Add documentation for audit webhook variables (#7434)

* Add documentation for audit webhook variables

* Enclose the value of  audit_webhook_server_url in a codeblock

* Add default value for audit_webhook_batch_max_wait
This commit is contained in:
Necatican Yıldırım 2021-04-05 23:51:19 +03:00 committed by GitHub
parent 6479e26904
commit be278f9dba
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23

View file

@ -164,6 +164,14 @@ node_taints:
* `audit_policy_file`: "{{ kube_config_dir }}/audit-policy/apiserver-audit-policy.yaml" * `audit_policy_file`: "{{ kube_config_dir }}/audit-policy/apiserver-audit-policy.yaml"
By default, the `audit_policy_file` contains [default rules](https://github.com/kubernetes-sigs/kubespray/blob/master/roles/kubernetes/control-plane/templates/apiserver-audit-policy.yaml.j2) that can be overridden with the `audit_policy_custom_rules` variable. By default, the `audit_policy_file` contains [default rules](https://github.com/kubernetes-sigs/kubespray/blob/master/roles/kubernetes/control-plane/templates/apiserver-audit-policy.yaml.j2) that can be overridden with the `audit_policy_custom_rules` variable.
* *kubernetes_audit_webhook* - When set to `true`, enables the webhook audit backend.
The webhook parameters can be tuned via the following variables (which default values are shown below):
* `audit_webhook_config_file`: "{{ kube_config_dir }}/audit-policy/apiserver-audit-webhook-config.yaml"
* `audit_webhook_server_url`: `"https://audit.app"`
* `audit_webhook_server_extra_args`: {}
* `audit_webhook_mode`: batch
* `audit_webhook_batch_max_size`: 100
* `audit_webhook_batch_max_wait`: 1s
### Custom flags for Kube Components ### Custom flags for Kube Components