mirror of
https://github.com/k3s-io/kubernetes.git
synced 2025-12-01 00:15:54 +00:00
4c02f29196
Automatic merge from submit-queue (batch tested with PRs 40297, 41285, 41211, 41243, 39735) cluster/gce: Add env var to enable apiserver basic audit log. For now, this is focused on a fixed set of flags that makes the audit log show up under /var/log/kube-apiserver-audit.log and behave similarly to /var/log/kube-apiserver.log. Allowing other customization would require significantly more complex changes. Audit log rotation is handled the same as for `kube-apiserver.log`. **What this PR does / why we need it**: Add a knob to enable [basic audit logging](https://kubernetes.io/docs/admin/audit/) in GCE. **Which issue this PR fixes**: **Special notes for your reviewer**: We would like to cherrypick/port this to release-1.5 also. **Release note**: ```release-note The kube-apiserver [basic audit log](https://kubernetes.io/docs/admin/audit/) can be enabled in GCE by exporting the environment variable `ENABLE_APISERVER_BASIC_AUDIT=true` before running `cluster/kube-up.sh`. This will log to `/var/log/kube-apiserver-audit.log` and use the same `logrotate` settings as `/var/log/kube-apiserver.log`. ```
Container-VM Image
Container-VM Image is a container-optimized OS image for the Google Cloud Platform (GCP). It is primarily for running Google services on GCP. Unlike the open preview version of container-vm, the new Container-VM Image is based on the open source ChromiumOS project, allowing us greater control over the build management, security compliance, and customizations for GCP.