diff --git a/Makefile b/Makefile index fc787c68a..712e2d542 100644 --- a/Makefile +++ b/Makefile @@ -89,16 +89,34 @@ generate-helm-values: ## Generate the Helm values from config.yaml generate-manifests: ## Generate the manifests from the Helm chart using default configuration helm template kubeshark -n default ./helm-chart > ./manifests/complete.yaml -logs-worker: +logs-sniffer: export LOGS_POD_PREFIX=kubeshark-worker- + export LOGS_CONTAINER='-c sniffer' export LOGS_FOLLOW= ${MAKE} logs -logs-worker-follow: +logs-sniffer-follow: export LOGS_POD_PREFIX=kubeshark-worker- + export LOGS_CONTAINER='-c sniffer' export LOGS_FOLLOW=--follow ${MAKE} logs +logs-tracer: + export LOGS_POD_PREFIX=kubeshark-worker- + export LOGS_CONTAINER='-c tracer' + export LOGS_FOLLOW= + ${MAKE} logs + +logs-tracer-follow: + export LOGS_POD_PREFIX=kubeshark-worker- + export LOGS_CONTAINER='-c tracer' + export LOGS_FOLLOW=--follow + ${MAKE} logs + +logs-worker: logs-sniffer + +logs-worker-follow: logs-sniffer-follow + logs-hub: export LOGS_POD_PREFIX=kubeshark-hub export LOGS_FOLLOW= @@ -120,7 +138,7 @@ logs-front-follow: ${MAKE} logs logs: - kubectl logs $$(kubectl get pods | awk '$$1 ~ /^$(LOGS_POD_PREFIX)/' | awk 'END {print $$1}') $(LOGS_FOLLOW) + kubectl logs $$(kubectl get pods | awk '$$1 ~ /^$(LOGS_POD_PREFIX)/' | awk 'END {print $$1}') $(LOGS_CONTAINER) $(LOGS_FOLLOW) ssh-node: kubectl ssh node $$(kubectl get nodes | awk 'END {print $$1}') @@ -141,22 +159,13 @@ exec: kubectl exec --stdin --tty $$(kubectl get pods | awk '$$1 ~ /^$(EXEC_POD_PREFIX)/' | awk 'END {print $$1}') -- /bin/sh helm-install: - cd helm-chart && helm install kubeshark . && cd .. - -helm-install-canary: - cd helm-chart && helm install kubeshark . --set tap.docker.tag=canary && cd .. - -helm-install-dev: - cd helm-chart && helm install kubeshark . --set tap.docker.tag=dev && cd .. + cd helm-chart && helm install kubeshark . --set tap.docker.tag=$(TAG) && cd .. helm-install-debug: - cd helm-chart && helm install kubeshark . --set tap.debug=true && cd .. + cd helm-chart && helm install kubeshark . --set tap.docker.tag=$(TAG) --set tap.debug=true && cd .. -helm-install-debug-canary: - cd helm-chart && helm install kubeshark . --set tap.debug=true --set tap.docker.tag=canary && cd .. - -helm-install-debug-dev: - cd helm-chart && helm install kubeshark . --set tap.debug=true --set tap.docker.tag=dev && cd .. +helm-install-profile: + cd helm-chart && helm install kubeshark . --set tap.docker.tag=$(TAG) --set tap.misc.profile=true && cd .. helm-uninstall: helm uninstall kubeshark @@ -164,8 +173,8 @@ helm-uninstall: proxy: kubeshark proxy -port-forward-worker: - kubectl port-forward $$(kubectl get pods | awk '$$1 ~ /^$(LOGS_POD_PREFIX)/' | awk 'END {print $$1}') $(LOGS_FOLLOW) 30001:30001 +port-forward: + kubectl port-forward $$(kubectl get pods | awk '$$1 ~ /^$(POD_PREFIX)/' | awk 'END {print $$1}') $(SRC_PORT):$(DST_PORT) release: @cd ../worker && git checkout master && git pull && git tag -d v$(VERSION); git tag v$(VERSION) && git push origin --tags diff --git a/cmd/pro.go b/cmd/pro.go index da985ee65..b343b2213 100644 --- a/cmd/pro.go +++ b/cmd/pro.go @@ -132,7 +132,11 @@ func runLicenseRecieverServer() { log.Info().Msg("Alternatively enter your license key:") var licenseKey string - fmt.Scanf("%s", &licenseKey) + _, err := fmt.Scanf("%s", &licenseKey) + if err != nil { + log.Error().Err(err).Send() + return + } updateLicense(licenseKey) } diff --git a/config/configStructs/tapConfig.go b/config/configStructs/tapConfig.go index 2f38ae63d..c24beb0bc 100644 --- a/config/configStructs/tapConfig.go +++ b/config/configStructs/tapConfig.go @@ -154,7 +154,8 @@ type MiscConfig struct { TrafficSampleRate int `yaml:"trafficSampleRate" json:"trafficSampleRate" default:"100"` TcpStreamChannelTimeoutMs int `yaml:"tcpStreamChannelTimeoutMs" json:"tcpStreamChannelTimeoutMs" default:"10000"` TcpStreamChannelTimeoutShow bool `yaml:"tcpStreamChannelTimeoutShow" json:"tcpStreamChannelTimeoutShow" default:"false"` - DisableCgroupIdResolution bool `yaml:"disableCgroupIdResolution" json:"disableCgroupIdResolution" default:"false"` + ResolutionStrategy string `yaml:"resolutionStrategy" json:"resolutionStrategy" default:"auto"` + Profile bool `yaml:"profile" json:"profile" default:"false"` } type TapConfig struct { diff --git a/helm-chart/Chart.yaml b/helm-chart/Chart.yaml index a494479c5..f11913415 100644 --- a/helm-chart/Chart.yaml +++ b/helm-chart/Chart.yaml @@ -1,6 +1,6 @@ apiVersion: v2 name: kubeshark -version: "52.3.59" +version: "52.3.62" description: The API Traffic Analyzer for Kubernetes home: https://kubeshark.co keywords: diff --git a/helm-chart/templates/09-worker-daemon-set.yaml b/helm-chart/templates/09-worker-daemon-set.yaml index d8f4a9cd9..87fb5b235 100644 --- a/helm-chart/templates/09-worker-daemon-set.yaml +++ b/helm-chart/templates/09-worker-daemon-set.yaml @@ -65,9 +65,8 @@ spec: {{- if ne .Values.tap.packetCapture "ebpf" }} - -disable-ebpf {{- end }} - {{- if .Values.tap.misc.disableCgroupIdResolution }} - - -disable-cgroup-id-resolution - {{- end }} + - -resolution-strategy + - '{{ .Values.tap.misc.resolutionStrategy }}' {{- if .Values.tap.debug }} - -debug - -dumptracer @@ -99,6 +98,8 @@ spec: value: '{{ .Values.tap.misc.tcpStreamChannelTimeoutShow }}' - name: KUBESHARK_CLOUD_API_URL value: 'https://api.kubeshark.co' + - name: PROFILING_ENABLED + value: '{{ .Values.tap.misc.profile }}' resources: limits: cpu: {{ .Values.tap.resources.sniffer.limits.cpu }} diff --git a/helm-chart/values.yaml b/helm-chart/values.yaml index c921976e7..be9144a1e 100644 --- a/helm-chart/values.yaml +++ b/helm-chart/values.yaml @@ -122,7 +122,8 @@ tap: trafficSampleRate: 100 tcpStreamChannelTimeoutMs: 10000 tcpStreamChannelTimeoutShow: false - disableCgroupIdResolution: false + resolutionStrategy: auto + profile: false logs: file: "" grep: "" diff --git a/manifests/complete.yaml b/manifests/complete.yaml index 458a6ecf8..63cbe0299 100644 --- a/manifests/complete.yaml +++ b/manifests/complete.yaml @@ -66,10 +66,10 @@ apiVersion: v1 kind: ServiceAccount metadata: labels: - helm.sh/chart: kubeshark-52.3.59 + helm.sh/chart: kubeshark-52.3.62 app.kubernetes.io/name: kubeshark app.kubernetes.io/instance: kubeshark - app.kubernetes.io/version: "52.3.59" + app.kubernetes.io/version: "52.3.62" app.kubernetes.io/managed-by: Helm annotations: name: kubeshark-service-account @@ -83,10 +83,10 @@ metadata: namespace: default labels: app.kubeshark.co/app: hub - helm.sh/chart: kubeshark-52.3.59 + helm.sh/chart: kubeshark-52.3.62 app.kubernetes.io/name: kubeshark app.kubernetes.io/instance: kubeshark - app.kubernetes.io/version: "52.3.59" + app.kubernetes.io/version: "52.3.62" app.kubernetes.io/managed-by: Helm stringData: LICENSE: '' @@ -100,10 +100,10 @@ metadata: namespace: default labels: app.kubeshark.co/app: hub - helm.sh/chart: kubeshark-52.3.59 + helm.sh/chart: kubeshark-52.3.62 app.kubernetes.io/name: kubeshark app.kubernetes.io/instance: kubeshark - app.kubernetes.io/version: "52.3.59" + app.kubernetes.io/version: "52.3.62" app.kubernetes.io/managed-by: Helm stringData: AUTH_SAML_X509_CRT: | @@ -116,10 +116,10 @@ metadata: namespace: default labels: app.kubeshark.co/app: hub - helm.sh/chart: kubeshark-52.3.59 + helm.sh/chart: kubeshark-52.3.62 app.kubernetes.io/name: kubeshark app.kubernetes.io/instance: kubeshark - app.kubernetes.io/version: "52.3.59" + app.kubernetes.io/version: "52.3.62" app.kubernetes.io/managed-by: Helm stringData: AUTH_SAML_X509_KEY: | @@ -131,10 +131,10 @@ metadata: name: kubeshark-nginx-config-map namespace: default labels: - helm.sh/chart: kubeshark-52.3.59 + helm.sh/chart: kubeshark-52.3.62 app.kubernetes.io/name: kubeshark app.kubernetes.io/instance: kubeshark - app.kubernetes.io/version: "52.3.59" + app.kubernetes.io/version: "52.3.62" app.kubernetes.io/managed-by: Helm data: default.conf: | @@ -195,10 +195,10 @@ metadata: namespace: default labels: app.kubeshark.co/app: hub - helm.sh/chart: kubeshark-52.3.59 + helm.sh/chart: kubeshark-52.3.62 app.kubernetes.io/name: kubeshark app.kubernetes.io/instance: kubeshark - app.kubernetes.io/version: "52.3.59" + app.kubernetes.io/version: "52.3.62" app.kubernetes.io/managed-by: Helm data: POD_REGEX: '.*' @@ -230,10 +230,10 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: labels: - helm.sh/chart: kubeshark-52.3.59 + helm.sh/chart: kubeshark-52.3.62 app.kubernetes.io/name: kubeshark app.kubernetes.io/instance: kubeshark - app.kubernetes.io/version: "52.3.59" + app.kubernetes.io/version: "52.3.62" app.kubernetes.io/managed-by: Helm annotations: name: kubeshark-cluster-role-default @@ -267,10 +267,10 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: labels: - helm.sh/chart: kubeshark-52.3.59 + helm.sh/chart: kubeshark-52.3.62 app.kubernetes.io/name: kubeshark app.kubernetes.io/instance: kubeshark - app.kubernetes.io/version: "52.3.59" + app.kubernetes.io/version: "52.3.62" app.kubernetes.io/managed-by: Helm annotations: name: kubeshark-cluster-role-binding-default @@ -289,10 +289,10 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: labels: - helm.sh/chart: kubeshark-52.3.59 + helm.sh/chart: kubeshark-52.3.62 app.kubernetes.io/name: kubeshark app.kubernetes.io/instance: kubeshark - app.kubernetes.io/version: "52.3.59" + app.kubernetes.io/version: "52.3.62" app.kubernetes.io/managed-by: Helm annotations: name: kubeshark-self-config-role @@ -318,10 +318,10 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: labels: - helm.sh/chart: kubeshark-52.3.59 + helm.sh/chart: kubeshark-52.3.62 app.kubernetes.io/name: kubeshark app.kubernetes.io/instance: kubeshark - app.kubernetes.io/version: "52.3.59" + app.kubernetes.io/version: "52.3.62" app.kubernetes.io/managed-by: Helm annotations: name: kubeshark-self-config-role-binding @@ -341,10 +341,10 @@ kind: Service metadata: labels: app.kubeshark.co/app: hub - helm.sh/chart: kubeshark-52.3.59 + helm.sh/chart: kubeshark-52.3.62 app.kubernetes.io/name: kubeshark app.kubernetes.io/instance: kubeshark - app.kubernetes.io/version: "52.3.59" + app.kubernetes.io/version: "52.3.62" app.kubernetes.io/managed-by: Helm annotations: name: kubeshark-hub @@ -363,10 +363,10 @@ apiVersion: v1 kind: Service metadata: labels: - helm.sh/chart: kubeshark-52.3.59 + helm.sh/chart: kubeshark-52.3.62 app.kubernetes.io/name: kubeshark app.kubernetes.io/instance: kubeshark - app.kubernetes.io/version: "52.3.59" + app.kubernetes.io/version: "52.3.62" app.kubernetes.io/managed-by: Helm annotations: name: kubeshark-front @@ -392,10 +392,10 @@ metadata: spec: selector: app.kubeshark.co/app: worker - helm.sh/chart: kubeshark-52.3.59 + helm.sh/chart: kubeshark-52.3.62 app.kubernetes.io/name: kubeshark app.kubernetes.io/instance: kubeshark - app.kubernetes.io/version: "52.3.59" + app.kubernetes.io/version: "52.3.62" app.kubernetes.io/managed-by: Helm ports: - name: metrics @@ -410,10 +410,10 @@ metadata: labels: app.kubeshark.co/app: worker sidecar.istio.io/inject: "false" - helm.sh/chart: kubeshark-52.3.59 + helm.sh/chart: kubeshark-52.3.62 app.kubernetes.io/name: kubeshark app.kubernetes.io/instance: kubeshark - app.kubernetes.io/version: "52.3.59" + app.kubernetes.io/version: "52.3.62" app.kubernetes.io/managed-by: Helm annotations: name: kubeshark-worker-daemon-set @@ -428,27 +428,14 @@ spec: metadata: labels: app.kubeshark.co/app: worker - helm.sh/chart: kubeshark-52.3.59 + helm.sh/chart: kubeshark-52.3.62 app.kubernetes.io/name: kubeshark app.kubernetes.io/instance: kubeshark - app.kubernetes.io/version: "52.3.59" + app.kubernetes.io/version: "52.3.62" app.kubernetes.io/managed-by: Helm name: kubeshark-worker-daemon-set namespace: kubeshark spec: - initContainers: - - name: load-pf-ring - image: kubeshark/pf-ring-module:all - imagePullPolicy: Always - securityContext: - capabilities: - add: - - SYS_MODULE - drop: - - ALL - volumeMounts: - - name: lib-modules - mountPath: /lib/modules containers: - command: - ./worker @@ -464,8 +451,10 @@ spec: - -servicemesh - -procfs - /hostproc - - -kernel-module - image: 'docker.io/kubeshark/worker:v52.3.59' + - -disable-ebpf + - -resolution-strategy + - 'auto' + image: 'docker.io/kubeshark/worker:v52.3.62' imagePullPolicy: Always name: sniffer ports: @@ -487,6 +476,8 @@ spec: value: 'false' - name: KUBESHARK_CLOUD_API_URL value: 'https://api.kubeshark.co' + - name: PROFILING_ENABLED + value: 'false' resources: limits: cpu: 750m @@ -531,7 +522,8 @@ spec: - ./tracer - -procfs - /hostproc - image: 'docker.io/kubeshark/worker:v52.3.59' + - -disable-ebpf + image: 'docker.io/kubeshark/worker:v52.3.62' imagePullPolicy: Always name: tracer env: @@ -614,10 +606,10 @@ kind: Deployment metadata: labels: app.kubeshark.co/app: hub - helm.sh/chart: kubeshark-52.3.59 + helm.sh/chart: kubeshark-52.3.62 app.kubernetes.io/name: kubeshark app.kubernetes.io/instance: kubeshark - app.kubernetes.io/version: "52.3.59" + app.kubernetes.io/version: "52.3.62" app.kubernetes.io/managed-by: Helm annotations: name: kubeshark-hub @@ -633,10 +625,10 @@ spec: metadata: labels: app.kubeshark.co/app: hub - helm.sh/chart: kubeshark-52.3.59 + helm.sh/chart: kubeshark-52.3.62 app.kubernetes.io/name: kubeshark app.kubernetes.io/instance: kubeshark - app.kubernetes.io/version: "52.3.59" + app.kubernetes.io/version: "52.3.62" app.kubernetes.io/managed-by: Helm spec: dnsPolicy: ClusterFirstWithHostNet @@ -658,7 +650,7 @@ spec: fieldPath: metadata.namespace - name: KUBESHARK_CLOUD_API_URL value: 'https://api.kubeshark.co' - image: 'docker.io/kubeshark/hub:v52.3.59' + image: 'docker.io/kubeshark/hub:v52.3.62' imagePullPolicy: Always readinessProbe: periodSeconds: 1 @@ -706,10 +698,10 @@ kind: Deployment metadata: labels: app.kubeshark.co/app: front - helm.sh/chart: kubeshark-52.3.59 + helm.sh/chart: kubeshark-52.3.62 app.kubernetes.io/name: kubeshark app.kubernetes.io/instance: kubeshark - app.kubernetes.io/version: "52.3.59" + app.kubernetes.io/version: "52.3.62" app.kubernetes.io/managed-by: Helm annotations: name: kubeshark-front @@ -725,10 +717,10 @@ spec: metadata: labels: app.kubeshark.co/app: front - helm.sh/chart: kubeshark-52.3.59 + helm.sh/chart: kubeshark-52.3.62 app.kubernetes.io/name: kubeshark app.kubernetes.io/instance: kubeshark - app.kubernetes.io/version: "52.3.59" + app.kubernetes.io/version: "52.3.62" app.kubernetes.io/managed-by: Helm spec: containers: @@ -753,7 +745,7 @@ spec: value: 'false' - name: 'REACT_APP_CLOUD_LICENSE_ENABLED' value: 'true' - image: 'docker.io/kubeshark/front:v52.3.59' + image: 'docker.io/kubeshark/front:v52.3.62' imagePullPolicy: Always name: kubeshark-front livenessProbe: