kubernetes
/
website
mirror of https://github.com/kubernetes/website.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #25201 from rf232/patch-1 

Small wording update on Log sanitization docs
This commit is contained in:
Kubernetes Prow Robot 2020-11-24 00:41:00 -08:00 committed by GitHub
parent d7a3f5d409 1de3ac5a28
commit 5fc56324c2
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 6 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
content/en/docs/concepts/cluster-administration/system-logs.md
View File

@ -99,17 +99,17 @@ List of components currently supporting JSON format:
Log sanitization might incur significant computation overhead and therefore should not be enabled in production.
{{< /warning >}}
The `--experimental-logging-sanitization` controls if a sanitization filter will be installed in klog.
The `--experimental-logging-sanitization` flag enables the klog sanitization filter.
If enabled all log arguments are inspected for fields tagged as sensitive data (e.g. passwords, keys, tokens) and logging of these fields will be prevented.
List of components currently supporting log sanitization:
* {{< glossary_tooltip term_id="kube-controller-manager" text="kube-controller-manager" >}}
* {{< glossary_tooltip term_id="kube-apiserver" text="kube-apiserver" >}}
* {{< glossary_tooltip term_id="kube-scheduler" text="kube-scheduler" >}}
* {{< glossary_tooltip term_id="kubelet" text="kubelet" >}}
* kube-controller-manager
* kube-apiserver
* kube-scheduler
* kubelet
{{< note >}}
This is not interacting with user workload logs, so it won't prevent users workloads from leaking sensitive data.
The Log sanitization filter does not prevent user workload logs from leaking sensitive data.
{{< /note >}}
### Log verbosity level