Code Review / ta / caas-kubernetes.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | inline | side by side
Audit log bugfix
[ta/caas-kubernetes.git] / ansible / roles / kube_master / tasks / main.yml
diff --git a/ansible/roles/kube_master/tasks/main.yml b/ansible/roles/kube_master/tasks/main.yml
index 49f7499..ae231e9 100644 (file)
--- a/ansible/roles/kube_master/tasks/main.yml
+++ b/ansible/roles/kube_master/tasks/main.yml
@@ -64,6 +64,7 @@
     owner: "{{ caas.uid.kube }}"
     group: "{{ caas.uid.kube }}"
     state: directory
+    mode: 0700
   become_user: "root"
 
 - name: create directory for audit policy
@@ -91,6 +92,10 @@
     - "{{ caas.uid.kube }}"
     - "{{ users.admin_user_name }}"
   become_user: "root"
+- name: Ask the audit log disc size
+  shell: df -BM --output=size,target | grep audit | awk '{print $1}' | tr -d 'M'
+  register: audit_disc_size
 
 - name: template apiserver
   vars:
packages, configures, and integrates the major components of the Kubernetes management plane (https://github.com/kubernetes/kubernetes ). Includes the code related to deploying the API server, scheduler, controller-manager, kube-proxy, and kubelet components.