Hello,
I cannot PASS the checks for:
[INFO] 4 Worker Node Security Configuration
[INFO] 4.1 Worker Node Configuration Files
as you can see in the image, the changes are done, but I still got FAIL for both of them,
Thank you!
This is because you ran it on controlplane, which itself is a worker node because it has a kubelet.
The task asked you to set permissions on that file on node01
If you download kube-bench to node01 and run it there you will find:
- That the output begins with section 4 (worker node), because node01 does not have control plane components.
- That task
4.1.1is green and passed.
There is no magic that allows kube-bench running on one node to examine the filesystem of another. It works only for the node you run it on in terms of those checks.
Hello,
You’re right, indeed, it makes sense to scan only the existing node. The system passed all the checks in the end,
Thank you!