mirror of
https://github.com/falcosecurity/falco.git
synced 2025-07-06 11:26:44 +00:00
Add /etc mount for falco container (#475)
This commit is contained in:
parent
b8a25c6e71
commit
ec07f7c240
@ -18,6 +18,13 @@ spec:
|
||||
image: falcosecurity/falco:latest
|
||||
securityContext:
|
||||
privileged: true
|
||||
# Uncomment the 3 lines below to enable eBPF support for Falco.
|
||||
# This allows Falco to run on Google COS.
|
||||
# Leave blank for the default probe location, or set to the path
|
||||
# of a precompiled probe.
|
||||
# env:
|
||||
# - name: SYSDIG_BPF_PROBE
|
||||
# value: ""
|
||||
args: [ "/usr/bin/falco", "-K", "/var/run/secrets/kubernetes.io/serviceaccount/token", "-k", "https://kubernetes.default", "-pk"]
|
||||
volumeMounts:
|
||||
- mountPath: /host/var/run/docker.sock
|
||||
@ -36,6 +43,9 @@ spec:
|
||||
- mountPath: /host/usr
|
||||
name: usr-fs
|
||||
readOnly: true
|
||||
- mountPath: /host/etc/
|
||||
name: etc-fs
|
||||
readOnly: true
|
||||
- mountPath: /etc/falco
|
||||
name: falco-config
|
||||
volumes:
|
||||
@ -57,6 +67,9 @@ spec:
|
||||
- name: usr-fs
|
||||
hostPath:
|
||||
path: /usr
|
||||
- name: etc-fs
|
||||
hostPath:
|
||||
path: /etc
|
||||
- name: falco-config
|
||||
configMap:
|
||||
name: falco-config
|
||||
|
Loading…
Reference in New Issue
Block a user