This feature is available in Enterprise Edition only.
The functionality of the module might significantly change. Compatibility with future versions is not guaranteed.

The module is not enabled by default in any bundles.

How to explicitly enable the module…

Set the spec.enabled module parameter to true or false in the ModuleConfig/runtime-audit-engine resource (create it, if necessary) to explicitly enable or disable the module, or use the deckhouse-controller module command in the d8-system/deckhouse pod.

Example of enabling the module:

  • by using the ModuleConfig resource:

    apiVersion: deckhouse.io/v1alpha1
kind: ModuleConfig
metadata:
  name: runtime-audit-engine
spec:
  enabled: true

  • by using the deckhouse-controller command (you need a kubectl, configured to work with the cluster):

    kubectl -ti -n d8-system exec deploy/deckhouse -c deckhouse -- deckhouse-controller module enable runtime-audit-engine

Example of disabling the module:

  • by using the ModuleConfig resource:

    apiVersion: deckhouse.io/v1alpha1
kind: ModuleConfig
metadata:
  name: runtime-audit-engine
spec:
  enabled: false

  • by using the deckhouse-controller command (you need a kubectl, configured to work with the cluster):

    kubectl -ti -n d8-system exec deploy/deckhouse -c deckhouse -- deckhouse-controller module disable runtime-audit-engine

The module is configured using the ModuleConfig custom resource named runtime-audit-engine (learn more about setting up Deckhouse…).

Example of the ModuleConfig/runtime-audit-engine resource for configuring the module:

apiVersion: deckhouse.io/v1alpha1
kind: ModuleConfig
metadata:
  name: runtime-audit-engine
spec:
  version: 1
  enabled: true
  settings: # <-- Module parameters from the "Parameters" section below.

Parameters

Schema version: 1

  • debugLogging
    boolean

    If true, all events will be duplicated to stdout.

  • resourcesRequests
    object

    Max amounts of CPU and memory resources that the pod can request when selecting a node.

    If the vertical-pod-autoscaler module is disabled, then these values become the default ones.

    Examples:

    resourcesRequests:
  mode: VPA
  vpa:
    mode: Auto
    cpu:
      min: 50m
      max: 2
    memory:
      min: 256Mi
      max: 2Gi

    resourcesRequests:
  mode: VPA
  vpa:
    mode: Initial
    cpu:
      min: 1
      max: 3000m
    memory:
      min: 1024
      max: 4096

    resourcesRequests:
  mode: Static
  static:
    cpu: 55m
    memory: 256Ki
    • resourcesRequests.mode
      string

      Required value

      Resource request management mode:

      • Static is a classic one. In it, you explicitly specify requests. The parameters of this mode are defined in the static parameter section;
      • VPA mode uses VPA. You can configure this mode by modifying parameters in the vpa parameter section.

      Default: "VPA"

      Allowed values: VPA, Static

    • resourcesRequests.static
      object

      Resource request management options for the Static mode.

      • resourcesRequests.static.cpu

        Required value

        Configuring CPU requests.

        Default: 50m

      • resourcesRequests.static.memory

        Required value

        Configuring memory requests.

        Default: 64Mi

    • resourcesRequests.vpa
      object

      Resource request management options for the VPA mode.

      • resourcesRequests.vpa.cpu
        object

        Required value

        CPU-related parameters.

        • resourcesRequests.vpa.cpu.max

          The maximum value that the VPA can set for the CPU requests.

          Default: 4000m

        • resourcesRequests.vpa.cpu.min

          The minimum value that the VPA can set for the CPU requests.

          Default: 50m

      • resourcesRequests.vpa.memory
        object

        Required value

        The amount of memory requested.

        • resourcesRequests.vpa.memory.max

          The maximum memory requests the VPA can set.

          Default: 5Gi

        • resourcesRequests.vpa.memory.min

          The minimum memory requests the VPA can set.

          Default: 64Mi

      • resourcesRequests.vpa.mode
        string

        Required value

        The VPA usage mode.

        Default: "Initial"

        Allowed values: Initial, Auto