How to enable debug level logging for the kube-auth-api DaemonSet in Rancher v2.3+ provisioned Kubernetes clusters
This document (000020055) is provided subject to the disclaimer at the end of this document.
Situation
Task
The kube-auth-api DaemonSet is deployed to controlplane nodes, in Rancher v2.3+ provisioned Kubernetes clusters, to provide user authentication functionality for the authorized cluster endpoint. When troubleshooting an issue with authorized cluster endpoint authentication, it may be helpful to analyse the kube-auth-api logs at debug level, and this article details how to enable debug logging.
Pre-requisites
- A Rancher v2.3+ instance
- A Rancher provisioned Kubernetes cluster, either a custom cluster or on nodes in an infrastructure provider using a Node Driver
Resolution
-
Navigate to the workloads view of the System project, within the Rancher UI, for the relevant Rancher provisioned cluster.
-
Locate the
kube-api-authDaemonSet, within thecattle-systemnamespace, click the vertial elipses and selectEdit, per the following screenshot:
-
Click
Show advanced optionsin the bottom left. -
Expand the
Commandsection, enter/usr/bin/kube-api-auth --debug servein the Command field, per the following screenshat, and clickSave:
-
The
kube-api-authpod(s) will restart with the new debug logging configuration. Viewing thekube-api-authlogs you should now obeserve log messages withlevel=debug.
Further reading
Disclaimer
This Support Knowledgebase provides a valuable tool for SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.
- Document ID:000020055
- Creation Date: 06-May-2021
- Modified Date:06-May-2021
-
- SUSE Rancher
For questions or concerns with the SUSE Knowledgebase please contact: tidfeedback[at]suse.com
Run SAP
SUSE for Public Cloud
Security
