Document URL: https://docs.openshift.com/container-platform/3.10/install_config/master_node_configuration.html#master-node-config-audit-config Inside "Advanced Setup for the Audit Log", the auditFilePath is set to /var/log/openpaas-oscp-audit/openpaas-oscp-audit.log", openshift_master_audit_config={"enabled": true, "auditFilePath": "/var/log/openpaas-oscp-audit/openpaas-oscp-audit.log", "maximumFileRetentionDays": 14, "maximumFileSizeMegabytes": 500, "maximumRetainedFiles": 5} In 3.10, this path should be inside /var/lib/origin Additional information: Reference: https://bugzilla.redhat.com/show_bug.cgi?id=1589063 Inside "Advanced Setup for the Audit Log", the auditFilePath is set to /var/log/openpaas-oscp-audit/openpaas-oscp-audit.log", openshift_master_audit_config={"enabled": true, "auditFilePath": "/var/lib/origin/openpaas-oscp-audit/openpaas-oscp-audit.log", "maximumFileRetentionDays": 14, "maximumFileSizeMegabytes": 500, "maximumRetainedFiles": 5}
When trying to run with something outside of the new required locations (as the current examples tell you to), you'll get: 1. Hosts: 10.10.92.127 Play: Retrieve existing master configs and validate Task: Check for file paths outside of /etc/origin/master in master's config Message: A string value that appears to be a file path located outside of /etc/origin/master/, /var/lib/origin, /etc/origin/cloudprovider, /etc/origin/kubelet-plugins, /usr/libexec/kubernetes/kubelet-plugins has been found in /etc/origin/master/master-config.yaml. In 3.10 and newer, all files needed by the master must reside inside of those directories or a subdirectory or it will not be readable by the master process. Please migrate all files needed by the master into one of /etc/origin/master/, /var/lib/origin, /etc/origin/cloudprovider, /etc/origin/kubelet-plugins, /usr/libexec/kubernetes/kubelet-plugins or a subdirectory and update your master configs before proceeding. The string found was: /var/log/audit.log *********************** NOTE: the following items do not need to be migrated, they will be migrated for you: oauthConfig.identityProviders
the upstream issue raised here. https://github.com/openshift/openshift-ansible/issues/9746
PR's here: https://github.com/openshift/openshift-docs/pull/12630 Jianlin, will you PTAL?
lgtm, openshift_master_audit_config={"enabled": true, "auditFilePath": "/var/lib/origin/openpaas-oscp-audit.log", "maximumFileRetentionDays": 14, "maximumFileSizeMegabytes": 500, "maximumRetainedFiles": 5} works well in ocp-3.11 installation.
Commits pushed to master at https://github.com/openshift/openshift-docs https://github.com/openshift/openshift-docs/commit/05efddb10f6dd36d86b1f62dbca0d4f0649da26e bug 1622044 correcting audit log path https://github.com/openshift/openshift-docs/commit/ec45405757bec52ad161d1bcde8efbfe507ad431 Merge pull request #12630 from kalexand-rh/BZ1622044 bug 1622044 correcting audit log path
Thank you Gaoyun! I'm merging the PR and will wait for it to go live.
This change is live on docs.openshift, eg: https://docs.openshift.com/container-platform/3.11/install_config/master_node_configuration.html#master-node-config-audit-config And on the portal, eg: https://access.redhat.com/documentation/en-us/openshift_container_platform/3.10/html-single/configuring_clusters/index#master-node-config-audit-config
*** Bug 1636266 has been marked as a duplicate of this bug. ***
*** Bug 1565555 has been marked as a duplicate of this bug. ***
Pull request created: https://github.com/openshift/openshift-docs/pull/13477 Gaoyun Pei, please take a look. Thank you, Andrew
PR lgtm, move bug to verified.
Commits pushed to master at https://github.com/openshift/openshift-docs https://github.com/openshift/openshift-docs/commit/d5dddb34e5b6550ae78419a403c4b644f2e5a2ff bug 1622044 corrected auditFilePath examples https://github.com/openshift/openshift-docs/commit/52289913572c077e763901cf222fa809dc7865d3 Merge pull request #13477 from sheriff-rh/bz1622044 bug 1622044 corrected auditFilePath examples
Merged; setting release pending.
Hello, The /var/lib/origin/... changes have been made in 3.10+ : https://docs.openshift.com/container-platform/3.10/install_config/master_node_configuration.html#master-node-config-audit-config https://docs.openshift.com/container-platform/3.10/install_config/master_node_configuration.html#master-node-config-advanced-audit 3.11 docs: https://docs.openshift.com/container-platform/3.11/install_config/master_node_configuration.html#master-node-config-audit-config https://docs.openshift.com/container-platform/3.11/install_config/master_node_configuration.html#master-node-config-advanced-audit I will close this bug as current release.
auditFileLog changed to /var/lib/origin/audit-ocp.log again, as were originally merged in #14. Changes have been committed and merged to 3.10+: https://github.com/openshift/openshift-docs/pull/14063 https://github.com/openshift/openshift-docs/pull/14064 https://github.com/openshift/openshift-docs/pull/14065 Setting release pending.
I have confirmed the changes are live in 3.10+ https://docs.openshift.com/container-platform/3.11/install_config/master_node_configuration.html#master-node-config-audit-config https://docs.openshift.com/container-platform/3.10/install_config/master_node_configuration.html#master-node-config-audit-config https://docs.openshift.com/container-platform/3.9/install_config/master_node_configuration.html#master-node-config-audit-config I will now close this bug as current release.
I have confirmed the changes are live in 3.9+ https://docs.openshift.com/container-platform/3.11/install_config/master_node_configuration.html#master-node-config-audit-config https://docs.openshift.com/container-platform/3.10/install_config/master_node_configuration.html#master-node-config-audit-config https://docs.openshift.com/container-platform/3.9/install_config/master_node_configuration.html#master-node-config-audit-config This bug is now closed as current release.