github/kubeshark
1
0
Fork 0
mirror of https://github.com/kubeshark/kubeshark.git synced 2025-08-31 10:11:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

🔨 Make the config field tags camelCase

Browse Source
This commit is contained in:
M. Mert Yildiran
2023-10-25 18:00:32 +03:00
parent 7e56d45c6b
commit 3b5cd6c77b
12 changed files with 87 additions and 87 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
config/configStruct.go
View File

@@ -10,7 +10,7 @@ import (
)
const (
KubeConfigPathConfigName = "kube-configpath"
KubeConfigPathConfigName = "kube-configPath"
)
func CreateDefaultConfig() ConfigStruct {
@@ -32,7 +32,7 @@ func CreateDefaultConfig() ConfigStruct {
}
type KubeConfig struct {
ConfigPathStr string `yaml:"configpath" json:"configpath"`
ConfigPathStr string `yaml:"configPath" json:"configPath"`
Context string `yaml:"context" json:"context"`
}
@@ -45,7 +45,7 @@ type ConfigStruct struct {
Logs configStructs.LogsConfig `yaml:"logs" json:"logs"`
Config configStructs.ConfigConfig `yaml:"config,omitempty" json:"config,omitempty"`
Kube KubeConfig `yaml:"kube" json:"kube"`
DumpLogs bool `yaml:"dumplogs" json:"dumplogs" default:"false"`
DumpLogs bool `yaml:"dumpLogs" json:"dumpLogs" default:"false"`
HeadlessMode bool `yaml:"headless" json:"headless" default:"false"`
License string `yaml:"license" json:"license" default:""`
Scripting configStructs.ScriptingConfig `yaml:"scripting" json:"scripting"`

2
config/configStructs/scriptingConfig.go
View File

@@ -12,7 +12,7 @@ import (
type ScriptingConfig struct {
Env map[string]interface{} `yaml:"env" json:"env" default:"{}"`
Source string `yaml:"source" json:"source" default:""`
WatchScripts bool `yaml:"watchscripts" json:"watchscripts" default:"true"`
WatchScripts bool `yaml:"watchScripts" json:"watchScripts" default:"true"`
}
func (config *ScriptingConfig) GetScripts() (scripts []*misc.Script, err error) {

46
config/configStructs/tapConfig.go
View File

@@ -11,21 +11,21 @@ import (
const (
DockerRegistryLabel = "docker-registry"
DockerTagLabel = "docker-tag"
DockerImagePullPolicy = "docker-imagepullpolicy"
DockerImagePullSecrets = "docker-imagepullsecrets"
DockerImagePullPolicy = "docker-imagePullPolicy"
DockerImagePullSecrets = "docker-imagePullSecrets"
ProxyFrontPortLabel = "proxy-front-port"
ProxyHubPortLabel = "proxy-hub-port"
ProxyHostLabel = "proxy-host"
NamespacesLabel = "namespaces"
ReleaseNamespaceLabel = "release-namespace"
PersistentStorageLabel = "persistentstorage"
StorageLimitLabel = "storagelimit"
StorageClassLabel = "storageclass"
DryRunLabel = "dryrun"
PersistentStorageLabel = "persistentStorage"
StorageLimitLabel = "storageLimit"
StorageClassLabel = "storageClass"
DryRunLabel = "dryRun"
PcapLabel = "pcap"
ServiceMeshLabel = "servicemesh"
ServiceMeshLabel = "serviceMesh"
TlsLabel = "tls"
IgnoreTaintedLabel = "ignoretainted"
IgnoreTaintedLabel = "ignoreTainted"
IngressEnabledLabel = "ingress-enabled"
TelemetryEnabledLabel = "telemetry-enabled"
DebugLabel = "debug"
@@ -49,12 +49,12 @@ type ResourceRequirements struct {
}
type WorkerConfig struct {
SrvPort uint16 `yaml:"srvport" json:"srvport" default:"8897"`
SrvPort uint16 `yaml:"srvPort" json:"srvPort" default:"8897"`
}
type HubConfig struct {
Port uint16 `yaml:"port" json:"port" default:"8898"`
SrvPort uint16 `yaml:"srvport" json:"srvport" default:"8898"`
SrvPort uint16 `yaml:"srvPort" json:"srvPort" default:"8898"`
}
type FrontConfig struct {
@@ -71,8 +71,8 @@ type ProxyConfig struct {
type DockerConfig struct {
Registry string `yaml:"registry" json:"registry" default:"docker.io/kubeshark"`
Tag string `yaml:"tag" json:"tag" default:""`
ImagePullPolicy string `yaml:"imagepullpolicy" json:"imagepullpolicy" default:"Always"`
ImagePullSecrets []string `yaml:"imagepullsecrets" json:"imagepullsecrets"`
ImagePullPolicy string `yaml:"imagePullPolicy" json:"imagePullPolicy" default:"Always"`
ImagePullSecrets []string `yaml:"imagePullSecrets" json:"imagePullSecrets"`
}
type ResourcesConfig struct {
@@ -82,13 +82,13 @@ type ResourcesConfig struct {
type AuthConfig struct {
Enabled bool `yaml:"enabled" json:"enabled" default:"false"`
ApprovedEmails []string `yaml:"approvedemails" json:"approvedemails" default:"[]"`
ApprovedDomains []string `yaml:"approveddomains" json:"approveddomains" default:"[]"`
ApprovedEmails []string `yaml:"approvedEmails" json:"approvedEmails" default:"[]"`
ApprovedDomains []string `yaml:"approvedDomains" json:"approvedDomains" default:"[]"`
}
type IngressConfig struct {
Enabled bool `yaml:"enabled" json:"enabled" default:"false"`
ClassName string `yaml:"classname" json:"classname" default:""`
ClassName string `yaml:"className" json:"className" default:""`
Host string `yaml:"host" json:"host" default:"ks.svc.cluster.local"`
TLS []networking.IngressTLS `yaml:"tls" json:"tls" default:"[]"`
Annotations map[string]string `yaml:"annotations" json:"annotations" default:"{}"`
@@ -110,23 +110,23 @@ type TapConfig struct {
PodRegexStr string `yaml:"regex" json:"regex" default:".*"`
Namespaces []string `yaml:"namespaces" json:"namespaces" default:"[]"`
Release ReleaseConfig `yaml:"release" json:"release"`
PersistentStorage bool `yaml:"persistentstorage" json:"persistentstorage" default:"false"`
StorageLimit string `yaml:"storagelimit" json:"storagelimit" default:"500Mi"`
StorageClass string `yaml:"storageclass" json:"storageclass" default:"standard"`
DryRun bool `yaml:"dryrun" json:"dryrun" default:"false"`
PersistentStorage bool `yaml:"persistentStorage" json:"persistentStorage" default:"false"`
StorageLimit string `yaml:"storageLimit" json:"storageLimit" default:"500Mi"`
StorageClass string `yaml:"storageClass" json:"storageClass" default:"standard"`
DryRun bool `yaml:"dryRun" json:"dryRun" default:"false"`
Pcap string `yaml:"pcap" json:"pcap" default:""`
Resources ResourcesConfig `yaml:"resources" json:"resources"`
ServiceMesh bool `yaml:"servicemesh" json:"servicemesh" default:"true"`
ServiceMesh bool `yaml:"serviceMesh" json:"serviceMesh" default:"true"`
Tls bool `yaml:"tls" json:"tls" default:"true"`
IgnoreTainted bool `yaml:"ignoretainted" json:"ignoretainted" default:"false"`
IgnoreTainted bool `yaml:"ignoreTainted" json:"ignoreTainted" default:"false"`
Labels map[string]string `yaml:"labels" json:"labels" default:"{}"`
Annotations map[string]string `yaml:"annotations" json:"annotations" default:"{}"`
NodeSelectorTerms []v1.NodeSelectorTerm `yaml:"nodeselectorterms" json:"nodeselectorterms" default:"[]"`
NodeSelectorTerms []v1.NodeSelectorTerm `yaml:"nodeSelectorTerms" json:"nodeSelectorTerms" default:"[]"`
Auth AuthConfig `yaml:"auth" json:"auth"`
Ingress IngressConfig `yaml:"ingress" json:"ingress"`
IPv6 bool `yaml:"ipv6" json:"ipv6" default:"true"`
Debug bool `yaml:"debug" json:"debug" default:"false"`
NoKernelModule bool `yaml:"nokernelmodule" json:"nokernelmodule" default:"false"`
NoKernelModule bool `yaml:"noKernelModule" json:"noKernelModule" default:"false"`
Telemetry TelemetryConfig `yaml:"telemetry" json:"telemetry"`
}

40
helm-chart/README.md
View File

@@ -62,12 +62,12 @@ Set this `value.yaml`:
tap:
auth:
enabled: true
approvedemails:
approvedEmails:
- john.doe@example.com
approveddomains: []
approvedDomains: []
ingress:
enabled: true
classname: "alb"
className: "alb"
host: ks.example.com
tls: []
annotations:
@@ -91,7 +91,7 @@ Get your license from Kubeshark's [Admin Console](https://console.kubeshark.co/)
For example, change from the default 500Mi to 1Gi:
```shell
--set tap.storagelimit=1Gi
--set tap.storageLimit=1Gi
```
## Disabling IPV6
@@ -111,19 +111,19 @@ helm install kubeshark kubeshark/kubeshark \
| `tap.docker.tag` | Tag of the Docker images | `latest` |
| `tap.docker.imagePullPolicy` | Kubernetes image pull policy | `Always` |
| `tap.docker.imagePullSecrets` | Kubernetes secrets to pull the images | `[]` |
| `tap.proxy.worker.srvport` | Worker server port | `8897` |
| `tap.proxy.worker.srvPort` | Worker server port | `8897` |
| `tap.proxy.hub.port` | Hub service port | `8898` |
| `tap.proxy.hub.srvport` | Hub server port | `8898` |
| `tap.proxy.hub.srvPort` | Hub server port | `8898` |
| `tap.proxy.front.port` | Front-facing service port | `8899` |
| `tap.proxy.host` | Proxy server's IP | `127.0.0.1` |
| `tap.namespaces` | List of namespaces for the traffic capture | `[]` |
| `tap.release.repo` | URL of the Helm chart repository | `https://helm.kubeshark.co` |
| `tap.release.name` | Helm release name | `kubeshark` |
| `tap.release.namespace` | Helm release namespace | `default` |
| `tap.persistentstorage` | Use `persistentVolumeClaim` instead of `emptyDir` | `false` |
| `tap.storagelimit` | Limit of either the `emptyDir` or `persistentVolumeClaim` | `500Mi` |
| `tap.storageclass` | Storage class of the `PersistentVolumeClaim` | `standard` |
| `tap.dryrun` | Preview of all pods matching the regex, without tapping them | `false` |
| `tap.persistentStorage` | Use `persistentVolumeClaim` instead of `emptyDir` | `false` |
| `tap.storageLimit` | Limit of either the `emptyDir` or `persistentVolumeClaim` | `500Mi` |
| `tap.storageClass` | Storage class of the `PersistentVolumeClaim` | `standard` |
| `tap.dryRun` | Preview of all pods matching the regex, without tapping them | `false` |
| `tap.pcap` | | `""` |
| `tap.resources.worker.limits.cpu` | CPU limit for worker | `750m` |
| `tap.resources.worker.limits.memory` | Memory limit for worker | `1Gi` |
@@ -133,30 +133,30 @@ helm install kubeshark kubeshark/kubeshark \
| `tap.resources.hub.limits.memory` | Memory limit for hub | `1Gi` |
| `tap.resources.hub.requests.cpu` | CPU request for hub | `50m` |
| `tap.resources.hub.requests.memory` | Memory request for hub | `50Mi` |
| `tap.servicemesh` | Capture traffic from service meshes like Istio, Linkerd, Consul, etc. | `true` |
| `tap.serviceMesh` | Capture traffic from service meshes like Istio, Linkerd, Consul, etc. | `true` |
| `tap.tls` | Capture the encrypted/TLS traffic from cryptography libraries like OpenSSL | `true` |
| `tap.ignoretainted` | Whether to ignore tainted nodes | `false` |
| `tap.ignoreTainted` | Whether to ignore tainted nodes | `false` |
| `tap.labels` | Kubernetes labels to apply to all Kubeshark resources | `{}` |
| `tap.annotations` | Kubernetes annotations to apply to all Kubeshark resources | `{}` |
| `tap.nodeselectorterms` | Node selector terms | `[{"matchExpressions":[{"key":"kubernetes.io/os","operator":"In","values":["linux"]}]}]` |
| `tap.nodeSelectorTerms` | Node selector terms | `[{"matchExpressions":[{"key":"kubernetes.io/os","operator":"In","values":["linux"]}]}]` |
| `tap.auth.enabled` | Enable authentication | `false` |
| `tap.auth.approvedemails` | List of approved email addresses for authentication | `[]` |
| `tap.auth.approveddomains` | List of approved email domains for authentication | `[]` |
| `tap.auth.approvedEmails` | List of approved email addresses for authentication | `[]` |
| `tap.auth.approvedDomains` | List of approved email domains for authentication | `[]` |
| `tap.ingress.enabled` | Enable `Ingress` | `false` |
| `tap.ingress.classname` | Ingress class name | `""` |
| `tap.ingress.className` | Ingress class name | `""` |
| `tap.ingress.host` | Host of the `Ingress` | `ks.svc.cluster.local` |
| `tap.ingress.tls` | `Ingress` TLS configuration | `[]` |
| `tap.ingress.annotations` | `Ingress` annotations | `{}` |
| `tap.ipv6` | Enable IPv6 support for the front-end | `true` |
| `tap.debug` | Enable debug mode | `false` |
| `tap.nokernelmodule` | Do not install `PF_RING` kernel module | `false` |
| `tap.noKernelModule` | Do not install `PF_RING` kernel module | `false` |
| `tap.telemetry.enabled` | Enable anonymous usage statistics collection | `true` |
| `logs.file` | Logs dump path | `""` |
| `kube.configpath` | Path to the `kubeconfig` file (`$HOME/.kube/config`) | `""` |
| `kube.configPath` | Path to the `kubeconfig` file (`$HOME/.kube/config`) | `""` |
| `kube.context` | Kubernetes context to use for the deployment | `""` |
| `dumplogs` | Enable dumping of logs | `false` |
| `dumpLogs` | Enable dumping of logs | `false` |
| `headless` | Enable running in headless mode | `false` |
| `license` | License key for the Pro/Enterprise edition | `""` |
| `scripting.env` | Environment variables for the scripting | `{}` |
| `scripting.source` | Source directory of the scripts | `""` |
| `scripting.watchscripts` | Enable watch mode for the scripts in source directory | `true` |
| `scripting.watchScripts` | Enable watch mode for the scripts in source directory | `true` |

2
helm-chart/templates/04-hub-deployment.yaml
View File

@@ -47,7 +47,7 @@ spec:
- secretRef:
name: kubeshark-secret
image: '{{ .Values.tap.docker.registry }}/hub:{{ not (eq .Values.tap.docker.tag "") | ternary .Values.tap.docker.tag (printf "v%s" .Chart.Version) }}'
imagePullPolicy: {{ .Values.tap.docker.imagepullpolicy }}
imagePullPolicy: {{ .Values.tap.docker.imagePullPolicy }}
readinessProbe:
periodSeconds: 1
failureThreshold: 3

2
helm-chart/templates/06-front-deployment.yaml
View File

@@ -31,7 +31,7 @@ spec:
- name: REACT_APP_HUB_PORT
value: '{{ .Values.tap.ingress.enabled | ternary "/api" (print ":" .Values.tap.proxy.front.port "/api") }}'
image: '{{ .Values.tap.docker.registry }}/front:{{ not (eq .Values.tap.docker.tag "") | ternary .Values.tap.docker.tag (printf "v%s" .Chart.Version) }}'
imagePullPolicy: {{ .Values.tap.docker.imagepullpolicy }}
imagePullPolicy: {{ .Values.tap.docker.imagePullPolicy }}
name: kubeshark-front
livenessProbe:
periodSeconds: 1

6
helm-chart/templates/08-persistent-volume-claim.yaml
View File

@@ -1,5 +1,5 @@
---
{{- if .Values.tap.persistentstorage }}
{{- if .Values.tap.persistentStorage }}
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
@@ -16,7 +16,7 @@ spec:
- ReadWriteMany
resources:
requests:
storage: {{ .Values.tap.storagelimit }}
storageClassName: {{ .Values.tap.storageclass }}
storage: {{ .Values.tap.storageLimit }}
storageClassName: {{ .Values.tap.storageClass }}
status: {}
{{- end }}

24
helm-chart/templates/09-worker-daemon-set.yaml
View File

@@ -31,8 +31,8 @@ spec:
- -i
- any
- -port
- '{{ .Values.tap.proxy.worker.srvport }}'
{{- if .Values.tap.servicemesh }}
- '{{ .Values.tap.proxy.worker.srvPort }}'
{{- if .Values.tap.serviceMesh }}
- -servicemesh
{{- end }}
- -procfs
@@ -40,11 +40,11 @@ spec:
{{- if .Values.tap.debug }}
- -debug
{{- end }}
{{- if .Values.tap.nokernelmodule }}
{{- if .Values.tap.noKernelModule }}
- -no-kernel-module
{{- end }}
image: '{{ .Values.tap.docker.registry }}/worker:{{ not (eq .Values.tap.docker.tag "") | ternary .Values.tap.docker.tag (printf "v%s" .Chart.Version) }}'
imagePullPolicy: {{ .Values.tap.docker.imagepullpolicy }}
imagePullPolicy: {{ .Values.tap.docker.imagePullPolicy }}
name: sniffer
env:
- name: POD_NAME
@@ -82,14 +82,14 @@ spec:
successThreshold: 1
initialDelaySeconds: 5
tcpSocket:
port: {{ .Values.tap.proxy.worker.srvport }}
port: {{ .Values.tap.proxy.worker.srvPort }}
livenessProbe:
periodSeconds: 1
failureThreshold: 3
successThreshold: 1
initialDelaySeconds: 5
tcpSocket:
port: {{ .Values.tap.proxy.worker.srvport }}
port: {{ .Values.tap.proxy.worker.srvPort }}
volumeMounts:
- mountPath: /hostproc
name: proc
@@ -108,7 +108,7 @@ spec:
- -debug
{{- end }}
image: '{{ .Values.tap.docker.registry }}/worker:{{ not (eq .Values.tap.docker.tag "") | ternary .Values.tap.docker.tag (printf "v%s" .Chart.Version) }}'
imagePullPolicy: {{ .Values.tap.docker.imagepullpolicy }}
imagePullPolicy: {{ .Values.tap.docker.imagePullPolicy }}
name: tracer
env:
- name: POD_NAME
@@ -150,16 +150,16 @@ spec:
tolerations:
- effect: NoExecute
operator: Exists
{{- if not .Values.tap.ignoretainted }}
{{- if not .Values.tap.ignoreTainted }}
- effect: NoSchedule
operator: Exists
{{- end }}
{{- if gt (len .Values.tap.nodeselectorterms) 0}}
{{- if gt (len .Values.tap.nodeSelectorTerms) 0}}
affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
{{- toYaml .Values.tap.nodeselectorterms | nindent 12 }}
{{- toYaml .Values.tap.nodeSelectorTerms | nindent 12 }}
{{- end }}
volumes:
- hostPath:
@@ -169,10 +169,10 @@ spec:
path: /sys
name: sys
- name: data
{{- if .Values.tap.persistentstorage }}
{{- if .Values.tap.persistentStorage }}
persistentVolumeClaim:
claimName: kubeshark-persistent-volume-claim
{{- else }}
emptyDir:
sizeLimit: {{ .Values.tap.storagelimit }}
sizeLimit: {{ .Values.tap.storageLimit }}
{{- end }}

4
helm-chart/templates/10-ingress.yaml
View File

@@ -16,8 +16,8 @@ metadata:
name: kubeshark-ingress
namespace: {{ .Release.Namespace }}
spec:
{{- if .Values.tap.ingress.classname }}
ingressClassName: {{ .Values.tap.ingress.classname }}
{{- if .Values.tap.ingress.className }}
ingressClassName: {{ .Values.tap.ingress.className }}
{{- end }}
rules:
- host: {{ .Values.tap.ingress.host }}

4
helm-chart/templates/12-config-map.yaml
View File

@@ -12,6 +12,6 @@ data:
SCRIPTING_ENV: '{{ .Values.scripting.env | toJson }}'
SCRIPTING_SCRIPTS: '{}'
AUTH_ENABLED: '{{ .Values.tap.auth.enabled | ternary "true" "" }}'
AUTH_APPROVED_EMAILS: '{{ gt (len .Values.tap.auth.approvedemails) 0 | ternary (join "," .Values.tap.auth.approvedemails) "" }}'
AUTH_APPROVED_DOMAINS: '{{ gt (len .Values.tap.auth.approveddomains) 0 | ternary (join "," .Values.tap.auth.approveddomains) "" }}'
AUTH_APPROVED_EMAILS: '{{ gt (len .Values.tap.auth.approvedEmails) 0 | ternary (join "," .Values.tap.auth.approvedEmails) "" }}'
AUTH_APPROVED_DOMAINS: '{{ gt (len .Values.tap.auth.approvedDomains) 0 | ternary (join "," .Values.tap.auth.approvedDomains) "" }}'
TELEMETRY_DISABLED: '{{ not .Values.tap.telemetry.enabled | ternary "true" "" }}'

36
helm-chart/values.yaml
View File

@@ -2,14 +2,14 @@ tap:
docker:
registry: docker.io/kubeshark
tag: ""
imagepullpolicy: Always
imagepullsecrets: []
imagePullPolicy: Always
imagePullSecrets: []
proxy:
worker:
srvport: 8897
srvPort: 8897
hub:
port: 8898
srvport: 8898
srvPort: 8898
front:
port: 8899
host: 127.0.0.1
@@ -19,10 +19,10 @@ tap:
repo: https://helm.kubeshark.co
name: kubeshark
namespace: default
persistentstorage: false
storagelimit: 500Mi
storageclass: standard
dryrun: false
persistentStorage: false
storageLimit: 500Mi
storageClass: standard
dryRun: false
pcap: ""
resources:
worker:
@@ -39,12 +39,12 @@ tap:
requests:
cpu: 50m
memory: 50Mi
servicemesh: true
serviceMesh: true
tls: true
ignoretainted: false
ignoreTainted: false
labels: {}
annotations: {}
nodeselectorterms:
nodeSelectorTerms:
- matchExpressions:
- key: kubernetes.io/os
operator: In
@@ -52,28 +52,28 @@ tap:
- linux
auth:
enabled: false
approvedemails: []
approveddomains: []
approvedEmails: []
approvedDomains: []
ingress:
enabled: false
classname: ""
className: ""
host: ks.svc.cluster.local
tls: []
annotations: {}
ipv6: true
debug: false
nokernelmodule: false
noKernelModule: false
telemetry:
enabled: true
logs:
file: ""
kube:
configpath: ""
configPath: ""
context: ""
dumplogs: false
dumpLogs: false
headless: false
license: ""
scripting:
env: {}
source: ""
watchscripts: true
watchScripts: true

2
manifests/complete.yaml
View File

@@ -288,7 +288,7 @@ spec:
- any
- -port
- '8897'
- -servicemesh
- -serviceMesh
- -procfs
- /hostproc
image: 'docker.io/kubeshark/worker:v51.0.14'