rancher/rke
1
0
Fork 0
mirror of https://github.com/rancher/rke.git synced 2025-09-17 23:49:06 +00:00
Code Issues Releases Wiki Activity

auditlog and eventratelimit changes

Browse Source
This commit is contained in:
Murali Paluru
2019-10-30 13:04:16 -07:00
committed by Alena Prokharchyk
parent 995fa72fe2
commit bf8688e709
4 changed files with 334 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
cluster/plan.go
View File

@@ -263,12 +263,26 @@ func (c *Cluster) BuildKubeAPIProcess(host *hosts.Host, prefixPath string, svcOp
CommandArgs[admissionControlOptionName] = CommandArgs[admissionControlOptionName] + ",AlwaysPullImages"
}
if c.Services.KubeAPI.AuditLog != nil {
if alc := c.Services.KubeAPI.AuditLog.Configuration; alc != nil {
CommandArgs[KubeAPIArgAuditLogPath] = alc.Path
CommandArgs[KubeAPIArgAuditLogMaxAge] = strconv.Itoa(alc.MaxAge)
CommandArgs[KubeAPIArgAuditLogMaxBackup] = strconv.Itoa(alc.MaxBackup)
CommandArgs[KubeAPIArgAuditLogMaxSize] = strconv.Itoa(alc.MaxSize)
CommandArgs[KubeAPIArgAuditLogFormat] = alc.Format
CommandArgs[KubeAPIArgAuditPolicyFile] = DefaultKubeAPIArgAuditPolicyFileValue
}
}
VolumesFrom := []string{
services.SidekickContainerName,
}
Binds := []string{
fmt.Sprintf("%s:/etc/kubernetes:z", path.Join(prefixPath, "/etc/kubernetes")),
}
if c.Services.KubeAPI.AuditLog != nil && c.Services.KubeAPI.AuditLog.Enabled {
Binds = append(Binds, fmt.Sprintf("%s:/var/log/kube-audit:z", path.Join(prefixPath, "/var/log/kube-audit")))
}
// Override args if they exist, add additional args
for arg, value := range c.Services.KubeAPI.ExtraArgs {