github/kubeshark
1
0
Fork 0
mirror of https://github.com/kubeshark/kubeshark.git synced 2025-04-28 11:55:51 +00:00
Code Issues Packages Projects Releases Wiki Activity

🔨 Add server container to worker DaemonSet

Browse Source
This commit is contained in:
M. Mert Yildiran 2023-09-27 00:20:46 +03:00
parent 2ea5dc0df0
commit 48adf86b25
No known key found for this signature in database
GPG Key ID: DA5D6DCBB758A461
2 changed files with 96 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

55
Makefile
View File

@ -75,44 +75,75 @@ generate-helm-values: ## Generate the Helm values from config.yaml
generate-manifests: ## Generate the manifests from the Helm chart using default configuration
helm template kubeshark -n default ./helm-chart > ./manifests/complete.yaml
logs-worker:
logs-sniffer:
export LOGS_POD_PREFIX=kubeshark-worker-
export LOGS_FOLLOW=
export LOGS_SUFFIX="-c sniffer"
${MAKE} logs
logs-worker-follow:
logs-sniffer-follow:
export LOGS_POD_PREFIX=kubeshark-worker-
export LOGS_FOLLOW=--follow
export LOGS_SUFFIX="-c sniffer --follow"
${MAKE} logs
logs-server:
export LOGS_POD_PREFIX=kubeshark-worker-
export LOGS_SUFFIX="-c server"
${MAKE} logs
logs-server-follow:
export LOGS_POD_PREFIX=kubeshark-worker-
export LOGS_SUFFIX="-c server --follow"
${MAKE} logs
logs-tracer:
export LOGS_POD_PREFIX=kubeshark-worker-
export LOGS_SUFFIX="-c tracer"
${MAKE} logs
logs-tracer-follow:
export LOGS_POD_PREFIX=kubeshark-worker-
export LOGS_SUFFIX="-c tracer --follow"
${MAKE} logs
logs-hub:
export LOGS_POD_PREFIX=kubeshark-hub
export LOGS_FOLLOW=
export LOGS_SUFFIX=
${MAKE} logs
logs-hub-follow:
export LOGS_POD_PREFIX=kubeshark-hub
export LOGS_FOLLOW=--follow
export LOGS_SUFFIX=--follow
${MAKE} logs
logs-front:
export LOGS_POD_PREFIX=kubeshark-front
export LOGS_FOLLOW=
export LOGS_SUFFIX=
${MAKE} logs
logs-front-follow:
export LOGS_POD_PREFIX=kubeshark-front
export LOGS_FOLLOW=--follow
export LOGS_SUFFIX=--follow
${MAKE} logs
logs:
kubectl logs $$(kubectl get pods | awk '$$1 ~ /^$(LOGS_POD_PREFIX)/' | awk 'END {print $$1}') $(LOGS_FOLLOW)
kubectl logs $$(kubectl get pods | awk '$$1 ~ /^$(LOGS_POD_PREFIX)/' | awk 'END {print $$1}') $(LOGS_SUFFIX)
ssh-node:
kubectl ssh node $$(kubectl get nodes | awk 'END {print $$1}')
exec-worker:
exec-sniffer:
export EXEC_POD_PREFIX=kubeshark-worker-
export EXEC_SUFFIX="-c sniffer"
${MAKE} exec
exec-server:
export EXEC_POD_PREFIX=kubeshark-worker-
export EXEC_SUFFIX="-c server"
${MAKE} exec
exec-tracer:
export EXEC_POD_PREFIX=kubeshark-worker-
export EXEC_SUFFIX="-c tracer"
${MAKE} exec
exec-hub:
@ -124,7 +155,7 @@ exec-front:
${MAKE} exec
exec:
kubectl exec --stdin --tty $$(kubectl get pods | awk '$$1 ~ /^$(EXEC_POD_PREFIX)/' | awk 'END {print $$1}') -- /bin/sh
kubectl exec --stdin --tty $$(kubectl get pods | awk '$$1 ~ /^$(EXEC_POD_PREFIX)/' | awk 'END {print $$1}') $(EXEC_SUFFIX) -- /bin/sh
helm-install:
cd helm-chart && helm install kubeshark . && cd ..
@ -151,4 +182,4 @@ proxy:
kubeshark proxy
port-forward-worker:
kubectl port-forward $$(kubectl get pods | awk '$$1 ~ /^$(LOGS_POD_PREFIX)/' | awk 'END {print $$1}') $(LOGS_FOLLOW) 8897:8897
kubectl port-forward $$(kubectl get pods | awk '$$1 ~ /^$(LOGS_POD_PREFIX)/' | awk 'END {print $$1}') $(LOGS_SUFFIX) 8897:8897

62
helm-chart/templates/09-worker-daemon-set.yaml
View File

@ -30,8 +30,6 @@ spec:
- ./worker
- -i
- any
- -port
- '{{ .Values.tap.proxy.worker.srvport }}'
- -servicemesh
- -procfs
- /hostproc
@ -78,6 +76,56 @@ spec:
- SYS_MODULE
drop:
- ALL
volumeMounts:
- mountPath: /hostproc
name: proc
readOnly: true
- mountPath: /sys
name: sys
readOnly: true
- mountPath: /app/data
name: data
- command:
- ./worker
- -server-mode
- -port
- '{{ .Values.tap.proxy.worker.srvport }}'
{{ .Values.tap.debug | ternary "- -debug" "" }}
image: '{{ .Values.tap.docker.registry }}/worker:{{ .Values.tap.docker.tag }}'
imagePullPolicy: {{ .Values.tap.docker.imagepullpolicy }}
name: server
env:
- name: POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: POD_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
envFrom:
- secretRef:
name: kubeshark-secret
{{- if .Values.tap.debug }}
env:
- name: PROFILING_ENABLED
value: "true"
- name: PROFILING_DUMP_PATH
value: "pprof"
- name: PROFILING_INTERVAL_SECONDS
value: "60"
{{- end }}
resources:
limits:
cpu: {{ .Values.tap.resources.worker.limits.cpu }}
memory: {{ .Values.tap.resources.worker.limits.memory }}
requests:
cpu: {{ .Values.tap.resources.worker.requests.cpu }}
memory: {{ .Values.tap.resources.worker.requests.memory }}
securityContext:
capabilities:
drop:
- ALL
readinessProbe:
periodSeconds: 1
failureThreshold: 3
@ -99,10 +147,8 @@ spec:
- mountPath: /sys
name: sys
readOnly: true
{{- if .Values.tap.persistentstorage }}
- mountPath: /app/data
name: kubeshark-persistent-volume
{{- end }}
name: data
{{- if .Values.tap.tls }}
- command:
- ./tracer
@ -147,10 +193,8 @@ spec:
- mountPath: /sys
name: sys
readOnly: true
{{- if .Values.tap.persistentstorage }}
- mountPath: /app/data
name: kubeshark-persistent-volume
{{- end }}
name: data
{{- end }}
dnsPolicy: ClusterFirstWithHostNet
hostNetwork: true
@ -177,8 +221,8 @@ spec:
- hostPath:
path: /sys
name: sys
- name: data
{{- if .Values.tap.persistentstorage }}
- name: kubeshark-persistent-volume
persistentVolumeClaim:
claimName: kubeshark-persistent-volume-claim
{{- end }}