From 2e1f63f951c82a76fd20b19b811592535962c82d Mon Sep 17 00:00:00 2001
From: Florent Delannoy <florent.delannoy@gmail.com>
Date: Mon, 8 Jun 2020 18:55:12 +0100
Subject: [PATCH] Set readOnlyPort to 0 (#390)

See CIS Benchmark 4.2.4

Co-authored-by: Florent Delannoy <florent.delannoy.external@ynap.com>
---
 files/kubelet-config.json | 1 +
 1 file changed, 1 insertion(+)

diff --git a/files/kubelet-config.json b/files/kubelet-config.json
index af57dbf90..ad7aa2edd 100644
--- a/files/kubelet-config.json
+++ b/files/kubelet-config.json
@@ -23,6 +23,7 @@
   },
   "clusterDomain": "cluster.local",
   "hairpinMode": "hairpin-veth",
+  "readOnlyPort": 0,
   "cgroupDriver": "cgroupfs",
   "cgroupRoot": "/",
   "featureGates": {