Add falco service k8s (#496)

* Add falco service to k8s install/update labels Update the instructions for K8s RBAC installation to also create a service that maps to port 8765 of the falco pod. This allows other services to access the embedded webserver within falco. Also clean up the set of labels to use a consistent app: falco-example, role:security for each object. * Cange K8s Audit Example to use falco daemonset Change the K8s Audit Example instructions to use minikube in conjunction with a falco daemonset running inside of minikube. (We're going to start prebuilding kernel modules for recent minikube variants to make this possible). When running inside of minikube in conjunction with a service, you have to go through some additional steps to find the ClusterIP associated with the falco service and use that ip when configuring the k8s audit webhook. Overall it's still a more self-contained set of instructions, though.
2025-10-21 19:44:57 +00:00 · 2019-01-16 18:12:02 -08:00
parent 6863675b76
commit 889fcc8b50
6 changed files with 59 additions and 14 deletions
--- a/integrations/k8s-using-daemonset/k8s-with-rbac/falco-account.yaml
+++ b/integrations/k8s-using-daemonset/k8s-with-rbac/falco-account.yaml
@@ -2,11 +2,17 @@ apiVersion: v1
 kind: ServiceAccount
 metadata:
  name: falco-account
+  labels:
+    app: falco-example
+    role: security
 ---
 kind: ClusterRole
 apiVersion: rbac.authorization.k8s.io/v1beta1
 metadata:
  name: falco-cluster-role
+  labels:
+    app: falco-example
+    role: security
 rules:
  - apiGroups: ["extensions",""]
    resources: ["nodes","namespaces","pods","replicationcontrollers","services","events","configmaps"]
@@ -19,6 +25,9 @@ apiVersion: rbac.authorization.k8s.io/v1beta1
 metadata:
  name: falco-cluster-role-binding
  namespace: default
+  labels:
+    app: falco-example
+    role: security
 subjects:
  - kind: ServiceAccount
    name: falco-account
--- a/integrations/k8s-using-daemonset/k8s-with-rbac/falco-daemonset-configmap.yaml
+++ b/integrations/k8s-using-daemonset/k8s-with-rbac/falco-daemonset-configmap.yaml
@@ -1,16 +1,15 @@
 apiVersion: extensions/v1beta1
 kind: DaemonSet
 metadata:
-  name: falco
+  name: falco-daemonset
  labels:
-    name: falco-daemonset
-    app: demo
+    app: falco-example
+    role: security
 spec:
  template:
    metadata:
      labels:
-        name: falco
-        app: demo
+        app: falco-example
        role: security
    spec:
      serviceAccount: falco-account
--- a/integrations/k8s-using-daemonset/k8s-with-rbac/falco-service.yaml
+++ b/integrations/k8s-using-daemonset/k8s-with-rbac/falco-service.yaml
@@ -0,0 +1,13 @@
+kind: Service
+apiVersion: v1
+metadata:
+  name: falco-service
+  labels:
+    app: falco-example
+    role: security
+spec:
+  selector:
+    app: falco-example
+  ports:
+  - protocol: TCP
+    port: 8765