Profile Applicability:
Level 2
Description:
The --eventRecordQPS flag in Kubernetes controls the number of events that the API server records per second. Setting this argument to 0 disables event recording, while setting it to a non-zero value ensures that events are captured at the specified rate. Ensuring that this is appropriately configured ensures that Kubernetes events are captured as needed without overwhelming the system with unnecessary traffic.
Rationale:
Setting the --eventRecordQPS to 0 disables event recording entirely, which might be appropriate for performance reasons in certain environments. However, setting it to a reasonable non-zero value ensures that important events are captured without overloading the system. Proper configuration of event capture is critical for monitoring and troubleshooting.
Impact:
Pros:
Properly configured QPS ensures that important events are captured for debugging, monitoring, and auditing.
Prevents excessive load on the system when event recording is not necessary.
Cons:
If set too high, it could lead to performance issues or excessive log data.
Disabling event recording entirely (setting to 0) may lead to missing important events.
Default Value:
The default value may vary depending on the Kubernetes version and configuration, but setting it to a reasonable value helps balance performance and event capture.
Pre-requisites:
Ensure that the system can handle event recording at the set QPS rate without performance degradation.
Remediation
Test Plan:
Using Azure Console:
Access the Kubernetes cluster configuration settings.
Review the kube-apiserver configuration to check if the --eventRecordQPS flag is set to an appropriate value (either 0 or a reasonable rate).
Using Azure CLI:
Use the following command to check the current configuration of the --eventRecordQPS:
ps aux | grep kube-apiserver
Ensure that the --eventRecordQPS argument is set to 0 or a value that meets event recording requirements.
Implementation Plan:
Using Azure Console:
Access the kube-apiserver configuration.
Set the --eventRecordQPS argument to 0 (to disable event recording) or a reasonable value (e.g., 10 for 10 events per second) based on your environment needs.
Using Azure CLI:
Update the --eventRecordQPS flag by modifying the kube-apiserver configuration:
kubectl -n kube-system edit deployment kube-apiserver
Set the --eventRecordQPS to 0 or an appropriate value like 10.
Backout Plan:
Using Azure Console:
If the change causes performance issues or fails to capture events as required, revert the --eventRecordQPS setting to its original configuration or adjust the value.
Using Azure CLI:
Revert the --eventRecordQPS flag by modifying the configuration:
kubectl -n kube-system edit deployment kube-apiserver
Set the flag back to its default or the desired level of event capture.