github/falco
1
0
Fork 0
mirror of https://github.com/falcosecurity/falco.git synced 2025-09-03 07:34:53 +00:00
Code Issues Projects Releases Wiki Activity

docs: reflect the changes to probeloader docker images

Browse Source 
Co-Authored-By: Leonardo Di Donato <leodidonato@gmail.com>
Signed-off-by: Lorenzo Fontana <lo@linux.com>
This commit is contained in:
Lorenzo Fontana
2019-10-11 17:02:00 +02:00
committed by Leo Di Donato
parent 707cdb5184
commit 7dc62b3119
2 changed files with 7 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
docker/README.md
View File

@@ -26,5 +26,5 @@ The goal of these container images is to reduce the size of the underlying Falco
### Init Containers ### Init Containers
These container images allow for the delivery of the kernel module or eBPF probe either via HTTP or via a container image. These container images allow for the delivery of the kernel module or eBPF probe either via HTTP or via a container image.
- `kernel/linuxkit`: Multistage Dockerfile to build a Falco kernel module for Linuxkit (Docker Desktop). Generates an alpine based container image with the kernel module, and `insmod` as the container `CMD`. - `kernel/linuxkit`: Multistage Dockerfile to build a Falco kernel module for Linuxkit (Docker Desktop). Generates an alpine based container image with the kernel module, and `insmod` as the container `CMD`.
- `kernel/httploader`: Multistage Dockerfile to build a Go based application to download (via HTTPS) and load a Falco kernel module. The resulting container image can be ran as an `initContainer` to load the Falco module before Falco starts. - `kernel/probeloader`: Multistage Dockerfile to build a Go based application to download (via HTTPS) and load a Falco kernel module. The resulting container image can be ran as an `initContainer` to load the Falco module before Falco starts.

13
integrations/k8s-using-daemonset/k8s-with-rbac/falco-daemonset-configmap-slim.yaml
View File

@@ -14,17 +14,16 @@ spec:
spec: spec:
serviceAccount: falco-account serviceAccount: falco-account
initContainers: initContainers:
- name: httploader - name: probeloader
image: falcosecurity/httploader:latest image: falcosecurity/probeloader:latest
command: ['/httploader']
securityContext: securityContext:
privileged: true privileged: true
#env: #env:
# - name: FALCO_VERSION # - name: FALCOCTL_FALCO_VERSION
# value: 0.17.0 # value: 0.17.0
# - name: FALCO_PROBE_URL # - name: FALCOCTL_FALCO_PROBE_URL
# value: # value:
# - name: FALCO_PROBE_REPO # - name: FALCOCTL_FALCO_PROBE_REPO
# value: "https://s3.amazonaws.com/download.draios.com/stable/sysdig-probe-binaries/" # value: "https://s3.amazonaws.com/download.draios.com/stable/sysdig-probe-binaries/"
volumeMounts: volumeMounts:
- mountPath: /host/boot - mountPath: /host/boot
@@ -32,7 +31,7 @@ spec:
readOnly: true readOnly: true
containers: containers:
- name: falco - name: falco
image: falcosecurity/falco-minimal:latest image: falcosecurity/falco:0.17.1-slim
securityContext: securityContext:
privileged: true privileged: true
# Uncomment the 3 lines below to enable eBPF support for Falco. # Uncomment the 3 lines below to enable eBPF support for Falco.