Skip to content

luckylittle/ansible-role-openshift4-cis

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

8 Commits
.github
.github
 
 
defaults
defaults
 
 
docs
docs
 
 
handlers
handlers
 
 
meta
meta
 
 
tasks
tasks
 
 
tests
tests
 
 
vars
vars
 
 
.travis.yml
.travis.yml
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

WIP -- ansible-role-openshift4-cis

Based on CIS Kubernetes Benchmark v1.5.1 [14 Feb 2020].

Requirements

Tested on ansible 2.9.4. It also requires kubectl for the category 5 tasks.

Role Variables

  • scored
  • not_scored
  • level_1
  • level_2
  • path_to_cni_files
  • proxy_kubeconfig_file
  • client_ca_file
  • kubelet_config

Dependencies

Unknown at the moment

Example Playbook

Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too:

  • requirements.yml:
- src: https://github.com/luckylittle/ansible-role-openshift4-cis
  version: master
  • playbook.yaml:
- hosts: all
  remote_user: core
  roles:
    - ansible-role-openshift4-cis
  • Execution:
ansible-galaxy install --force -r requirements.yml -p roles/
ansible-playbook -i inventory

The inventory must contain specific host groups, that the role relies on:

[localhost]
localhost

[masters]
master[0:2]

[etcd:children]
masters

[workers]
worker[0:4]

License

MIT

Author Information

Lucian Maly <lucian@redhat.com>

Some inspiration from this source was used.

Last update: Mon Mar 30 04:25:20 UTC 2020

About

CIS Kubernetes Benchmark 1.5.1 tailored to Red Hat OpenShift v4

Topics

kubernetes ansible cis openshift ansible-role hardening kubernetes-hardening openshift4 openshift4-cis openshift-hardening ansible-hardening-role

Resources

Readme

License

MIT license
Activity

Stars

3 stars

Watchers

0 watching

Forks

2 forks
Report repository

Releases

No releases published

Sponsor this project

 
Learn more about GitHub Sponsors

Packages

No packages published