github/falco
1
0
Fork 0
mirror of https://github.com/falcosecurity/falco.git synced 2025-07-07 11:49:07 +00:00
Code Issues Projects Releases Wiki Activity

Add /etc mount for falco container (#475)

Browse Source
This commit is contained in:
Michael Ducy 2019-01-23 21:13:05 -06:00 committed by Mark Stemm
parent b8a25c6e71
commit ec07f7c240
1 changed files with 13 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
integrations/k8s-using-daemonset/k8s-with-rbac/falco-daemonset-configmap.yaml
View File

@ -18,6 +18,13 @@ spec:
image: falcosecurity/falco:latest image: falcosecurity/falco:latest
securityContext: securityContext:
privileged: true privileged: true
# Uncomment the 3 lines below to enable eBPF support for Falco.
# This allows Falco to run on Google COS.
# Leave blank for the default probe location, or set to the path
# of a precompiled probe.
# env:
# - name: SYSDIG_BPF_PROBE
# value: ""
args: [ "/usr/bin/falco", "-K", "/var/run/secrets/kubernetes.io/serviceaccount/token", "-k", "https://kubernetes.default", "-pk"] args: [ "/usr/bin/falco", "-K", "/var/run/secrets/kubernetes.io/serviceaccount/token", "-k", "https://kubernetes.default", "-pk"]
volumeMounts: volumeMounts:
- mountPath: /host/var/run/docker.sock - mountPath: /host/var/run/docker.sock
@ -36,6 +43,9 @@ spec:
- mountPath: /host/usr - mountPath: /host/usr
name: usr-fs name: usr-fs
readOnly: true readOnly: true
- mountPath: /host/etc/
name: etc-fs
readOnly: true
- mountPath: /etc/falco - mountPath: /etc/falco
name: falco-config name: falco-config
volumes: volumes:
@ -57,6 +67,9 @@ spec:
- name: usr-fs - name: usr-fs
hostPath: hostPath:
path: /usr path: /usr
- name: etc-fs
hostPath:
path: /etc
- name: falco-config - name: falco-config
configMap: configMap:
name: falco-config name: falco-config