mirror of
https://github.com/falcosecurity/falco.git
synced 2025-10-21 19:44:57 +00:00
f515ffc439
update API resource version and remove deprecated one. Signed-off-by: maxgio92 <massimiliano.giovagnoli.1992@gmail.com>
86 lines
2.4 KiB
YAML
86 lines
2.4 KiB
YAML
apiVersion: apps/v1
|
|
kind: DaemonSet
|
|
metadata:
|
|
name: falco-daemonset
|
|
labels:
|
|
app: falco-example
|
|
role: security
|
|
spec:
|
|
selector:
|
|
matchLabels:
|
|
app: falco-example
|
|
role: security
|
|
template:
|
|
metadata:
|
|
labels:
|
|
app: falco-example
|
|
role: security
|
|
spec:
|
|
serviceAccount: falco-account
|
|
containers:
|
|
- name: falco
|
|
image: falcosecurity/falco:latest
|
|
securityContext:
|
|
privileged: true
|
|
# Uncomment the 3 lines below to enable eBPF support for Falco.
|
|
# This allows Falco to run on Google COS.
|
|
# Leave blank for the default probe location, or set to the path
|
|
# of a precompiled probe.
|
|
# env:
|
|
# - name: FALCO_BPF_PROBE
|
|
# value: ""
|
|
args: [ "/usr/bin/falco", "--cri", "/run/containerd/containerd.sock", "-K", "/var/run/secrets/kubernetes.io/serviceaccount/token", "-k", "https://$(KUBERNETES_SERVICE_HOST)", "-pk"]
|
|
volumeMounts:
|
|
- mountPath: /host/var/run/docker.sock
|
|
name: docker-socket
|
|
- mountPath: /host/run/containerd/containerd.sock
|
|
name: containerd-socket
|
|
- mountPath: /host/dev
|
|
name: dev-fs
|
|
readOnly: true
|
|
- mountPath: /host/proc
|
|
name: proc-fs
|
|
readOnly: true
|
|
- mountPath: /host/boot
|
|
name: boot-fs
|
|
readOnly: true
|
|
- mountPath: /host/lib/modules
|
|
name: lib-modules
|
|
readOnly: true
|
|
- mountPath: /host/usr
|
|
name: usr-fs
|
|
readOnly: true
|
|
- mountPath: /host/etc/
|
|
name: etc-fs
|
|
readOnly: true
|
|
- mountPath: /etc/falco
|
|
name: falco-config
|
|
volumes:
|
|
- name: docker-socket
|
|
hostPath:
|
|
path: /var/run/docker.sock
|
|
- name: containerd-socket
|
|
hostPath:
|
|
path: /run/containerd/containerd.sock
|
|
- name: dev-fs
|
|
hostPath:
|
|
path: /dev
|
|
- name: proc-fs
|
|
hostPath:
|
|
path: /proc
|
|
- name: boot-fs
|
|
hostPath:
|
|
path: /boot
|
|
- name: lib-modules
|
|
hostPath:
|
|
path: /lib/modules
|
|
- name: usr-fs
|
|
hostPath:
|
|
path: /usr
|
|
- name: etc-fs
|
|
hostPath:
|
|
path: /etc
|
|
- name: falco-config
|
|
configMap:
|
|
name: falco-config
|