惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

S
Secure Thoughts
罗磊的独立博客
T
The Blog of Author Tim Ferriss
人人都是产品经理
人人都是产品经理
博客园 - 叶小钗
Last Week in AI
Last Week in AI
美团技术团队
Google Online Security Blog
Google Online Security Blog
Application and Cybersecurity Blog
Application and Cybersecurity Blog
D
Docker
G
Google Developers Blog
大猫的无限游戏
大猫的无限游戏
酷 壳 – CoolShell
酷 壳 – CoolShell
小众软件
小众软件
月光博客
月光博客
L
LINUX DO - 最新话题
cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
CTFtime.org: upcoming CTF events
CTFtime.org: upcoming CTF events
W
WeLiveSecurity
H
Heimdal Security Blog
Vercel News
Vercel News
SecWiki News
SecWiki News
Forbes - Security
Forbes - Security
Blog — PlanetScale
Blog — PlanetScale
Google DeepMind News
Google DeepMind News
Exploit-DB.com RSS Feed
Exploit-DB.com RSS Feed
www.infosecurity-magazine.com
www.infosecurity-magazine.com
TaoSecurity Blog
TaoSecurity Blog
T
Troy Hunt's Blog
A
About on SuperTechFans
C
Check Point Blog
S
Security Affairs
Hacker News - Newest:
Hacker News - Newest: "LLM"
AI
AI
WordPress大学
WordPress大学
K
KPMG report finds enterprise disconnect between AI and its ROI | CIO
Help Net Security
Help Net Security
博客园_首页
The Last Watchdog
The Last Watchdog
S
SegmentFault 最新的问题
Hugging Face - Blog
Hugging Face - Blog
Security Archives - TechRepublic
Security Archives - TechRepublic
Engineering at Meta
Engineering at Meta
cs.CV updates on arXiv.org
cs.CV updates on arXiv.org
I
Intezer
K
Kaspersky official blog
M
MIT News - Artificial intelligence
J
Java Code Geeks
G
GRAHAM CLULEY
P
Palo Alto Networks Blog

k8s_event on CoreDNS: DNS and Service Discovery

暂无文章

k8s_event
2022-08-23 · via k8s_event on CoreDNS: DNS and Service Discovery

Description

k8s_event listens for log printings, and reports them as Events to Kubernetes APIServer.

This plugin requires …

  • the kubeapi plugin to create a connection to the Kubernetes API.
  • create/patch/update permission to the Events API.

Enabling this plugin is process-wide: enabling k8s_event in at least one server block enables it globally.

Syntax

k8s_event {
    level LEVELS...
    rate [QPS] [Burst] [CacheSize]
}
  • levels selects what level of logs should be reported as Kubernetes events. LEVELS is a space-separated list of log levels, supported levels are debug, error, fatal, info, and warning. The level of the log will be reflected on the Reason field of event, e.g. it will use CoreDNSWarning as Reason field for a warning log. If no level is specified, it defaults to error and warning.
  • rate is used to control the throttling of events.
    • QPS is the fill rate of the token bucket in queries per second, which is 1/300 by default.
    • Burst is the burst size used by the token bucket rate filtering, which is 25 by default.
    • CacheSize is the lru cache size used for event caching locally, which is 4096 by default.

Deployment

By default, this plugin reports events on behalf of its own CoreDNS Pod, PodName and Namespace are collected through the Downward API.

When deploying CoreDNS in kubernetes, you should include the following environment variables.

env:
  - name: COREDNS_POD_NAME
    valueFrom:
      fieldRef:
        fieldPath: metadata.name
  - name: COREDNS_NAMESPACE
    valueFrom:
      fieldRef:
        fieldPath: metadata.namespace

When these environment variables are missing, this plugin reports events on behalf of the default namespace.

Also, the system:coredns ClusterRole should be appended with following.

- apiGroups:
  - ""
  - events.k8s.io
  resources:
  - events
  verbs:
  - create
  - patch
  - update

Example

Listens for log printings of info, error, and warning levels, and reports them via in-cluster Kubernetes API. The event sending rate is controlled by QPS 0.15 token/sec, Burst 10 tokens, and LRUCacheSize 1024 tokens.

.:53 {
    kubeapi
    k8s_event {
      level info error warning
      rate 0.15 10 1024
    }
}

Outputs

$ kubectl get ev -A -w
NAMESPACE   LAST SEEN   TYPE      REASON           OBJECT              MESSAGE
default     1s          Normal    CoreDNSInfo      namespace/default   plugin/reload: Running configuration SHA512 = <omitted>
default     1s          Warning   CoreDNSError     namespace/default   plugin/errors: 2 <omitted>. A: read udp <omitted>: i/o timeout
default     1s          Warning   CoreDNSError     namespace/default   plugin/reload: Corefile changed but reload failed: <omitted>