From this official blog entry (Enable seccomp for all workloads with a new v1.22 alpha feature | Kubernetes), it claims that to enable the seccomp feature gate, two edits need to be made:
1. Enable the feature gate by setting the SeccompDefault=true via the command line (--feature-gates) or the kubelet configuration file. 2. Turn on the feature by enabling the feature by adding the --seccomp-default command line flag or via the kubelet configuration file (seccompDefault: true).
#2 is easy enough to do within the config.yaml file, but I haven’t been able to figure out how to do #1 within that same file as the blog suggests can be done. I could edit other files to add the command line version of the edit, but would prefer to leave all the custom configurations within a single file if possible.
There’s also the ConfigMap:
kubectl -n kube-system edit cm kubelet-config-1.22
if I want to enable a feature gate across the entire cluster, making an edit there seems like the best place? (Instead of editing configuration files across a bunch of nodes?)
kubernetes cluster spun up with kubeadm – currently at 1.22.4