github/falco
1
0
Fork 0
mirror of https://github.com/falcosecurity/falco.git synced 2025-06-28 15:47:25 +00:00
Code Issues Projects Releases Wiki Activity

rule(Create HostNetwork Pod): add images

Browse Source 
Add a set of images known to run in the host network. Mostly related to
GKE, sometimes plus metrics collection.

Signed-off-by: Mark Stemm <mark.stemm@gmail.com>
This commit is contained in:
Mark Stemm 2020-08-27 17:58:15 -07:00 committed by poiana
parent de9c8720c0
commit 702d989cd0
1 changed files with 10 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
rules/falco_rules.yaml
View File

@ -1933,7 +1933,16 @@
# These container images are allowed to run with hostnetwork=true
- list: falco_hostnetwork_images
items: []
items: [
gcr.io/google-containers/prometheus-to-sd,
gcr.io/projectcalico-org/typha,
gcr.io/projectcalico-org/node,
gke.gcr.io/gke-metadata-server,
gke.gcr.io/kube-proxy,
gke.gcr.io/netd-amd64,
k8s.gcr.io/ip-masq-agent-amd64
k8s.gcr.io/prometheus-to-sd,
]
# Add conditions to this macro (probably in a separate file,
# overwriting this macro) to specify additional containers that are