Add /etc mount for falco container (#475)

This commit is contained in:
Michael Ducy 2019-01-23 21:13:05 -06:00 committed by Mark Stemm
parent b8a25c6e71
commit ec07f7c240

View File

@ -18,6 +18,13 @@ spec:
image: falcosecurity/falco:latest
securityContext:
privileged: true
# Uncomment the 3 lines below to enable eBPF support for Falco.
# This allows Falco to run on Google COS.
# Leave blank for the default probe location, or set to the path
# of a precompiled probe.
# env:
# - name: SYSDIG_BPF_PROBE
# value: ""
args: [ "/usr/bin/falco", "-K", "/var/run/secrets/kubernetes.io/serviceaccount/token", "-k", "https://kubernetes.default", "-pk"]
volumeMounts:
- mountPath: /host/var/run/docker.sock
@ -36,6 +43,9 @@ spec:
- mountPath: /host/usr
name: usr-fs
readOnly: true
- mountPath: /host/etc/
name: etc-fs
readOnly: true
- mountPath: /etc/falco
name: falco-config
volumes:
@ -57,6 +67,9 @@ spec:
- name: usr-fs
hostPath:
path: /usr
- name: etc-fs
hostPath:
path: /etc
- name: falco-config
configMap:
name: falco-config