mirror of
https://github.com/falcosecurity/falco.git
synced 2025-10-21 11:29:26 +00:00
889fcc8b50
* Add falco service to k8s install/update labels Update the instructions for K8s RBAC installation to also create a service that maps to port 8765 of the falco pod. This allows other services to access the embedded webserver within falco. Also clean up the set of labels to use a consistent app: falco-example, role:security for each object. * Cange K8s Audit Example to use falco daemonset Change the K8s Audit Example instructions to use minikube in conjunction with a falco daemonset running inside of minikube. (We're going to start prebuilding kernel modules for recent minikube variants to make this possible). When running inside of minikube in conjunction with a service, you have to go through some additional steps to find the ClusterIP associated with the falco service and use that ip when configuring the k8s audit webhook. Overall it's still a more self-contained set of instructions, though.
14 lines
196 B
YAML
14 lines
196 B
YAML
kind: Service
|
|
apiVersion: v1
|
|
metadata:
|
|
name: falco-service
|
|
labels:
|
|
app: falco-example
|
|
role: security
|
|
spec:
|
|
selector:
|
|
app: falco-example
|
|
ports:
|
|
- protocol: TCP
|
|
port: 8765
|