-
Notifications
You must be signed in to change notification settings - Fork 0
How to remove Audit Logs from Tenant in k8s
Cesar Celis Hernandez edited this page Nov 4, 2022
·
4 revisions
- Assuming you have a tenant with
Audit Logs
enabled:
- From the tenant specification, remove the
log
part under.spec.log
:
log:
audit:
diskCapacityGB: 5
db:
resources: {}
securityContext:
fsGroup: 999
fsGroupChangePolicy: Always
runAsGroup: 999
runAsNonRoot: true
runAsUser: 999
volumeClaimTemplate:
metadata:
creationTimestamp: null
name: mondec1-log
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: "5368709120"
status: {}
resources: {}
securityContext:
fsGroup: 1000
fsGroupChangePolicy: Always
runAsGroup: 1000
runAsNonRoot: true
runAsUser: 1000
- Save the change and wait for couple of minutes:
- Notice the audit log will be disabled, or you can just disable from the UI as well, up to you:
- After some time pods will be gone:
- Ok if all above isn't working, let's show in the meantime how to manually remove logs when they are sticky
- Assuming you have a sticky configuration where logs can't be removed for one reason or the other....
- Same as before entirely remove the
log
from thetenant
:
Cesars-MacBook-Pro:~ cniackz$ k get tenants -n juju123
NAME STATE AGE
juju123 Initialized 3m54s
Cesars-MacBook-Pro:~ cniackz$ k edit tenants juju123 -n juju123
remove the log part only:
- Update your operator if possible and restart operator pod:
Below example on how to terminate via Lens, same can be done via kubectl command
Here via kubectl:
$ k delete pods minio-operator-5c597dc59d-kj958 minio-operator-5c597dc59d-twgls -n minio-operator
pod "minio-operator-5c597dc59d-kj958" deleted
pod "minio-operator-5c597dc59d-twgls" deleted
NOTE: They are going to be recreated, so no worries, you can safely delete this operator pods.
- Remove the deployment and the statefulsets of the logs:
$ kubectl delete Deployments juju123-log-search-api -n juju123
deployment.apps "juju123-log-search-api" deleted
$ kubectl delete Statefulsets juju123-log -n juju123
statefulset.apps "juju123-log" deleted
- restart operator again:
$ k delete pods minio-operator-5c597dc59d-ww5pb minio-operator-5c597dc59d-h6pdt -n minio-operator
- logs has to be gone:
Deleted message will show when operator is doing it (look at operator logs):
h:""}): type: 'Warning' reason: 'Deleted' Log search headless service deleted
I1104 15:56:15.271356 1 event.go:285] Event(v1.ObjectReference{Kind:"Tenant", Namespace:"juju123", Name:"juju123", UID:"abbdb75b-c107-460a-9178-af283420f22b", APIVersion:"minio.min.io/v2", ResourceVersion:"5122", FieldPath:""}): type: 'Warning' reason: 'Deleted' Log search statefulset deleted
I1104 15:56:15.276827 1 event.go:285] Event(v1.ObjectReference{Kind:"Tenant", Namespace:"juju123", Name:"juju123", UID:"abbdb75b-c107-460a-9178-af283420f22b", APIVersion:"minio.min.io/v2", ResourceVersion:"5122", FieldPath:""}): type: 'Warning' reason: 'Deleted' Log search deployment deleted
I1104 15:56:15.413622 1 event.go:285] Event(v1.ObjectReference{Kind:"Tenant", Namespace:"juju123", Name:"juju123", UID:"abbdb75b-c107-460a-9178-af283420f22b", APIVersion:"minio.min.io/v2", ResourceVersion:"5122", FieldPath:""}): type: 'Warning' reason: 'Deleted' Log search service deleted
And you should no longer see them (just minio pod will be observed):
$ kubectl get pods -n juju123
NAME READY STATUS RESTARTS AGE
juju123-pool-0-0 1/1 Running 0 2m54s