Merge "K8S Audit Policy file missing on Standby controller (dsr8 mr3, dsr8 mr2+)"

This commit is contained in:
Zuul 2024-09-12 14:08:09 +00:00 committed by Gerrit Code Review
commit 055956be30

View File

@ -83,11 +83,11 @@ my-audit-policy-file ...}`` parameter. By configuring the parameter
audit-log-maxbackup: '3' audit-log-maxbackup: '3'
audit-log-maxsize: '40' audit-log-maxsize: '40'
audit-log-path: '/var/log/kubernetes/audit/audit.log' audit-log-path: '/var/log/kubernetes/audit/audit.log'
audit-policy-file: '/etc/kubernetes/my-audit-policy-file.yml' audit-policy-file: '/etc/kubernetes/my-audit-policy-file.yaml'
apiserver_extra_volumes: apiserver_extra_volumes:
- name: my-audit-policy-file - name: my-audit-policy-file
mountPath: '/etc/kubernetes/my-audit-policy-file.yml' mountPath: '/etc/kubernetes/my-audit-policy-file.yaml'
hostPath: '/etc/kubernetes/my-audit-policy-file.yml' hostPath: '/etc/kubernetes/my-audit-policy-file.yaml'
pathType: File pathType: File
readOnly: true readOnly: true
content: | content: |
@ -122,7 +122,7 @@ In |prod| |prod-ver|, a custom policy file can only be created at bootstrap
time in ``apiserver_extra_volumes`` section. If a custom policy file was time in ``apiserver_extra_volumes`` section. If a custom policy file was
configured at bootstrap, then after bootstrap the user has the option to configured at bootstrap, then after bootstrap the user has the option to
configure the parameter ``audit-policy-file`` to either this custom policy file configure the parameter ``audit-policy-file`` to either this custom policy file
(``/etc/kubernetes/my-audit-policy-file.yml`` in the example above) or the (``/etc/kubernetes/my-audit-policy-file.yaml`` in the example above) or the
default policy file ``/etc/kubernetes/default-audit-policy.yaml``. If no custom default policy file ``/etc/kubernetes/default-audit-policy.yaml``. If no custom
policy file was configured at bootstrap, then the user can only configure the policy file was configured at bootstrap, then the user can only configure the
parameter ``audit-policy-file`` to the default policy file. parameter ``audit-policy-file`` to the default policy file.