Skip to content
Snippets Groups Projects
Unverified Commit 4e009544 authored by Liz Rice's avatar Liz Rice Committed by GitHub
Browse files

docs: add Troubleshooting (#638) 

* docs: add Troubleshooting

Adding basic instructions for running with debug logs

* docs: remember --logtostderr

* docs: note about cfg requirement

Note that installing a binary release is not sufficient - you also need the config and test files
Fixes #613
parent 20ec5d14
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
Showing
with 8 additions and 1 deletion
README.md
+ 8
1
View file @ 4e009544
...@@ -38,6 +38,7 @@ Table of Contents ...@@ -38,6 +38,7 @@ Table of Contents
* [Running on OpenShift](#running-on-openshift) * [Running on OpenShift](#running-on-openshift)
* [Output](#output) * [Output](#output)
* [Configuration](#configuration) * [Configuration](#configuration)
* [Troubleshooting](#troubleshooting)
* [Test config YAML representation](#test-config-yaml-representation) * [Test config YAML representation](#test-config-yaml-representation)
* [Omitting checks](#omitting-checks) * [Omitting checks](#omitting-checks)
* [Roadmap](#roadmap) * [Roadmap](#roadmap)
...@@ -68,7 +69,7 @@ By default, kube-bench will determine the test set to run based on the Kubernete ...@@ -68,7 +69,7 @@ By default, kube-bench will determine the test set to run based on the Kubernete
You can choose to You can choose to
* run kube-bench from inside a container (sharing PID namespace with the host) * run kube-bench from inside a container (sharing PID namespace with the host)
* run a container that installs kube-bench on the host, and then run kube-bench directly on the host * run a container that installs kube-bench on the host, and then run kube-bench directly on the host
* install the latest binaries from the [Releases page](https://github.com/aquasecurity/kube-bench/releases), * install the latest binaries from the [Releases page](https://github.com/aquasecurity/kube-bench/releases), though please note that you also need to download the config and test files from the `cfg` directory
* compile it from source. * compile it from source.
## Running kube-bench ## Running kube-bench
...@@ -301,6 +302,12 @@ Any settings in the version-specific config file `cfg/<version>/config.yaml` tak ...@@ -301,6 +302,12 @@ Any settings in the version-specific config file `cfg/<version>/config.yaml` tak
You can read more about `kube-bench` configuration in our [documentation](docs/README.md#configuration-and-variables). You can read more about `kube-bench` configuration in our [documentation](docs/README.md#configuration-and-variables).
## Troubleshooting
Running `kube-bench` with the `-v 3 --logtostderr` parameters will generate debug logs that can be very helpful for debugging problems.
If you are using one of the example `job*.yaml` files, you will need to edit the `command` field, for example `["kube-bench", "-v", "3", "--logtostderr"]`. Once the job has run, the logs can be retrieved using `kubectl logs` on the job's pod.
## Test config YAML representation ## Test config YAML representation
The tests (or "controls") are represented as YAML documents (installed by default into `./cfg`). There are different versions of these test YAML files reflecting different versions of the CIS Kubernetes Benchmark. You will find more information about the test file YAML definitions in our [documentation](docs/README.md). The tests (or "controls") are represented as YAML documents (installed by default into `./cfg`). There are different versions of these test YAML files reflecting different versions of the CIS Kubernetes Benchmark. You will find more information about the test file YAML definitions in our [documentation](docs/README.md).
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment