diff --git a/helm-chart/Chart.yaml b/helm-chart/Chart.yaml index 0486dd476..bb14f6a03 100644 --- a/helm-chart/Chart.yaml +++ b/helm-chart/Chart.yaml @@ -1,6 +1,6 @@ apiVersion: v2 name: kubeshark -version: "52.1.66" +version: "52.1.75" description: The API Traffic Analyzer for Kubernetes home: https://kubeshark.co keywords: diff --git a/manifests/complete.yaml b/manifests/complete.yaml index 3058b1664..fa8011dd1 100644 --- a/manifests/complete.yaml +++ b/manifests/complete.yaml @@ -1,13 +1,75 @@ --- +# Source: kubeshark/templates/16-network-policies.yaml +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + name: kubeshark-hub-network-policy + namespace: default +spec: + podSelector: + matchLabels: + app.kubeshark.co/app: hub + policyTypes: + - Ingress + - Egress + ingress: + - ports: + - protocol: TCP + port: 8080 + egress: + - {} +--- +# Source: kubeshark/templates/16-network-policies.yaml +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + name: kubeshark-front-network-policy + namespace: default +spec: + podSelector: + matchLabels: + app.kubeshark.co/app: front + policyTypes: + - Ingress + - Egress + ingress: + - ports: + - protocol: TCP + port: 8080 + egress: + - {} +--- +# Source: kubeshark/templates/16-network-policies.yaml +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + name: kubeshark-worker-network-policy + namespace: default +spec: + podSelector: + matchLabels: + app.kubeshark.co/app: worker + policyTypes: + - Ingress + - Egress + ingress: + - ports: + - protocol: TCP + port: 30001 + - protocol: TCP + port: 49100 + egress: + - {} +--- # Source: kubeshark/templates/01-service-account.yaml apiVersion: v1 kind: ServiceAccount metadata: labels: - helm.sh/chart: kubeshark-52.1.66 + helm.sh/chart: kubeshark-52.1.75 app.kubernetes.io/name: kubeshark app.kubernetes.io/instance: kubeshark - app.kubernetes.io/version: "52.1.66" + app.kubernetes.io/version: "52.1.75" app.kubernetes.io/managed-by: Helm annotations: name: kubeshark-service-account @@ -21,10 +83,10 @@ metadata: namespace: default labels: app.kubeshark.co/app: hub - helm.sh/chart: kubeshark-52.1.66 + helm.sh/chart: kubeshark-52.1.75 app.kubernetes.io/name: kubeshark app.kubernetes.io/instance: kubeshark - app.kubernetes.io/version: "52.1.66" + app.kubernetes.io/version: "52.1.75" app.kubernetes.io/managed-by: Helm stringData: LICENSE: '' @@ -38,10 +100,10 @@ metadata: namespace: default labels: app.kubeshark.co/app: hub - helm.sh/chart: kubeshark-52.1.66 + helm.sh/chart: kubeshark-52.1.75 app.kubernetes.io/name: kubeshark app.kubernetes.io/instance: kubeshark - app.kubernetes.io/version: "52.1.66" + app.kubernetes.io/version: "52.1.75" app.kubernetes.io/managed-by: Helm stringData: AUTH_SAML_X509_CRT: | @@ -54,10 +116,10 @@ metadata: namespace: default labels: app.kubeshark.co/app: hub - helm.sh/chart: kubeshark-52.1.66 + helm.sh/chart: kubeshark-52.1.75 app.kubernetes.io/name: kubeshark app.kubernetes.io/instance: kubeshark - app.kubernetes.io/version: "52.1.66" + app.kubernetes.io/version: "52.1.75" app.kubernetes.io/managed-by: Helm stringData: AUTH_SAML_X509_KEY: | @@ -69,16 +131,16 @@ metadata: name: kubeshark-nginx-config-map namespace: default labels: - helm.sh/chart: kubeshark-52.1.66 + helm.sh/chart: kubeshark-52.1.75 app.kubernetes.io/name: kubeshark app.kubernetes.io/instance: kubeshark - app.kubernetes.io/version: "52.1.66" + app.kubernetes.io/version: "52.1.75" app.kubernetes.io/managed-by: Helm data: default.conf: | server { - listen 80; - listen [::]:80; + listen 8080; + listen [::]:8080; access_log /dev/stdout; error_log /dev/stdout; @@ -133,10 +195,10 @@ metadata: namespace: default labels: app.kubeshark.co/app: hub - helm.sh/chart: kubeshark-52.1.66 + helm.sh/chart: kubeshark-52.1.75 app.kubernetes.io/name: kubeshark app.kubernetes.io/instance: kubeshark - app.kubernetes.io/version: "52.1.66" + app.kubernetes.io/version: "52.1.75" app.kubernetes.io/managed-by: Helm data: POD_REGEX: '.*' @@ -166,10 +228,10 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: labels: - helm.sh/chart: kubeshark-52.1.66 + helm.sh/chart: kubeshark-52.1.75 app.kubernetes.io/name: kubeshark app.kubernetes.io/instance: kubeshark - app.kubernetes.io/version: "52.1.66" + app.kubernetes.io/version: "52.1.75" app.kubernetes.io/managed-by: Helm annotations: name: kubeshark-cluster-role-default @@ -194,10 +256,10 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: labels: - helm.sh/chart: kubeshark-52.1.66 + helm.sh/chart: kubeshark-52.1.75 app.kubernetes.io/name: kubeshark app.kubernetes.io/instance: kubeshark - app.kubernetes.io/version: "52.1.66" + app.kubernetes.io/version: "52.1.75" app.kubernetes.io/managed-by: Helm annotations: name: kubeshark-cluster-role-binding-default @@ -216,10 +278,10 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: labels: - helm.sh/chart: kubeshark-52.1.66 + helm.sh/chart: kubeshark-52.1.75 app.kubernetes.io/name: kubeshark app.kubernetes.io/instance: kubeshark - app.kubernetes.io/version: "52.1.66" + app.kubernetes.io/version: "52.1.75" app.kubernetes.io/managed-by: Helm annotations: name: kubeshark-self-config-role @@ -245,10 +307,10 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: labels: - helm.sh/chart: kubeshark-52.1.66 + helm.sh/chart: kubeshark-52.1.75 app.kubernetes.io/name: kubeshark app.kubernetes.io/instance: kubeshark - app.kubernetes.io/version: "52.1.66" + app.kubernetes.io/version: "52.1.75" app.kubernetes.io/managed-by: Helm annotations: name: kubeshark-self-config-role-binding @@ -268,10 +330,10 @@ kind: Service metadata: labels: app.kubeshark.co/app: hub - helm.sh/chart: kubeshark-52.1.66 + helm.sh/chart: kubeshark-52.1.75 app.kubernetes.io/name: kubeshark app.kubernetes.io/instance: kubeshark - app.kubernetes.io/version: "52.1.66" + app.kubernetes.io/version: "52.1.75" app.kubernetes.io/managed-by: Helm annotations: name: kubeshark-hub @@ -280,7 +342,7 @@ spec: ports: - name: kubeshark-hub port: 80 - targetPort: 80 + targetPort: 8080 selector: app.kubeshark.co/app: hub type: ClusterIP @@ -290,10 +352,10 @@ apiVersion: v1 kind: Service metadata: labels: - helm.sh/chart: kubeshark-52.1.66 + helm.sh/chart: kubeshark-52.1.75 app.kubernetes.io/name: kubeshark app.kubernetes.io/instance: kubeshark - app.kubernetes.io/version: "52.1.66" + app.kubernetes.io/version: "52.1.75" app.kubernetes.io/managed-by: Helm annotations: name: kubeshark-front @@ -302,7 +364,7 @@ spec: ports: - name: kubeshark-front port: 80 - targetPort: 80 + targetPort: 8080 selector: app.kubeshark.co/app: front type: ClusterIP @@ -319,10 +381,10 @@ metadata: spec: selector: app.kubeshark.co/app: worker - helm.sh/chart: kubeshark-52.1.66 + helm.sh/chart: kubeshark-52.1.75 app.kubernetes.io/name: kubeshark app.kubernetes.io/instance: kubeshark - app.kubernetes.io/version: "52.1.66" + app.kubernetes.io/version: "52.1.75" app.kubernetes.io/managed-by: Helm ports: - name: metrics @@ -337,10 +399,10 @@ metadata: labels: app.kubeshark.co/app: worker sidecar.istio.io/inject: "false" - helm.sh/chart: kubeshark-52.1.66 + helm.sh/chart: kubeshark-52.1.75 app.kubernetes.io/name: kubeshark app.kubernetes.io/instance: kubeshark - app.kubernetes.io/version: "52.1.66" + app.kubernetes.io/version: "52.1.75" app.kubernetes.io/managed-by: Helm annotations: name: kubeshark-worker-daemon-set @@ -349,19 +411,19 @@ spec: selector: matchLabels: app.kubeshark.co/app: worker - helm.sh/chart: kubeshark-52.1.66 + helm.sh/chart: kubeshark-52.1.75 app.kubernetes.io/name: kubeshark app.kubernetes.io/instance: kubeshark - app.kubernetes.io/version: "52.1.66" + app.kubernetes.io/version: "52.1.75" app.kubernetes.io/managed-by: Helm template: metadata: labels: app.kubeshark.co/app: worker - helm.sh/chart: kubeshark-52.1.66 + helm.sh/chart: kubeshark-52.1.75 app.kubernetes.io/name: kubeshark app.kubernetes.io/instance: kubeshark - app.kubernetes.io/version: "52.1.66" + app.kubernetes.io/version: "52.1.75" app.kubernetes.io/managed-by: Helm name: kubeshark-worker-daemon-set namespace: kubeshark @@ -393,7 +455,7 @@ spec: - -procfs - /hostproc - -kernel-module - image: 'docker.io/kubeshark/worker:v52.1.66' + image: 'docker.io/kubeshark/worker:v52.1.75' imagePullPolicy: Always name: sniffer ports: @@ -457,7 +519,7 @@ spec: - ./tracer - -procfs - /hostproc - image: 'docker.io/kubeshark/worker:v52.1.66' + image: 'docker.io/kubeshark/worker:v52.1.75' imagePullPolicy: Always name: tracer env: @@ -532,10 +594,10 @@ kind: Deployment metadata: labels: app.kubeshark.co/app: hub - helm.sh/chart: kubeshark-52.1.66 + helm.sh/chart: kubeshark-52.1.75 app.kubernetes.io/name: kubeshark app.kubernetes.io/instance: kubeshark - app.kubernetes.io/version: "52.1.66" + app.kubernetes.io/version: "52.1.75" app.kubernetes.io/managed-by: Helm annotations: name: kubeshark-hub @@ -545,19 +607,19 @@ spec: selector: matchLabels: app.kubeshark.co/app: hub - helm.sh/chart: kubeshark-52.1.66 + helm.sh/chart: kubeshark-52.1.75 app.kubernetes.io/name: kubeshark app.kubernetes.io/instance: kubeshark - app.kubernetes.io/version: "52.1.66" + app.kubernetes.io/version: "52.1.75" app.kubernetes.io/managed-by: Helm template: metadata: labels: app.kubeshark.co/app: hub - helm.sh/chart: kubeshark-52.1.66 + helm.sh/chart: kubeshark-52.1.75 app.kubernetes.io/name: kubeshark app.kubernetes.io/instance: kubeshark - app.kubernetes.io/version: "52.1.66" + app.kubernetes.io/version: "52.1.75" app.kubernetes.io/managed-by: Helm spec: dnsPolicy: ClusterFirstWithHostNet @@ -566,6 +628,8 @@ spec: - name: kubeshark-hub command: - ./hub + - -port + - "8080" env: - name: POD_NAME valueFrom: @@ -577,7 +641,7 @@ spec: fieldPath: metadata.namespace - name: KUBESHARK_CLOUD_API_URL value: 'https://api.kubeshark.co' - image: 'docker.io/kubeshark/hub:v52.1.66' + image: 'docker.io/kubeshark/hub:v52.1.75' imagePullPolicy: Always readinessProbe: periodSeconds: 1 @@ -585,14 +649,14 @@ spec: successThreshold: 1 initialDelaySeconds: 3 tcpSocket: - port: 80 + port: 8080 livenessProbe: periodSeconds: 1 failureThreshold: 3 successThreshold: 1 initialDelaySeconds: 3 tcpSocket: - port: 80 + port: 8080 resources: limits: cpu: 750m @@ -625,10 +689,10 @@ kind: Deployment metadata: labels: app.kubeshark.co/app: front - helm.sh/chart: kubeshark-52.1.66 + helm.sh/chart: kubeshark-52.1.75 app.kubernetes.io/name: kubeshark app.kubernetes.io/instance: kubeshark - app.kubernetes.io/version: "52.1.66" + app.kubernetes.io/version: "52.1.75" app.kubernetes.io/managed-by: Helm annotations: name: kubeshark-front @@ -638,19 +702,19 @@ spec: selector: matchLabels: app.kubeshark.co/app: front - helm.sh/chart: kubeshark-52.1.66 + helm.sh/chart: kubeshark-52.1.75 app.kubernetes.io/name: kubeshark app.kubernetes.io/instance: kubeshark - app.kubernetes.io/version: "52.1.66" + app.kubernetes.io/version: "52.1.75" app.kubernetes.io/managed-by: Helm template: metadata: labels: app.kubeshark.co/app: front - helm.sh/chart: kubeshark-52.1.66 + helm.sh/chart: kubeshark-52.1.75 app.kubernetes.io/name: kubeshark app.kubernetes.io/instance: kubeshark - app.kubernetes.io/version: "52.1.66" + app.kubernetes.io/version: "52.1.75" app.kubernetes.io/managed-by: Helm spec: containers: @@ -671,7 +735,7 @@ spec: value: 'false' - name: REACT_APP_RECORDING_DISABLED value: 'false' - image: 'docker.io/kubeshark/front:v52.1.66' + image: 'docker.io/kubeshark/front:v52.1.75' imagePullPolicy: Always name: kubeshark-front livenessProbe: @@ -680,14 +744,14 @@ spec: successThreshold: 1 initialDelaySeconds: 3 tcpSocket: - port: 80 + port: 8080 readinessProbe: periodSeconds: 1 failureThreshold: 3 successThreshold: 1 initialDelaySeconds: 3 tcpSocket: - port: 80 + port: 8080 timeoutSeconds: 1 resources: limits: