kubernetes
/
kops
mirror of https://github.com/kubernetes/kops.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Add info for kOps 1.22-1.24 on audit logging path changes (#15941) 

* Add info for kOps 1.22-1.25 on audit logging path changes

Just a note with info on path [changes](https://github.com/kubernetes/kops/blob/master/docs/releases/1.22-NOTES.md#control-plane-pods-no-longer-mount-srvkubernetes) in 1.22-1.25 when audit logging is to be enabled.

* Update affected kOps versions

Changed to 1.22-1.24

* Update docs/cluster_spec.md

---------

Co-authored-by: Ciprian Hacman <ciprian@hakman.dev>
This commit is contained in:
michalbolek 2023-09-25 12:56:57 +02:00 committed by GitHub
parent 97c89f49b0
commit 9331362857
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
docs/cluster_spec.md
View File

@ -446,6 +446,8 @@ spec:
**Note**: The auditPolicyFile is needed. If the flag is omitted, no events are logged.
**Note**: For kOps 1.22-1.24 please use `auditPolicyFile: /srv/kubernetes/kube-apiserver/audit/policy-config.yaml` due to [change in mounted paths](https://github.com/kubernetes/kops/blob/master/docs/releases/1.22-NOTES.md#control-plane-pods-no-longer-mount-srvkubernetes).
You could use the [fileAssets](https://github.com/kubernetes/kops/blob/master/docs/cluster_spec.md#fileassets) feature to push an advanced audit policy file on the master nodes.
Example policy file can be found [here](https://raw.githubusercontent.com/kubernetes/website/master/content/en/examples/audit/audit-policy.yaml)