I was kubeadm installed k8s, Aqua now scanning through a configuration problem, we need to modify the startup parameters kubelet;
The default configuration file is named: 10-kubeadm.conf
#vim /usr/lib/systemd/system/kubelet.service.d/10-kubeadm.conf # Note: This dropin only works with kubeadm and kubelet v1.11+ [Service] Environment="KUBELET_KUBECONFIG_ARGS=--bootstrap-kubeconfig=/etc/kubernetes/bootstrap-kubelet.conf --kubeconfig=/etc/kubernetes/kubelet.conf" Environment="KUBELET_CONFIG_ARGS=--config=/var/lib/kubelet/config.yaml" Environment="KUBE_ALLOW_PRIV=--allow-privileged=false" # This is a file that "kubeadm init" and "kubeadm join" generates at runtime, populating the KUBELET_KUBEADM_ARGS variable dynamically EnvironmentFile=-/var/lib/kubelet/kubeadm-flags.env # This is a file that the user can use for overrides of the kubelet args as a last resort. Preferably, the user should use # the .NodeRegistration.KubeletExtraArgs object in the configuration files instead. KUBELET_EXTRA_ARGS should be sourced from this file. EnvironmentGoogle nmentFile ro = - / etc / sysconfig / omelet ExecStart = ExecStart = / usr / bin / omelet KUBELET_KUBECONFIG_ARGS $ $ $ KUBELET_CONFIG_ARGS KUBELET_KUBEADM_ARGS $ KUBELET_EXTRA_ARGS $ KUBE_ALLOW_PRIV
For example, I also need to add then add a key in ExecStart:
KUBE_ALLOW_PRIV=--allow-privileged=false
Loading a configuration file restart kubelet
# systemctl stop kubelet # systemctl daemon-reload # systemctl start kubelet