update to handle audit changes

deads2k · deads2k · commit 2dd2187690d0 · 2018-01-09T16:07:15.000-05:00
diff --git a/pkg/cmd/server/kubernetes/master/master_config.go b/pkg/cmd/server/kubernetes/master/master_config.go
@@ -46,6 +46,7 @@ import (
 	utilflag "k8s.io/apiserver/pkg/util/flag"
 	auditlog "k8s.io/apiserver/plugin/pkg/audit/log"
 	auditwebhook "k8s.io/apiserver/plugin/pkg/audit/webhook"
+	pluginwebhook "k8s.io/apiserver/plugin/pkg/audit/webhook"
 	kubeclientgoinformers "k8s.io/client-go/informers"
 	openapicommon "k8s.io/kube-openapi/pkg/common"
 	kapiserveroptions "k8s.io/kubernetes/cmd/kube-apiserver/app/options"
@@ -819,7 +820,7 @@ func GetAuditConfig(auditConfig configapi.AuditConfig) (audit.Backend, auditpoli
 
 		// webhook configuration, only when config file was provided
 		if len(auditConfig.WebHookKubeConfig) > 0 {
-			webhook, err := auditwebhook.NewBackend(auditConfig.WebHookKubeConfig, string(auditConfig.WebHookMode), auditv1beta1.SchemeGroupVersion)
+			webhook, err := auditwebhook.NewBackend(auditConfig.WebHookKubeConfig, string(auditConfig.WebHookMode), auditv1beta1.SchemeGroupVersion, pluginwebhook.NewDefaultBatchBackendConfig())
 			if err != nil {
 				glog.Fatalf("Audit webhook initialization failed: %v", err)
 			}
diff --git a/pkg/cmd/server/kubernetes/master/master_config_test.go b/pkg/cmd/server/kubernetes/master/master_config_test.go
@@ -18,6 +18,7 @@ import (
 	apiserveroptions "k8s.io/apiserver/pkg/server/options"
 	"k8s.io/apiserver/pkg/storage/storagebackend"
 	utilconfig "k8s.io/apiserver/pkg/util/flag"
+	pluginwebhook "k8s.io/apiserver/plugin/pkg/audit/webhook"
 	kubeapiserveroptions "k8s.io/kubernetes/cmd/kube-apiserver/app/options"
 	cmapp "k8s.io/kubernetes/cmd/kube-controller-manager/app/options"
 	"k8s.io/kubernetes/pkg/api/legacyscheme"
@@ -125,12 +126,22 @@ func TestAPIServerDefaults(t *testing.T) {
 			EnableHttps: true,
 			HTTPTimeout: time.Duration(5) * time.Second,
 		},
+		// we currently overwrite this entire stanza, but we should be trying to collapse onto the upstream
+		// flag or config mechanism for kube.
 		Audit: &apiserveroptions.AuditOptions{
 			LogOptions: apiserveroptions.AuditLogOptions{
 				Format: "json",
 			},
 			WebhookOptions: apiserveroptions.AuditWebhookOptions{
 				Mode: "batch",
+				BatchConfig: pluginwebhook.BatchBackendConfig{
+					BufferSize:     10000,
+					MaxBatchSize:   400,
+					MaxBatchWait:   time.Duration(30000000000),
+					ThrottleQPS:    10,
+					ThrottleBurst:  15,
+					InitialBackoff: time.Duration(10000000000),
+				},
 			},
 		},
 		Features: &apiserveroptions.FeatureOptions{
