How to enable debug level logging for the kube-auth-api DaemonSet in Rancher v2.3+ provisioned Kubernetes clusters
This document (000020055) is provided subject to the disclaimer at the end of this document.
Situation
Task
The kube-auth-api
DaemonSet is deployed to controlplane nodes, in Rancher v2.3+ provisioned Kubernetes clusters, to provide user authentication functionality for the authorized cluster endpoint. When troubleshooting an issue with authorized cluster endpoint authentication, it may be helpful to analyse the kube-auth-api
logs at debug level, and this article details how to enable debug logging.
Pre-requisites
- A Rancher v2.3+ instance
- A Rancher provisioned Kubernetes cluster, either a custom cluster or on nodes in an infrastructure provider using a Node Driver
Resolution
-
Navigate to the workloads view of the System project, within the Rancher UI, for the relevant Rancher provisioned cluster.
-
Locate the
kube-api-auth
DaemonSet, within thecattle-system
namespace, click the vertial elipses and selectEdit
, per the following screenshot: -
Click
Show advanced options
in the bottom left. -
Expand the
Command
section, enter/usr/bin/kube-api-auth --debug serve
in the Command field, per the following screenshat, and clickSave
: -
The
kube-api-auth
pod(s) will restart with the new debug logging configuration. Viewing thekube-api-auth
logs you should now obeserve log messages withlevel=debug
.
Further reading
Disclaimer
This Support Knowledgebase provides a valuable tool for SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.
- Document ID:000020055
- Creation Date: 06-May-2021
- Modified Date:06-May-2021
-
- SUSE Rancher
For questions or concerns with the SUSE Knowledgebase please contact: tidfeedback[at]suse.com