k8s v1.19.0
# /etc/kubernetes/pki/audit-policy.yaml
apiVersion: audit.k8s.io/v1beta1
kind: Policy
rules:
- level: Request
resources:
- group: ""
- level: RequestResponse
resources:
- group: ""
- level: Metadata
resources:
- group: ""kube-apiserver pod中增加如下配置
# 启动参数
--audit-policy-file=/etc/kubernetes/audit/audit-policy.yaml
--audit-log-format=json
--audit-log-path=/etc/kubernetes/audit/kube-apiserver-audit.log
--audit-log-maxage=30
--audit-log-maxbackup=3
--audit-log-maxsize=1024
# 容器挂载
- mountPath: /etc/kubernetes/audit
name: k8s-audit
# 主机挂载
- hostPath:
path: /etc/kubernetes/audit
type: DirectoryOrCreate
name: k8s-audit--audit-policy-file:审计策略
--audit-log-format:审计日志格式
--audit-log-path:审计日志路径
--audit-log-maxage:保留审计日志的最大天数
--audit-log-maxbackup:保留审计日志的最大数量
--audit-log-maxsize:保留审计日志的最大MB查看kube-apiserver审计日志
tail -f /etc/kubernetes/audit/kube-apiserver-audit.log
有请求收到时间和请求处理完成时间。
标签:audit,log,kubernetes,--,开启,apiserver,kube From: https://www.cnblogs.com/WJQ2017/p/17936030.html