Code Review / ta / caas-kubernetes.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | inline | side by side
Audit log bugfix
[ta/caas-kubernetes.git] / ansible / roles / kube_master / defaults / main.yaml
diff --git a/ansible/roles/kube_master/defaults/main.yaml b/ansible/roles/kube_master/defaults/main.yaml
index 95deb1a..9e22c4d 100644 (file)
--- a/ansible/roles/kube_master/defaults/main.yaml
+++ b/ansible/roles/kube_master/defaults/main.yaml
@@ -30,6 +30,7 @@ apiserver_feature_gates:
   DevicePlugins: true
   HugePages: true
   TokenRequest: true
+  SCTPSupport: true
 
 apiserver_params:
   - "--admission-control={{ apiserver_admission_controllers | join(',') }}"
@@ -39,8 +40,8 @@ apiserver_params:
   - "--apiserver-count={{ groups['caas_master']|length|int }}"
   - "--audit-policy-file={{ caas.caas_policy_directory }}/audit-policy.yaml"
   - "--audit-log-format=json"
-  - "--audit-log-maxbackup=10"
-  - "--audit-log-maxsize=100"
+  - "--audit-log-maxsize={{ caas.audit_log_file_size }}"
+  - "--audit-log-maxbackup={{ ((audit_disc_size.stdout|int*caas.caas_max_audit_size)/caas.audit_log_file_size)|int }}"
   - "--audit-log-path=/var/log/audit/kube_apiserver/kube-apiserver-audit.log"
   - "--authorization-mode=Node,RBAC"
   - "--bind-address={{ apiserver }}"
packages, configures, and integrates the major components of the Kubernetes management plane (https://github.com/kubernetes/kubernetes ). Includes the code related to deploying the API server, scheduler, controller-manager, kube-proxy, and kubelet components.