kube-oidc-proxy
kube-oidc-proxy copied to clipboard
jetstack
kubectl hangs on some commands when audit logs are enabled
Hey,
I just noticed a thing this morning: When I try to delete something it hangs indefinitely. I have cancel the command :/ Actually for the moment I noticed that only for pods and namespaces, it works for deployments. Maybe they have different finalilzers.
I've seen this issue https://github.com/jetstack/kube-oidc-proxy/issues/135 and I checked that I'm using the latest version and this is the case.
I even tried to put a negative value --flush-interval=-1s but that didn't help.
Is this a known behavior ? Because I also noticed this limitation : https://github.com/jetstack/kube-oidc-proxy/issues/191
Thank you,
Well I tested several values and nothing worked so far. Here are the info about the environment:
kubectl: tested with 1.17.17 and 1.20.4
kubernetes: 1.17.17
image: quay.io/jetstack/kube-oidc-proxy:v0.3.0
kube-oidc-proxy flags:
- --secure-port=4443
- --tls-cert-file=/etc/oidc/tls/crt.pem
- --tls-private-key-file=/etc/oidc/tls/key.pem
- --oidc-client-id=$(OIDC_CLIENT_ID)
- --oidc-issuer-url=$(OIDC_ISSUER_URL)
- --oidc-username-claim=$(OIDC_USERNAME_CLAIM)
- --oidc-groups-claim=$(OIDC_GROUPS_CLAIM)
- --oidc-signing-algs=$(OIDC_SIGNING_ALGS)
- --token-passthrough
- --audit-log-path=-
- --audit-policy-file=/etc/oidc/audit/audit-policy.yaml
- --flush-interval=1s
Let me know if you need further details
Still digging because I face the issue when I enable the audit logs.
- --audit-log-path=-
- --audit-policy-file=/etc/oidc/audit/audit-policy.yaml
ok seems that this occurs only when enabling the audit logs. I have to disable the audit logs while trying to find out what is the root cause.