4c02f29196
Automatic merge from submit-queue (batch tested with PRs 40297, 41285, 41211, 41243, 39735) cluster/gce: Add env var to enable apiserver basic audit log. For now, this is focused on a fixed set of flags that makes the audit log show up under /var/log/kube-apiserver-audit.log and behave similarly to /var/log/kube-apiserver.log. Allowing other customization would require significantly more complex changes. Audit log rotation is handled the same as for `kube-apiserver.log`. **What this PR does / why we need it**: Add a knob to enable [basic audit logging](https://kubernetes.io/docs/admin/audit/) in GCE. **Which issue this PR fixes**: **Special notes for your reviewer**: We would like to cherrypick/port this to release-1.5 also. **Release note**: ```release-note The kube-apiserver [basic audit log](https://kubernetes.io/docs/admin/audit/) can be enabled in GCE by exporting the environment variable `ENABLE_APISERVER_BASIC_AUDIT=true` before running `cluster/kube-up.sh`. This will log to `/var/log/kube-apiserver-audit.log` and use the same `logrotate` settings as `/var/log/kube-apiserver.log`. ```
SaltStack configuration
This is the root of the SaltStack configuration for Kubernetes. A high level overview for the Kubernetes SaltStack configuration can be found in the docs tree.
This SaltStack configuration currently applies to default
configurations for Debian-on-GCE, Fedora-on-Vagrant, Ubuntu-on-AWS and
Ubuntu-on-Azure. (That doesn't mean it can't be made to apply to an
arbitrary configuration, but those are only the in-tree OS/IaaS
combinations supported today.) As you peruse the configuration, these
are shorthanded as gce, vagrant, aws, azure-legacy in grains.cloud;
the documentation in this tree uses this same shorthand for convenience.
See more: