If Kubernetes cluster nodes are analyzed by security scanners (antivirus tools), you may need to configure them to avoid false positives.
Deckhouse Kubernetes Platform (DKP) uses the following directories when running (download in CSV):
-
/mnt/kubernetes-data
(master node) — only exists in clusters deployed in the cloud when a separate disk is used for the etcd database. -
/var/lib/etcd
(master node) — etcd database. -
/var/lib/deckhouse/
(master node) — files of Deckhouse modules, which dynamically loads from a registry. -
/var/lib/upmeter
(master node, theupmeter
module) — the upmeter module database. -
/etc/kubernetes
(any node) — manifests of static pods, PKI certificate files. -
/var/lib/bashible
(any node) — node configuration files. -
/var/lib/containerd
(any node) — used to store data related to CRI operation (e.g., containerd); contains container image layers, container file system snapshots, meta information, logs, and other container information. -
/mnt/vector-data
(any node, thelog-shipper
module) — checkpoints of sent logs. -
/var/log/containers
(any node) — logs of containers (when usingcontainerd
). -
/var/lib/kubelet/
(any node) —kubelet
configuration files. -
/opt/cni/bin/
(any node) — CNI plugin executables. -
/opt/deckhouse/bin/
(any node) — executable files required for Deckhouse to work. -
/var/log/pods/
(any node) — logs of all pod containers that are running on this cluster node. -
/etc/cni/
(any node) — CNI plugin configuration files.