kubernetes
/
website
mirror of https://github.com/kubernetes/website.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Small wording update on Log sanitization docs 

Follow up to PR #24845, following the remarks kbhawkey had
This commit is contained in:
Rob Franken 2020-11-24 09:10:12 +01:00 committed by GitHub
parent d7a3f5d409
commit 1de3ac5a28
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 6 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
content/en/docs/concepts/cluster-administration/system-logs.md
View File

@ -99,17 +99,17 @@ List of components currently supporting JSON format:
Log sanitization might incur significant computation overhead and therefore should not be enabled in production.
{{< /warning >}}
The `--experimental-logging-sanitization` controls if a sanitization filter will be installed in klog.
The `--experimental-logging-sanitization` flag enables the klog sanitization filter.
If enabled all log arguments are inspected for fields tagged as sensitive data (e.g. passwords, keys, tokens) and logging of these fields will be prevented.
List of components currently supporting log sanitization:
* {{< glossary_tooltip term_id="kube-controller-manager" text="kube-controller-manager" >}}
* {{< glossary_tooltip term_id="kube-apiserver" text="kube-apiserver" >}}
* {{< glossary_tooltip term_id="kube-scheduler" text="kube-scheduler" >}}
* {{< glossary_tooltip term_id="kubelet" text="kubelet" >}}
* kube-controller-manager
* kube-apiserver
* kube-scheduler
* kubelet
{{< note >}}
This is not interacting with user workload logs, so it won't prevent users workloads from leaking sensitive data.
The Log sanitization filter does not prevent user workload logs from leaking sensitive data.
{{< /note >}}
### Log verbosity level