kube-auth-api DaemonSet is deployed to controlplane nodes, in Rancher v2.3+ provisioned Kubernetes clusters, to provide user authentication functionality for the authorized cluster endpoint. When troubleshooting an issue with authorized cluster endpoint authentication, it may be helpful to analyse the
kube-auth-api logs at debug level, and this article details how to enable debug logging.
- A Rancher v2.3+ instance
- A Rancher provisioned Kubernetes cluster, either a custom cluster or on nodes in an infrastructure provider using a Node Driver
Navigate to the workloads view of the System project, within the Rancher UI, for the relevant Rancher provisioned cluster.
kube-api-authDaemonSet, within the
cattle-systemnamespace, click the vertial elipses and select
Edit, per the following screenshot:
Show advanced optionsin the bottom left.
/usr/bin/kube-api-auth --debug servein the Command field, per the following screenshat, and click
kube-api-authpod(s) will restart with the new debug logging configuration. Viewing the
kube-api-authlogs you should now obeserve log messages with