From ae6bb09458598f71ae1470915fbfec688adceed4 Mon Sep 17 00:00:00 2001 From: Jon Cope Date: Thu, 16 May 2024 16:36:36 -0500 Subject: [PATCH 1/2] kube-apiserver auditlog values were not given microshift's defaults and thus did not produce behavior described by microshift documentation regarding log retention settings. default values are not specified correctly Signed-off-by: Jon Cope --- pkg/config/config.go | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/pkg/config/config.go b/pkg/config/config.go index ff299f909b..58ca92c106 100644 --- a/pkg/config/config.go +++ b/pkg/config/config.go @@ -98,7 +98,12 @@ func (c *Config) fillDefaults() error { URL: "https://localhost:6443", Port: 6443, } - c.ApiServer.AuditLog.Profile = "Default" + c.ApiServer.AuditLog = AuditLog{ + MaxFileAge: 10, + MaxFiles: 10, + MaxFileSize: 200, + Profile: "Default", + } c.Node = Node{ HostnameOverride: hostname, NodeIP: nodeIP, From d195f44f4f92b25ddf2be6a43bbb0333c14195ed Mon Sep 17 00:00:00 2001 From: Jon Cope Date: Thu, 16 May 2024 16:47:41 -0500 Subject: [PATCH 2/2] align the default values to those specified in the original enhancement proposal and microshift documentation Signed-off-by: Jon Cope --- cmd/generate-config/config/config-openapi-spec.json | 2 +- docs/user/howto_config.md | 2 +- packaging/microshift/config.yaml | 2 +- pkg/config/apiserver.go | 2 +- pkg/config/config.go | 2 +- 5 files changed, 5 insertions(+), 5 deletions(-) diff --git a/cmd/generate-config/config/config-openapi-spec.json b/cmd/generate-config/config/config-openapi-spec.json index 8f99437e8f..3d8dbf1c0a 100755 --- a/cmd/generate-config/config/config-openapi-spec.json +++ b/cmd/generate-config/config/config-openapi-spec.json @@ -35,7 +35,7 @@ "maxFileAge": { "description": "maxFileAge is the maximum number of days to retain old audit log files", "type": "integer", - "default": 10 + "default": 0 }, "maxFileSize": { "description": "maxFileSize is the maximum size in megabytes of the audit log file before it gets rotated", diff --git a/docs/user/howto_config.md b/docs/user/howto_config.md index 1bfb7996a5..4342677b3b 100644 --- a/docs/user/howto_config.md +++ b/docs/user/howto_config.md @@ -65,7 +65,7 @@ In case `config.yaml` is not provided, the following default settings will be us apiServer: advertiseAddress: "" auditLog: - maxFileAge: 10 + maxFileAge: 0 maxFileSize: 200 maxFiles: 10 profile: Default diff --git a/packaging/microshift/config.yaml b/packaging/microshift/config.yaml index acb1c3fe53..950ac34dba 100644 --- a/packaging/microshift/config.yaml +++ b/packaging/microshift/config.yaml @@ -3,7 +3,7 @@ apiServer: advertiseAddress: "" auditLog: # maxFileAge is the maximum number of days to retain old audit log files - maxFileAge: 10 + maxFileAge: 0 # maxFileSize is the maximum size in megabytes of the audit log file before it gets rotated maxFileSize: 200 # maxFiles is the maximum number of rotated audit log files to retain diff --git a/pkg/config/apiserver.go b/pkg/config/apiserver.go index 5b3b84abf9..31a8349889 100644 --- a/pkg/config/apiserver.go +++ b/pkg/config/apiserver.go @@ -31,7 +31,7 @@ type NamedCertificateEntry struct { type AuditLog struct { // maxFileAge is the maximum number of days to retain old audit log files - // +kubebuilder:default=10 + // +kubebuilder:default=0 MaxFileAge int `json:"maxFileAge"` // maxFiles is the maximum number of rotated audit log files to retain // +kubebuilder:default=10 diff --git a/pkg/config/config.go b/pkg/config/config.go index 58ca92c106..c92c33b512 100644 --- a/pkg/config/config.go +++ b/pkg/config/config.go @@ -99,7 +99,7 @@ func (c *Config) fillDefaults() error { Port: 6443, } c.ApiServer.AuditLog = AuditLog{ - MaxFileAge: 10, + MaxFileAge: 0, MaxFiles: 10, MaxFileSize: 200, Profile: "Default",