From 56b52b11c640c079e1de3b7d366f5b5e669472f0 Mon Sep 17 00:00:00 2001 From: Ngairangbam Mili Date: Wed, 11 Sep 2024 03:21:59 +0000 Subject: [PATCH] K8S Audit Policy file missing on Standby controller (dsr8 mr3, dsr8 mr2+) Change-Id: I8891e01618225e75b229716c89d8c1998686bbc5 Signed-off-by: Ngairangbam Mili --- .../kubernetes-operator-command-logging-663fce5d74e7.rst | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/doc/source/security/kubernetes/kubernetes-operator-command-logging-663fce5d74e7.rst b/doc/source/security/kubernetes/kubernetes-operator-command-logging-663fce5d74e7.rst index 769962511..8d1b31c74 100644 --- a/doc/source/security/kubernetes/kubernetes-operator-command-logging-663fce5d74e7.rst +++ b/doc/source/security/kubernetes/kubernetes-operator-command-logging-663fce5d74e7.rst @@ -83,11 +83,11 @@ my-audit-policy-file ...}`` parameter. By configuring the parameter audit-log-maxbackup: '3' audit-log-maxsize: '40' audit-log-path: '/var/log/kubernetes/audit/audit.log' - audit-policy-file: '/etc/kubernetes/my-audit-policy-file.yml' + audit-policy-file: '/etc/kubernetes/my-audit-policy-file.yaml' apiserver_extra_volumes: - name: my-audit-policy-file - mountPath: '/etc/kubernetes/my-audit-policy-file.yml' - hostPath: '/etc/kubernetes/my-audit-policy-file.yml' + mountPath: '/etc/kubernetes/my-audit-policy-file.yaml' + hostPath: '/etc/kubernetes/my-audit-policy-file.yaml' pathType: File readOnly: true content: | @@ -122,7 +122,7 @@ In |prod| |prod-ver|, a custom policy file can only be created at bootstrap time in ``apiserver_extra_volumes`` section. If a custom policy file was configured at bootstrap, then after bootstrap the user has the option to configure the parameter ``audit-policy-file`` to either this custom policy file -(``/etc/kubernetes/my-audit-policy-file.yml`` in the example above) or the +(``/etc/kubernetes/my-audit-policy-file.yaml`` in the example above) or the default policy file ``/etc/kubernetes/default-audit-policy.yaml``. If no custom policy file was configured at bootstrap, then the user can only configure the parameter ``audit-policy-file`` to the default policy file.