minikube

command
v0.0.1-audit-logs Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 1, 2018 License: Apache-2.0 Imports: 4 Imported by: 0

README 

## Developing an audit-webhook

Advanced Auditing needs a policy file passed to [--audit-policy-file](https://kubernetes.io/docs/reference/generated/kube-apiserver/) to apiserver.
    
Enabling a webhook also requires configuration file via [--audit-webhook-config-file](https://kubernetes.io/docs/reference/generated/kube-apiserver/)

### Configuring minikube apiserver cmd line parameters

[--extra-config=apiserver.*](https://github.com/kubernetes/minikube/blob/master/docs/configuring_kubernetes.md#kubeadm-bootstrapper) allows us to add cmd line args.

Getting our config files inside the apiserver container is a bit trickier.

[--mount-string](https://github.com/kubernetes/minikube/blob/v0.26.0/cmd/minikube/cmd/start.go#L69) allows us to mount host directors into our minikube VM.

However we still need to patch the manifests, to map /tmp/files into our container.

#### Start minikube

```shell
minikube start --v=4  --mount --mount-string=$PWD:/tmp/files \
         --feature-gates=AdvancedAuditing=true \
         --extra-config=apiserver.audit-log-path=/tmp/files/audit.log
```

#### Apply Patch to /etc/kubernetes/kube-apiserver.yaml

```shell
ssh -i $(minikube ssh-key) docker@$(minikube ip) sudo /tmp/files/apiserver-config.patch.sh
```

#### Replacing /etc/kubernetes/kube-apiserver.yaml should restart apiserver

The restarted apiserver container will now log to the folder where minikube was started.

Documentation

The Go Gopher

There is no documentation for this package.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.