Add stopAfter option to disable capture when inactive (#1778)

* Add stopAfter option to disable capture when inactive * Use 5m dorman * Add capture stop after flag in hub
2025-08-19 08:59:16 +00:00 · 2025-08-12 21:23:16 +03:00 · 2025-08-12 21:23:16 +03:00 · 56b936b8b8
commit 56b936b8b8
parent 352484b5f6
7 changed files with 38 additions and 24 deletions
--- a/config/configStruct.go
+++ b/config/configStruct.go
@ -149,6 +149,10 @@ func CreateDefaultConfig() ConfigStruct {
 			Dashboard: configStructs.DashboardConfig{
 				CompleteStreamingEnabled: true,
 			},
 			Capture: configStructs.CaptureConfig{
 				Stopped:   false,
 				StopAfter: "5m",
 			},
 		},
 	}
 }
--- a/config/configStructs/tapConfig.go
+++ b/config/configStructs/tapConfig.go
@ -298,6 +298,11 @@ type SeLinuxOptionsConfig struct {
 	User  string `yaml:"user" json:"user"`
 }
 type CaptureConfig struct {
 	Stopped   bool   `yaml:"stopped" json:"stopped" default:"false"`
 	StopAfter string `yaml:"stopAfter" json:"stopAfter" default:"5m"`
 }
 type TapConfig struct {
 	Docker                         DockerConfig            `yaml:"docker" json:"docker"`
 	Proxy                          ProxyConfig             `yaml:"proxy" json:"proxy"`
@ -305,7 +310,7 @@ type TapConfig struct {
 	Namespaces                     []string                `yaml:"namespaces" json:"namespaces" default:"[]"`
 	ExcludedNamespaces             []string                `yaml:"excludedNamespaces" json:"excludedNamespaces" default:"[]"`
 	BpfOverride                    string                  `yaml:"bpfOverride" json:"bpfOverride" default:""`
-	Stopped                        bool                    `yaml:"stopped" json:"stopped" default:"false"`
+	Capture                        CaptureConfig           `yaml:"capture" json:"capture"`
 	Release                        ReleaseConfig           `yaml:"release" json:"release"`
 	PersistentStorage              bool                    `yaml:"persistentStorage" json:"persistentStorage" default:"false"`
 	PersistentStorageStatic        bool                    `yaml:"persistentStorageStatic" json:"persistentStorageStatic" default:"false"`
--- a/helm-chart/README.md
+++ b/helm-chart/README.md
@ -138,7 +138,8 @@ Example for overriding image names:
 | `tap.namespaces`                          | Target pods in namespaces                     | `[]`                                                    |
 | `tap.excludedNamespaces`                  | Exclude pods in namespaces                    | `[]`                                                    |
 | `tap.bpfOverride`                         | When using AF_PACKET as a traffic capture backend, override any existing pod targeting rules and set explicit BPF expression (e.g. `net 0.0.0.0/0`).                                                          | `[]`                                                    |
-| `tap.stopped`                             | Set to `false` to have traffic processing start automatically. When set to `true`, traffic processing is stopped by default, resulting in almost no resource consumption (e.g. Kubeshark is dormant). This property can be dynamically control via the dashboard.      | `false`                                                                                                                                                |
+| `tap.capture.stopped`                             | Set to `false` to have traffic processing start automatically. When set to `true`, traffic processing is stopped by default, resulting in almost no resource consumption (e.g. Kubeshark is dormant). This property can be dynamically control via the dashboard.      | `false`                                                                                                                                                |
 | `tap.capture.stopAfter`                             | Set to a duration (e.g. `30s`) to have traffic processing stop after no websocket activity between worker and hub.     | `30s`                                                                                                                                                |
 | `tap.release.repo`                        | URL of the Helm chart repository              | `https://helm.kubeshark.co`                             |
 | `tap.release.name`                        | Helm release name                             | `kubeshark`                                             |
 | `tap.release.namespace`                   | Helm release namespace                        | `default`                                               |
--- a/helm-chart/templates/04-hub-deployment.yaml
+++ b/helm-chart/templates/04-hub-deployment.yaml
@ -36,6 +36,8 @@ spec:
            - "8080"
            - -loglevel
            - '{{ .Values.logLevel | default "warning" }}'
            - -capture-stop-after
            - "{{ .Values.tap.capture.stopAfter | default "5m" }}"
            {{- if .Values.tap.gitops.enabled }}
            - -gitops
            {{- end }}
--- a/helm-chart/templates/06-front-deployment.yaml
+++ b/helm-chart/templates/06-front-deployment.yaml
@ -65,7 +65,7 @@ spec:
            - name: REACT_APP_RECORDING_DISABLED
              value: '{{ .Values.tap.liveConfigMapChangesDisabled }}'
            - name: REACT_APP_STOP_TRAFFIC_CAPTURING_DISABLED
-              value: '{{- if and .Values.tap.liveConfigMapChangesDisabled .Values.tap.stopped -}}
+              value: '{{- if and .Values.tap.liveConfigMapChangesDisabled .Values.tap.capture.stopped -}}
                        false
                      {{- else -}}
                        {{ .Values.tap.liveConfigMapChangesDisabled | ternary "true" "false" }}
--- a/helm-chart/templates/12-config-map.yaml
+++ b/helm-chart/templates/12-config-map.yaml
@ -11,7 +11,7 @@ data:
    NAMESPACES: '{{ gt (len .Values.tap.namespaces) 0 | ternary (join "," .Values.tap.namespaces) "" }}'
    EXCLUDED_NAMESPACES: '{{ gt (len .Values.tap.excludedNamespaces) 0 | ternary (join "," .Values.tap.excludedNamespaces) "" }}'
    BPF_OVERRIDE: '{{ .Values.tap.bpfOverride }}'
-    STOPPED: '{{ .Values.tap.stopped | ternary "true" "false" }}'
+    STOPPED: '{{ .Values.tap.capture.stopped | ternary "true" "false" }}'
    SCRIPTING_SCRIPTS: '{}'
    SCRIPTING_ACTIVE_SCRIPTS: '{{ gt (len .Values.scripting.active) 0 | ternary (join "," .Values.scripting.active) "" }}'
    INGRESS_ENABLED: '{{ .Values.tap.ingress.enabled }}'
@ -55,7 +55,7 @@ data:
    TARGETED_PODS_UPDATE_DISABLED: '{{ .Values.tap.liveConfigMapChangesDisabled | ternary "true" "" }}'
    PRESET_FILTERS_CHANGING_ENABLED: '{{ .Values.tap.liveConfigMapChangesDisabled | ternary "false" "true" }}'
    RECORDING_DISABLED: '{{ .Values.tap.liveConfigMapChangesDisabled | ternary "true" "" }}'
-    STOP_TRAFFIC_CAPTURING_DISABLED: '{{- if and .Values.tap.liveConfigMapChangesDisabled .Values.tap.stopped -}}
+    STOP_TRAFFIC_CAPTURING_DISABLED: '{{- if and .Values.tap.liveConfigMapChangesDisabled .Values.tap.capture.stopped -}}
                                        false
                                      {{- else -}}
                                        {{ .Values.tap.liveConfigMapChangesDisabled | ternary "true" "false" }}
--- a/helm-chart/values.yaml
+++ b/helm-chart/values.yaml
@ -26,7 +26,9 @@ tap:
  namespaces: []
  excludedNamespaces: []
  bpfOverride: ""
-  stopped: false
+  capture:
    stopped: false
    stopAfter: 5m
  release:
    repo: https://helm.kubeshark.co
    name: kubeshark