How to enable debug level logging for the kube-auth-api DaemonSet in Rancher v2.3+ provisioned Kubernetes clusters

Follow
Table of Contents

Task

The kube-auth-api DaemonSet is deployed to controlplane nodes, in Rancher v2.3+ provisioned Kubernetes clusters, to provide user authentication functionality for the authorized cluster endpoint. When troubleshooting an issue with authorized cluster endpoint authentication, it may be helpful to analyse the kube-auth-api logs at debug level, and this article details how to enable debug logging.

Pre-requisites

Resolution

  1. Navigate to the workloads view of the System project, within the Rancher UI, for the relevant Rancher provisioned cluster.

  2. Locate the kube-api-auth DaemonSet, within the cattle-system namespace, click the vertial elipses and select Edit, per the following screenshot:

    Edit the kube-api-auth daemonset

  3. Click Show advanced options in the bottom left.

  4. Expand the Command section, enter /usr/bin/kube-api-auth --debug serve in the Command field, per the following screenshat, and click Save:

    Replace the command with --debug option

  5. The kube-api-auth pod(s) will restart with the new debug logging configuration. Viewing the kube-api-auth logs you should now obeserve log messages with level=debug.

Further reading

Was this article helpful?
0 out of 0 found this helpful

Comments

0 comments

Please sign in to leave a comment.