diff --git a/config/configStructs/tapConfig.go b/config/configStructs/tapConfig.go index 897910e3d..ad94fc256 100644 --- a/config/configStructs/tapConfig.go +++ b/config/configStructs/tapConfig.go @@ -347,6 +347,7 @@ type TapConfig struct { Misc MiscConfig `yaml:"misc" json:"misc"` SecurityContext SecurityContextConfig `yaml:"securityContext" json:"securityContext"` MountBpf bool `yaml:"mountBpf" json:"mountBpf" default:"true"` + CleanupDataDir bool `yaml:"cleanupDataDir" json:"cleanupDataDir" default:"true"` } func (config *TapConfig) PodRegex() *regexp.Regexp { diff --git a/helm-chart/README.md b/helm-chart/README.md index f9675e48a..ba0d4a5f0 100644 --- a/helm-chart/README.md +++ b/helm-chart/README.md @@ -210,6 +210,7 @@ Example for overriding image names: | `tap.metrics.port` | Pod port used to expose Prometheus metrics | `49100` | | `tap.enabledDissectors` | This is an array of strings representing the list of supported protocols. Remove or comment out redundant protocols (e.g., dns).| The default list excludes: `udp` and `tcp` | | `tap.mountBpf` | BPF filesystem needs to be mounted for eBPF to work properly. This helm value determines whether Kubeshark will attempt to mount the filesystem. This option is not required if filesystem is already mounts. │ `true`| +| `tap.cleanupDataDir` | Data directory cleanup is required in case it is not emptyDir. │ `true`| | `tap.gitops.enabled` | Enable GitOps functionality. This will allow you to use GitOps to manage your Kubeshark configuration. | `false` | | `logs.file` | Logs dump path | `""` | | `pcapdump.enabled` | Enable recording of all traffic captured according to other parameters. Whatever Kubeshark captures, considering pod targeting rules, will be stored in pcap files ready to be viewed by tools | `true` | diff --git a/helm-chart/templates/09-worker-daemon-set.yaml b/helm-chart/templates/09-worker-daemon-set.yaml index c71b84e30..5b8250848 100644 --- a/helm-chart/templates/09-worker-daemon-set.yaml +++ b/helm-chart/templates/09-worker-daemon-set.yaml @@ -25,8 +25,10 @@ spec: name: kubeshark-worker-daemon-set namespace: kubeshark spec: - {{- if .Values.tap.mountBpf }} + {{- if or .Values.tap.mountBpf .Values.tap.cleanupDataDir}} initContainers: + {{- end }} + {{- if .Values.tap.mountBpf }} - command: - /bin/sh - -c @@ -45,6 +47,22 @@ spec: name: sys mountPropagation: Bidirectional {{- end }} + {{- if .Values.tap.cleanupDataDir }} + - command: + - /bin/sh + - -c + - rm -rf /app/data/tracer_* + {{- if .Values.tap.docker.overrideTag.worker }} + image: '{{ .Values.tap.docker.registry }}/worker:{{ .Values.tap.docker.overrideTag.worker }}{{ include "kubeshark.dockerTagDebugVersion" . }}' + {{ else }} + image: '{{ .Values.tap.docker.registry }}/worker:{{ not (eq .Values.tap.docker.tag "") | ternary .Values.tap.docker.tag (include "kubeshark.defaultVersion" .) }}{{ include "kubeshark.dockerTagDebugVersion" . }}' + {{- end }} + imagePullPolicy: {{ .Values.tap.docker.imagePullPolicy }} + name: cleanup-data-dir + volumeMounts: + - mountPath: /app/data + name: data + {{- end }} containers: - command: - ./worker diff --git a/helm-chart/values.yaml b/helm-chart/values.yaml index 72a277c0a..3f1992285 100644 --- a/helm-chart/values.yaml +++ b/helm-chart/values.yaml @@ -230,6 +230,7 @@ tap: - SYS_RESOURCE - IPC_LOCK mountBpf: true + cleanupDataDir: true logs: file: "" grep: ""