mirror of
https://github.com/kyverno/kyverno.git
synced 2024-12-14 11:57:48 +00:00
29 lines
1 KiB
YAML
29 lines
1 KiB
YAML
kind: Cluster
|
|
apiVersion: kind.x-k8s.io/v1alpha4
|
|
nodes:
|
|
- role: control-plane
|
|
kubeadmConfigPatches:
|
|
- |
|
|
kind: ClusterConfiguration
|
|
apiServer:
|
|
# enable auditing flags on the API server
|
|
extraArgs:
|
|
audit-log-path: /var/log/kubernetes/kube-apiserver-audit.log
|
|
audit-policy-file: /etc/kubernetes/policies/audit-policy.yaml
|
|
# mount new files / directories on the control plane
|
|
extraVolumes:
|
|
- name: audit-policies
|
|
hostPath: /etc/kubernetes/policies
|
|
mountPath: /etc/kubernetes/policies
|
|
readOnly: true
|
|
pathType: "DirectoryOrCreate"
|
|
- name: "audit-logs"
|
|
hostPath: "/var/log/kubernetes"
|
|
mountPath: "/var/log/kubernetes"
|
|
readOnly: false
|
|
pathType: DirectoryOrCreate
|
|
# mount the local file on the control plane
|
|
extraMounts:
|
|
- hostPath: ./scripts/config/kind/audit-policy.yaml
|
|
containerPath: /etc/kubernetes/policies/audit-policy.yaml
|
|
readOnly: true
|