Merge "K8S Audit Policy file missing on Standby controller (dsr8 mr3, dsr8 mr2+)"
This commit is contained in:
commit
055956be30
@ -83,11 +83,11 @@ my-audit-policy-file ...}`` parameter. By configuring the parameter
|
|||||||
audit-log-maxbackup: '3'
|
audit-log-maxbackup: '3'
|
||||||
audit-log-maxsize: '40'
|
audit-log-maxsize: '40'
|
||||||
audit-log-path: '/var/log/kubernetes/audit/audit.log'
|
audit-log-path: '/var/log/kubernetes/audit/audit.log'
|
||||||
audit-policy-file: '/etc/kubernetes/my-audit-policy-file.yml'
|
audit-policy-file: '/etc/kubernetes/my-audit-policy-file.yaml'
|
||||||
apiserver_extra_volumes:
|
apiserver_extra_volumes:
|
||||||
- name: my-audit-policy-file
|
- name: my-audit-policy-file
|
||||||
mountPath: '/etc/kubernetes/my-audit-policy-file.yml'
|
mountPath: '/etc/kubernetes/my-audit-policy-file.yaml'
|
||||||
hostPath: '/etc/kubernetes/my-audit-policy-file.yml'
|
hostPath: '/etc/kubernetes/my-audit-policy-file.yaml'
|
||||||
pathType: File
|
pathType: File
|
||||||
readOnly: true
|
readOnly: true
|
||||||
content: |
|
content: |
|
||||||
@ -122,7 +122,7 @@ In |prod| |prod-ver|, a custom policy file can only be created at bootstrap
|
|||||||
time in ``apiserver_extra_volumes`` section. If a custom policy file was
|
time in ``apiserver_extra_volumes`` section. If a custom policy file was
|
||||||
configured at bootstrap, then after bootstrap the user has the option to
|
configured at bootstrap, then after bootstrap the user has the option to
|
||||||
configure the parameter ``audit-policy-file`` to either this custom policy file
|
configure the parameter ``audit-policy-file`` to either this custom policy file
|
||||||
(``/etc/kubernetes/my-audit-policy-file.yml`` in the example above) or the
|
(``/etc/kubernetes/my-audit-policy-file.yaml`` in the example above) or the
|
||||||
default policy file ``/etc/kubernetes/default-audit-policy.yaml``. If no custom
|
default policy file ``/etc/kubernetes/default-audit-policy.yaml``. If no custom
|
||||||
policy file was configured at bootstrap, then the user can only configure the
|
policy file was configured at bootstrap, then the user can only configure the
|
||||||
parameter ``audit-policy-file`` to the default policy file.
|
parameter ``audit-policy-file`` to the default policy file.
|
||||||
|
Loading…
Reference in New Issue
Block a user