falco

github/falco

Fork 0

mirror of https://github.com/falcosecurity/falco.git synced 2025-10-21 19:44:57 +00:00

Commit Graph

Author	SHA1	Message	Date
Mark Stemm	bd4c3ffa39	Add additional k8s rbac resources (#514 ) Falco also needs to list/watch replicasets, daemonsets, and deployments, so add them to the resources list.	2019-02-06 15:51:57 -08:00
Mark Stemm	889fcc8b50	Add falco service k8s (#496 ) * Add falco service to k8s install/update labels Update the instructions for K8s RBAC installation to also create a service that maps to port 8765 of the falco pod. This allows other services to access the embedded webserver within falco. Also clean up the set of labels to use a consistent app: falco-example, role:security for each object. * Cange K8s Audit Example to use falco daemonset Change the K8s Audit Example instructions to use minikube in conjunction with a falco daemonset running inside of minikube. (We're going to start prebuilding kernel modules for recent minikube variants to make this possible). When running inside of minikube in conjunction with a service, you have to go through some additional steps to find the ClusterIP associated with the falco service and use that ip when configuring the k8s audit webhook. Overall it's still a more self-contained set of instructions, though.	2019-01-16 18:12:02 -08:00
Néstor Salceda	c05319927a	Move kubernetes manifests from examples to integrations	2018-07-13 13:08:38 +02:00

Author

SHA1

Message

Date

Mark Stemm

bd4c3ffa39

Add additional k8s rbac resources (#514 )

Falco also needs to list/watch replicasets, daemonsets, and deployments,
so add them to the resources list.

2019-02-06 15:51:57 -08:00

Mark Stemm

889fcc8b50

Add falco service k8s (#496 )

* Add falco service to k8s install/update labels

Update the instructions for K8s RBAC installation to also create a
service that maps to port 8765 of the falco pod. This allows other
services to access the embedded webserver within falco.

Also clean up the set of labels to use a consistent app: falco-example,
role:security for each object.

* Cange K8s Audit Example to use falco daemonset

Change the K8s Audit Example instructions to use minikube in conjunction
with a falco daemonset running inside of minikube. (We're going to start
prebuilding kernel modules for recent minikube variants to make this
possible).

When running inside of minikube in conjunction with a service, you have
to go through some additional steps to find the ClusterIP associated
with the falco service and use that ip when configuring the k8s audit
webhook. Overall it's still a more self-contained set of instructions,
though.

2019-01-16 18:12:02 -08:00

Néstor Salceda

c05319927a

Move kubernetes manifests from examples to integrations

2018-07-13 13:08:38 +02:00

3 Commits