReadOnly.您尝试在具有只读权限的文件夹内创建文件夹。
The easiest workaround to make it work is changing your path form:使其工作的最简单的解决方法是更改路径形式:
- name: srv-kubernetes
mountPath: /srv/kubernetes/
to fe :到 fe :
- name: srv-kubernetes
mountPath: /tmp/kubernetes/
The second solution is to change permissions for this folder.第二种解决方案是更改此文件夹的权限。
See also this and this questions with helpful answers, connected to your issue.另请参阅此问题和此问题以及与您的问题相关的有用答案。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.