Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Adjust audit policy to omit high-volume or large responses from expected actors #52998

Merged
merged 2 commits into from
Sep 26, 2017
Merged

Adjust audit policy to omit high-volume or large responses from expected actors #52998

merged 2 commits into from
Sep 26, 2017

Conversation

liggitt
Copy link
Member

@liggitt liggitt commented Sep 25, 2017
edited

Builds on #52960

Possibly related to density test failures #51899 (comment)

@k8s-ci-robot k8s-ci-robot added size/S Denotes a PR that changes 10-29 lines, ignoring generated files. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. labels Sep 25, 2017
@k8s-github-robot k8s-github-robot added the do-not-merge/release-note-label-needed Indicates that a PR should not merge because it's missing one of the release note labels. label Sep 25, 2017
shyamjvs
shyamjvs reviewed Sep 25, 2017
View reviewed changes
cluster/gce/gci/configure-helper.sh Outdated
@@ -577,6 +577,31 @@ rules:
- group: "" # core
resources: ["events"]

# node and pod status calls from nodes are high-volume and can be large, don't log responses for expected updates from nodes
- level: Request
users: ["kubelet"] # legacy kubelet identity
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think NPD is doing this too quite frequently.

@crassirostris
Copy link

/cc @tallclair @destijl

Please review

@liggitt liggitt force-pushed the audit-scale branch 2 times, most recently from 6ba649a to 4090914 Compare September 25, 2017 16:29
@soltysh
Copy link
Contributor

soltysh commented Sep 25, 2017

The policy change lgtm

@shyamjvs shyamjvs mentioned this pull request Sep 25, 2017
Merged
@liggitt liggitt added area/audit area/platform/gce sig/scalability Categorizes an issue or PR as relevant to SIG Scalability. release-note-none Denotes a PR that doesn't merit a release note. and removed do-not-merge/release-note-label-needed Indicates that a PR should not merge because it's missing one of the release note labels. labels Sep 25, 2017
@shyamjvs
Copy link
Member

Policy lgtm - will let you know if there's sth else bothering at scale (none that I can see for now). It'd be good if we can get this merged asap.

@crassirostris
Copy link

OK, this seems fine anyway

/lgtm

@k8s-ci-robot k8s-ci-robot added the lgtm "Looks good to me", indicates that a PR is ready to be merged. label Sep 25, 2017
@shyamjvs
Copy link
Member

@liggitt Could you (maybe in a separate PR) move the policy out into a separate file so we can reuse it for kubemark?

@k8s-github-robot k8s-github-robot removed the lgtm "Looks good to me", indicates that a PR is ready to be merged. label Sep 25, 2017
@liggitt
Copy link
Member Author

liggitt commented Sep 25, 2017

#52560 flake
/retest

@tallclair
Copy link
Member

/lgtm

@k8s-ci-robot k8s-ci-robot added the lgtm "Looks good to me", indicates that a PR is ready to be merged. label Sep 25, 2017
@liggitt liggitt mentioned this pull request Sep 25, 2017
Closed
@liggitt liggitt added this to the v1.8 milestone Sep 25, 2017
@liggitt
Copy link
Member Author

liggitt commented Sep 25, 2017

/assign @mikedanese @roberthbailey
for gce approval

This was referenced Sep 25, 2017
Merged
Closed
@liggitt liggitt modified the milestones: v1.8, v1.9 Sep 25, 2017
@destijl
Copy link
Member

destijl commented Sep 25, 2017

/lgtm

@roberthbailey
Copy link
Contributor

/approve

@k8s-github-robot
Copy link

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: crassirostris, destijl, liggitt, roberthbailey, tallclair

Associated issue: 51899

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these OWNERS Files:

You can indicate your approval by writing /approve in a comment
You can cancel your approval by writing /approve cancel in a comment

@k8s-github-robot k8s-github-robot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Sep 26, 2017
@fejta-bot
Copy link

/retest
This bot automatically retries jobs that failed/flaked on approved PRs (send feedback to @fejta).

Review the full test history for this PR.

@sttts
Copy link
Contributor

sttts commented Sep 26, 2017

/retest

@fejta-bot
Copy link

/retest
This bot automatically retries jobs that failed/flaked on approved PRs (send feedback to @fejta).

Review the full test history for this PR.

3 similar comments
@fejta-bot
Copy link

/retest
This bot automatically retries jobs that failed/flaked on approved PRs (send feedback to @fejta).

Review the full test history for this PR.

@fejta-bot
Copy link

/retest
This bot automatically retries jobs that failed/flaked on approved PRs (send feedback to @fejta).

Review the full test history for this PR.

@fejta-bot
Copy link

/retest
This bot automatically retries jobs that failed/flaked on approved PRs (send feedback to @fejta).

Review the full test history for this PR.

@k8s-github-robot
Copy link

Automatic merge from submit-queue (batch tested with PRs 52721, 53057, 52493, 52998, 52896). If you want to cherry-pick this change to another branch, please follow the instructions here.

@k8s-github-robot k8s-github-robot merged commit bafe4fb into kubernetes:master Sep 26, 2017
@liggitt liggitt deleted the audit-scale branch September 29, 2017 15:00
This was referenced Oct 2, 2017
Closed
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@shyamjvs shyamjvs shyamjvs left review comments

@tallclair tallclair tallclair left review comments

@destijl destijl Awaiting requested review from destijl

Assignees

@soltysh soltysh

@destijl destijl

@crassirostris crassirostris

@mikedanese mikedanese

@shyamjvs shyamjvs

@roberthbailey roberthbailey

@tallclair tallclair

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. area/audit area/platform/gce cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. lgtm "Looks good to me", indicates that a PR is ready to be merged. release-note-none Denotes a PR that doesn't merit a release note. sig/scalability Categorizes an issue or PR as relevant to SIG Scalability. size/S Denotes a PR that changes 10-29 lines, ignoring generated files.
Projects
None yet
Milestone
v1.9
Development

Successfully merging this pull request may close these issues.

None yet