Naadir Jeewa
Naadir Jeewa
We have the same issue in CAPA
Looking into this I think there are two options: * Make the containerd audit rules opt-in for CIS compliance * Default to masking the systemd-journald-audit.socket so audit logs only go...
> 2nd option would be the same as on other operating systems? I checked, and in fact, Fedora / RH do still log to journald, the spamming is caused by...
Spam is on everything except Flatcar by the looks of the Ansible.
/lifecycle frozen
> Sure, but that also means that we may need to do things such as modify kernels based on the targeted cloud provider, install per-provider required drivers, per-provider required agents,...
> which state that installing the linux-aws package is required Hadn't looked at Ubuntu, but [ENA is definitely in the mainline kernel](https://github.com/torvalds/linux/tree/master/drivers/net/ethernet/amazon/ena), so I think Canonical are carving up the...
Suspect it's not using local object reference to grab the secret and ended up in the wrong namespace. Possibly a bug for the vsphere provider.
/assign /lifecycle active
/lifecycle frozen