github/falco
1
0
Fork 0
mirror of https://github.com/falcosecurity/falco.git synced 2025-10-22 12:27:10 +00:00
Code Issues Projects Releases Wiki Activity
Files
a3c8fa85d4c2ffdcd8540c95ddb28545a1ced74c
falco/docker
History
Jeremi Piotrowski 6d56571e23 update(docker,falco_scripts): fix kernel module build on Flatcar 
Relocate necessary tools from the kernel module build system to run using host
dynlinker and libraries, so that compiling falco module on Flatcar works.

Since Flatcar v2983.0.0, Flatcar ships with glibc-2.33, but the
falco-driver-loader container is based on debian:buster and so has a much older
glibc. This prevents some necessary tools within /lib/modules/*/build from
working which causes the falco module to fail to compile using dkms.

To make the tools work, we need to relocate them so we add patchelf to the
falco and local dockerfiles. The relocation is based on the approach done by
the sysdig agent-kmodule build system, but I'm unable to find the source code
for it. The host linker and libs will be found at /host/usr/lib64, so we change
the interpreter and rpath on the tools. The relocation happens on a copy of the
tools which are then bind mounted at the right location. The result allows the
module build to work.

Signed-off-by: Jeremi Piotrowski <jpiotrowski@microsoft.com>
2022-06-13 10:34:43 +02:00
..
builder
update(docker): updated falco-builder to fix multiarch support.
2022-06-09 09:33:39 +02:00
driver-loader
update(docker): correct container labels
2020-11-23 11:26:08 -05:00
falco
update(docker,falco_scripts): fix kernel module build on Flatcar
2022-06-13 10:34:43 +02:00
local
update(docker,falco_scripts): fix kernel module build on Flatcar
2022-06-13 10:34:43 +02:00
no-driver
new(docker,scripts): port all docker images to be multiarch ready.
2022-06-07 11:02:54 +02:00
tester
new(docker,scripts): port all docker images to be multiarch ready.
2022-06-07 11:02:54 +02:00
ubi
new(docker,scripts): port all docker images to be multiarch ready.
2022-06-07 11:02:54 +02:00
CMakeLists.txt
OWNERS
update(docker/OWNERS): add myself to approvers
2020-05-14 14:09:46 +02:00
README.md
docs(docker/readme): updated table to include experimental UBI-based image for Falco
2022-03-23 15:39:03 +01:00

README.md

Falco Dockerfiles

This directory contains various ways to package Falco as a container and related tools.

Currently Supported Images

Name Directory Description
falcosecurity/falco:latest, falcosecurity/falco:tag, falcosecurity/falco:master docker/falco Falco (DEB built from git tag or from the master) with all the building toolchain.
not yet published (experimental) docker/ubi Falco (built from RedHat's UBI base image) with the building toolchain.
falcosecurity/falco-driver-loader:latest, falcosecurity/falco-driver-loader:tag, falcosecurity/falco-driver-loader:master docker/driver-loader falco-driver-loader as entrypoint with the building toolchain.
falcosecurity/falco-no-driver:latest, falcosecurity/falco-no-driver:tag,falcosecurity/falco-no-driver:master docker/no-driver Falco (TGZ built from git tag or from the master) without the building toolchain.
falcosecurity/falco-builder:latest docker/builder The complete build tool chain for compiling Falco from source. See the documentation for more details on building from source. Used to build Falco (CI).
falcosecurity/falco-tester:latest docker/tester Container image for running the Falco test suite. Used to run Falco integration tests (CI).
not to be published docker/local Built on-the-fly and used by falco-tester.

Note: falco-builder, falco-tester (and the docker/local image that it's built on the fly) are not integrated into the release process because they are development and CI tools that need to be manually pushed only when updated.