From c29b21717dbafb365096688f6dfdda169e278b60 Mon Sep 17 00:00:00 2001 From: Samuel Liu Date: Wed, 24 Jun 2020 23:15:17 +0800 Subject: [PATCH] Add event-ttl duration (#6310) * Add event-ttl duration * Fix wrong location --- inventory/sample/group_vars/k8s-cluster/k8s-cluster.yml | 3 +++ roles/kubernetes/master/defaults/main/main.yml | 3 +++ .../kubernetes/master/templates/kubeadm-config.v1beta2.yaml.j2 | 3 +++ 3 files changed, 9 insertions(+) diff --git a/inventory/sample/group_vars/k8s-cluster/k8s-cluster.yml b/inventory/sample/group_vars/k8s-cluster/k8s-cluster.yml index 3a7ce4879..b0eefafe9 100644 --- a/inventory/sample/group_vars/k8s-cluster/k8s-cluster.yml +++ b/inventory/sample/group_vars/k8s-cluster/k8s-cluster.yml @@ -309,3 +309,6 @@ persistent_volumes_enabled: false # - TLS_RSA_WITH_AES_256_CBC_SHA # - TLS_RSA_WITH_AES_256_GCM_SHA384 # - TLS_RSA_WITH_RC4_128_SHA + +## Amount of time to retain events. (default 1h0m0s) +event_ttl_duration: "1h0m0s" diff --git a/roles/kubernetes/master/defaults/main/main.yml b/roles/kubernetes/master/defaults/main/main.yml index ab53de54c..bf9d1aade 100644 --- a/roles/kubernetes/master/defaults/main/main.yml +++ b/roles/kubernetes/master/defaults/main/main.yml @@ -194,3 +194,6 @@ secrets_encryption_query: "resources[*].providers[0].{{kube_encryption_algorithm # - TLS_RSA_WITH_AES_256_CBC_SHA # - TLS_RSA_WITH_AES_256_GCM_SHA384 # - TLS_RSA_WITH_RC4_128_SHA + +## Amount of time to retain events. (default 1h0m0s) +event_ttl_duration: "1h0m0s" diff --git a/roles/kubernetes/master/templates/kubeadm-config.v1beta2.yaml.j2 b/roles/kubernetes/master/templates/kubeadm-config.v1beta2.yaml.j2 index 1d8f9e26c..19619d763 100644 --- a/roles/kubernetes/master/templates/kubeadm-config.v1beta2.yaml.j2 +++ b/roles/kubernetes/master/templates/kubeadm-config.v1beta2.yaml.j2 @@ -186,6 +186,9 @@ apiServer: tls-cipher-suites: {% for tls in tls_cipher_suites %}{{ tls }}{{ "," if not loop.last else "" }}{% endfor %} {% endif %} +{% if event_ttl_duration is defined %} + event-ttl: {{ event_ttl_duration }} +{%endif%} {% if kubernetes_audit or kube_basic_auth|default(true) or kube_token_auth|default(true) or kube_webhook_token_auth|default(false) or ( cloud_provider is defined and cloud_provider in ["openstack", "azure", "vsphere", "aws"] ) or apiserver_extra_volumes or ssl_ca_dirs|length %} extraVolumes: {% if cloud_provider is defined and cloud_provider in ["openstack", "azure", "vsphere", "aws"] %}