Kubernetes change kubelet config at all cluster

I need add argument --authentication-token-webhook in Kubelet. I can change file /etc/systemd/system/kubelet.service.d/10-kubeadm.conf at all nodes step by step with my hands. But it is not funny )). How can I change Kubelet arguments from single point?

Solution

You can either

configure your Kubernetes workers via tools like Puppet or Ansible. Write your service drop-in once and deploy it via the tool to all nodes. Make sure you don't restart all kubelets at once (keyword serial for Ansible). Also, don't change 10-kubeadm.conf, drop in another file like 20-kubeadm-extra-args.conf and set the environment variable KUBELET_EXTRA_ARGS.
or use a Kubernetes feature called DynamicKubeletConfig. Beware that this is an alpha feature (as of Kubernetes 1.10) and has to be enabled by hand. I wouldn't recommend this method (yet, as long as it's an alpha feature), but it might become a feasible option in the future.

Envoy Gateway with OIDC and direct bearer token
AKS CrashLoopBackOff for an image working without problem in docker host: logs: error: container containerd://x is not valid for pod flask-app
Helm Convert chart labels multiline string to comma-separated string
What is the relation between "container_memory_working_set_bytes" metric and OOM-killer on the container?
Running the Postgres CLI client from a Kubernetes jumpbox
How to set up RabbitMQ default queue type to quorum queue on bootstrap?
How to pass helm values dynamically
Windows & Linux living together in Kubernetes cluster
NextJS symlinks not updating and crashing the application in Kubernetes deployment
How to parse json format output of : kubectl get pods using jsonpath
I occasionally get such an error "the object has been modified" when I update node or deploy with client-go
Restart Pod when secrets gets updated
kubectl unable to connect to server: x509: certificate signed by unknown authority
kustomization Error: json: cannot unmarshal number into Go struct field Image.images.newTag of type string
Scale deployment with python client in Kubernetes
ValidationError(Ingress.spec.rules[0].http): missing required field "paths"
Execute bash command in pod with kubectl?
Why is my K8s network policy denying access when it should by matching the label
What is the difference between always and on failure for Kubernetes restart policy?
ArgoCd does not trigger on GitOps repo update?
Should I do liveness probe and readiness probe every second?
How to list kubernetes services in k9s?
Connecting K8s and Nomad using a single Consul Server (DC1). Is this even possible or what is the next best way to do so?
What does "eksctl create iamserviceaccount" do under the hood on an EKS cluster?
Helm chart. I cannot send a command to the container via --set
is it possible to shrink the spaces of io.containerd.snapshotter.v1.overlayfs folder in kubernetes
Cannot connect to Kubernetes NodePort Service
How add JAVA_OPTS variable to wildfly by kubernetes yaml file?
Is there a way to enable shareProcessNamespace for helm post-install hook?
Helm Template Indention Error Using Dict Split and Range