Workload misconfigurations

Kubernetes node’s kubelet streaming-connection-idle-timeout is set 0

Risk Level

Informational (4)

Platform(s)
  • N/A

Description

The kubelet reads various parameters, including security settings, from a config file. Setting idle timeouts ensures that you are protected against Denial-of-Service attacks, inactive connections and running out of ephemeral ports. Orca has detected that the StreamingConnectionIdleTimeout is set to 0 on {K8sNode.Vm}.
  • Recommended Mitigation

    Set {K8sNode}'s Kubelet's streamingConnectionIdleTimeout to a value greater than 0.