How to enable debug level logging for the kube-auth-api DaemonSet in Rancher v2.3+ provisioned Kubernetes clusters
This document (000020055) is provided subject to the disclaimer at the end of this document.
kube-auth-api DaemonSet is deployed to controlplane nodes, in Rancher v2.3+ provisioned Kubernetes clusters, to provide user authentication functionality for the authorized cluster endpoint. When troubleshooting an issue with authorized cluster endpoint authentication, it may be helpful to analyse the
kube-auth-api logs at debug level, and this article details how to enable debug logging.
- A Rancher v2.3+ instance
- A Rancher provisioned Kubernetes cluster, either a custom cluster or on nodes in an infrastructure provider using a Node Driver
Navigate to the workloads view of the System project, within the Rancher UI, for the relevant Rancher provisioned cluster.
kube-api-authDaemonSet, within the
cattle-systemnamespace, click the vertial elipses and select
Edit, per the following screenshot:
Show advanced optionsin the bottom left.
/usr/bin/kube-api-auth --debug servein the Command field, per the following screenshat, and click
kube-api-authpod(s) will restart with the new debug logging configuration. Viewing the
kube-api-authlogs you should now obeserve log messages with
This Support Knowledgebase provides a valuable tool for SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.
- Document ID:000020055
- Creation Date: 06-May-2021
- Modified Date:06-May-2021
- SUSE Rancher
For questions or concerns with the SUSE Knowledgebase please contact: tidfeedback[at]suse.com