github/kubeshark
1
0
Fork 0
mirror of https://github.com/kubeshark/kubeshark.git synced 2025-06-21 22:08:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

🔨 Add server container to worker DaemonSet

Browse Source
This commit is contained in:
M. Mert Yildiran 2023-09-27 00:20:46 +03:00
parent 2ea5dc0df0
commit 48adf86b25
No known key found for this signature in database
GPG Key ID: DA5D6DCBB758A461
2 changed files with 96 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

55
Makefile
View File

@ -75,44 +75,75 @@ generate-helm-values: ## Generate the Helm values from config.yaml
generate-manifests: ## Generate the manifests from the Helm chart using default configuration generate-manifests: ## Generate the manifests from the Helm chart using default configuration
helm template kubeshark -n default ./helm-chart > ./manifests/complete.yaml helm template kubeshark -n default ./helm-chart > ./manifests/complete.yaml
logs-worker: logs-sniffer:
export LOGS_POD_PREFIX=kubeshark-worker- export LOGS_POD_PREFIX=kubeshark-worker-
export LOGS_FOLLOW= export LOGS_SUFFIX="-c sniffer"
${MAKE} logs ${MAKE} logs
logs-worker-follow: logs-sniffer-follow:
export LOGS_POD_PREFIX=kubeshark-worker- export LOGS_POD_PREFIX=kubeshark-worker-
export LOGS_FOLLOW=--follow export LOGS_SUFFIX="-c sniffer --follow"
${MAKE} logs
logs-server:
export LOGS_POD_PREFIX=kubeshark-worker-
export LOGS_SUFFIX="-c server"
${MAKE} logs
logs-server-follow:
export LOGS_POD_PREFIX=kubeshark-worker-
export LOGS_SUFFIX="-c server --follow"
${MAKE} logs
logs-tracer:
export LOGS_POD_PREFIX=kubeshark-worker-
export LOGS_SUFFIX="-c tracer"
${MAKE} logs
logs-tracer-follow:
export LOGS_POD_PREFIX=kubeshark-worker-
export LOGS_SUFFIX="-c tracer --follow"
${MAKE} logs ${MAKE} logs
logs-hub: logs-hub:
export LOGS_POD_PREFIX=kubeshark-hub export LOGS_POD_PREFIX=kubeshark-hub
export LOGS_FOLLOW= export LOGS_SUFFIX=
${MAKE} logs ${MAKE} logs
logs-hub-follow: logs-hub-follow:
export LOGS_POD_PREFIX=kubeshark-hub export LOGS_POD_PREFIX=kubeshark-hub
export LOGS_FOLLOW=--follow export LOGS_SUFFIX=--follow
${MAKE} logs ${MAKE} logs
logs-front: logs-front:
export LOGS_POD_PREFIX=kubeshark-front export LOGS_POD_PREFIX=kubeshark-front
export LOGS_FOLLOW= export LOGS_SUFFIX=
${MAKE} logs ${MAKE} logs
logs-front-follow: logs-front-follow:
export LOGS_POD_PREFIX=kubeshark-front export LOGS_POD_PREFIX=kubeshark-front
export LOGS_FOLLOW=--follow export LOGS_SUFFIX=--follow
${MAKE} logs ${MAKE} logs
logs: logs:
kubectl logs $$(kubectl get pods | awk '$$1 ~ /^$(LOGS_POD_PREFIX)/' | awk 'END {print $$1}') $(LOGS_FOLLOW) kubectl logs $$(kubectl get pods | awk '$$1 ~ /^$(LOGS_POD_PREFIX)/' | awk 'END {print $$1}') $(LOGS_SUFFIX)
ssh-node: ssh-node:
kubectl ssh node $$(kubectl get nodes | awk 'END {print $$1}') kubectl ssh node $$(kubectl get nodes | awk 'END {print $$1}')
exec-worker: exec-sniffer:
export EXEC_POD_PREFIX=kubeshark-worker- export EXEC_POD_PREFIX=kubeshark-worker-
export EXEC_SUFFIX="-c sniffer"
${MAKE} exec
exec-server:
export EXEC_POD_PREFIX=kubeshark-worker-
export EXEC_SUFFIX="-c server"
${MAKE} exec
exec-tracer:
export EXEC_POD_PREFIX=kubeshark-worker-
export EXEC_SUFFIX="-c tracer"
${MAKE} exec ${MAKE} exec
exec-hub: exec-hub:
@ -124,7 +155,7 @@ exec-front:
${MAKE} exec ${MAKE} exec
exec: exec:
kubectl exec --stdin --tty $$(kubectl get pods | awk '$$1 ~ /^$(EXEC_POD_PREFIX)/' | awk 'END {print $$1}') -- /bin/sh kubectl exec --stdin --tty $$(kubectl get pods | awk '$$1 ~ /^$(EXEC_POD_PREFIX)/' | awk 'END {print $$1}') $(EXEC_SUFFIX) -- /bin/sh
helm-install: helm-install:
cd helm-chart && helm install kubeshark . && cd .. cd helm-chart && helm install kubeshark . && cd ..
@ -151,4 +182,4 @@ proxy:
kubeshark proxy kubeshark proxy
port-forward-worker: port-forward-worker:
kubectl port-forward $$(kubectl get pods | awk '$$1 ~ /^$(LOGS_POD_PREFIX)/' | awk 'END {print $$1}') $(LOGS_FOLLOW) 8897:8897 kubectl port-forward $$(kubectl get pods | awk '$$1 ~ /^$(LOGS_POD_PREFIX)/' | awk 'END {print $$1}') $(LOGS_SUFFIX) 8897:8897

62
helm-chart/templates/09-worker-daemon-set.yaml
View File

@ -30,8 +30,6 @@ spec:
- ./worker - ./worker
- -i - -i
- any - any
- -port
- '{{ .Values.tap.proxy.worker.srvport }}'
- -servicemesh - -servicemesh
- -procfs - -procfs
- /hostproc - /hostproc
@ -78,6 +76,56 @@ spec:
- SYS_MODULE - SYS_MODULE
drop: drop:
- ALL - ALL
volumeMounts:
- mountPath: /hostproc
name: proc
readOnly: true
- mountPath: /sys
name: sys
readOnly: true
- mountPath: /app/data
name: data
- command:
- ./worker
- -server-mode
- -port
- '{{ .Values.tap.proxy.worker.srvport }}'
{{ .Values.tap.debug | ternary "- -debug" "" }}
image: '{{ .Values.tap.docker.registry }}/worker:{{ .Values.tap.docker.tag }}'
imagePullPolicy: {{ .Values.tap.docker.imagepullpolicy }}
name: server
env:
- name: POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: POD_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
envFrom:
- secretRef:
name: kubeshark-secret
{{- if .Values.tap.debug }}
env:
- name: PROFILING_ENABLED
value: "true"
- name: PROFILING_DUMP_PATH
value: "pprof"
- name: PROFILING_INTERVAL_SECONDS
value: "60"
{{- end }}
resources:
limits:
cpu: {{ .Values.tap.resources.worker.limits.cpu }}
memory: {{ .Values.tap.resources.worker.limits.memory }}
requests:
cpu: {{ .Values.tap.resources.worker.requests.cpu }}
memory: {{ .Values.tap.resources.worker.requests.memory }}
securityContext:
capabilities:
drop:
- ALL
readinessProbe: readinessProbe:
periodSeconds: 1 periodSeconds: 1
failureThreshold: 3 failureThreshold: 3
@ -99,10 +147,8 @@ spec:
- mountPath: /sys - mountPath: /sys
name: sys name: sys
readOnly: true readOnly: true
{{- if .Values.tap.persistentstorage }}
- mountPath: /app/data - mountPath: /app/data
name: kubeshark-persistent-volume name: data
{{- end }}
{{- if .Values.tap.tls }} {{- if .Values.tap.tls }}
- command: - command:
- ./tracer - ./tracer
@ -147,10 +193,8 @@ spec:
- mountPath: /sys - mountPath: /sys
name: sys name: sys
readOnly: true readOnly: true
{{- if .Values.tap.persistentstorage }}
- mountPath: /app/data - mountPath: /app/data
name: kubeshark-persistent-volume name: data
{{- end }}
{{- end }} {{- end }}
dnsPolicy: ClusterFirstWithHostNet dnsPolicy: ClusterFirstWithHostNet
hostNetwork: true hostNetwork: true
@ -177,8 +221,8 @@ spec:
- hostPath: - hostPath:
path: /sys path: /sys
name: sys name: sys
- name: data
{{- if .Values.tap.persistentstorage }} {{- if .Values.tap.persistentstorage }}
- name: kubeshark-persistent-volume
persistentVolumeClaim: persistentVolumeClaim:
claimName: kubeshark-persistent-volume-claim claimName: kubeshark-persistent-volume-claim
{{- end }} {{- end }}