Kubernetes audit log not generated

[chrissound]

/kind bug

/var/log/kubernetes/audit remains empty even with new pods / deployments generated.

I've setup my own cluster in two vms using kubeadm with the following config:

apiVersion: kubeadm.k8s.io/v1alpha2
api:
  advertiseAddress: 192.168.0.33
  bindPort: 6443
networking:
  podSubnet: "10.244.0.0/16"
auditPolicy:
  logDir: /var/log/kubernetes/audit
  logMaxAge: 2
  path: ""

/var/log/kubernetes/audit exists and has 777 permissions.

kubectl version
Client Version: version.Info{Major:"1", Minor:"11", GitVersion:"v1.11.0", GitCommit:"91e7b4fd31fcd3d5f436da26c980becec37ceefe", GitTreeState:"clean", BuildDate:"2018-06-27T20:17:28Z", GoVersion:"go1.10.2", Compiler:"gc", Platform:"linux/amd64"}
The connection to the server localhost:8080 was refused - did you specify the right host or port?

[neolit123]

@chrissound
thank your for the report!

are you passing --feature-gates=Auditing=true to kubeadm init?
Auditing is an alpha in 1.11.

something else you can do if you want more control, is to pass the --audit-... arguments directly to the api server using this:
https://kubernetes.io/docs/setup/independent/control-plane-flags/#apiserver-flags

also please mind that we are moving away from auditPolicy being a root item in the config.

[chrissound]

Yup I think that was the issue. Thanks, I wish it were only better documented. But oh well...

For a full working example see here: https://stackoverflow.com/a/51639307/1663462