如何查看 kubernetes 集群的 kubectl 执行历史？

Question

Suppose I have a Kubernetes cluster, devops manages the cluster using kubectl. How can I track the kubectl execution on the cluster to monitor if there is any suspicious activities?

Answer 1

As suggested by @P Use audit logs , as previously mentioned in the comments, to obtain the complete history beginning with the creation of a cluster.

In addition, you might be able to version control all of your cluster's state if you use gitops. You'll be able to track down every change to your cluster with this.

Kubernetes likewise keeps a set of experiences (the length of which can likewise be controlled) for rollouts. The kubectl rollout command lets you see a rollout's state and its history.

It will have an explanation indicating their past arrangement changes. However, only one previous "version" is displayed. You can search for ReplicaSets or run kubectl rollout history to find changes in deployment history.

When creating the deployment, use --record to initiate the replication of the deployment into the ReplicaSet.

$ kubectl create -f deploy.yaml --record=true

The replica set keeps the deployment's previous configuration even when a new version is deployed. Check out the deployment track; even we can automate this. In the kubernetes deployment, this ought to be the default choice, but it is set to false by default.

The following commands can then be used to check the status and history:

$ kubectl rollout status deploy myapp-deployment 
$ kubectl rollout history deploy myapp-deployment