cleanup data directory in init container

config/configStructs/tapConfig.go

@@ -347,6 +347,7 @@ type TapConfig struct {
 	Misc                           MiscConfig              `yaml:"misc" json:"misc"`
 	SecurityContext                SecurityContextConfig   `yaml:"securityContext" json:"securityContext"`
 	MountBpf                       bool                    `yaml:"mountBpf" json:"mountBpf" default:"true"`
+	CleanupDataDir                 bool                    `yaml:"cleanupDataDir" json:"cleanupDataDir" default:"true"`
 }
 
 func (config *TapConfig) PodRegex() *regexp.Regexp {

helm-chart/README.md

@@ -210,6 +210,7 @@ Example for overriding image names:
 | `tap.metrics.port`                  | Pod port used to expose Prometheus metrics          | `49100`                                                  |
 | `tap.enabledDissectors`                   | This is an array of strings representing the list of supported protocols. Remove or comment out redundant protocols (e.g., dns).| The default list excludes: `udp` and `tcp` |
 | `tap.mountBpf`                            | BPF filesystem needs to be mounted for eBPF to work properly. This helm value determines whether Kubeshark will attempt to mount the filesystem. This option is not required if filesystem is already mounts. │ `true`|
+| `tap.cleanupDataDir`                      | Data directory cleanup is required in case it is not emptyDir. │ `true`|
 | `tap.gitops.enabled`                          | Enable GitOps functionality. This will allow you to use GitOps to manage your Kubeshark configuration. | `false` |
 | `logs.file`                               | Logs dump path                      | `""`                                                    |
 | `pcapdump.enabled`                        | Enable recording of all traffic captured according to other parameters. Whatever Kubeshark captures, considering pod targeting rules, will be stored in pcap files ready to be viewed by tools                 | `true`                                                                                                  |

helm-chart/templates/09-worker-daemon-set.yaml

@@ -25,8 +25,10 @@ spec:
       name: kubeshark-worker-daemon-set
       namespace: kubeshark
     spec:
-      {{- if .Values.tap.mountBpf }}
+      {{- if or .Values.tap.mountBpf .Values.tap.cleanupDataDir}}
       initContainers:
+      {{- end }}
+      {{- if .Values.tap.mountBpf }}
         - command:
           - /bin/sh
           - -c
@@ -45,6 +47,22 @@ spec:
             name: sys
             mountPropagation: Bidirectional
       {{- end }}
+      {{- if .Values.tap.cleanupDataDir }}
+        - command:
+          - /bin/sh
+          - -c
+          - rm -rf /app/data/tracer_*
+          {{- if .Values.tap.docker.overrideTag.worker }}
+          image: '{{ .Values.tap.docker.registry }}/worker:{{ .Values.tap.docker.overrideTag.worker }}{{ include "kubeshark.dockerTagDebugVersion" . }}'
+        {{ else }}
+          image: '{{ .Values.tap.docker.registry }}/worker:{{ not (eq .Values.tap.docker.tag "") | ternary .Values.tap.docker.tag (include "kubeshark.defaultVersion" .) }}{{ include "kubeshark.dockerTagDebugVersion" . }}'
+        {{- end }}
+          imagePullPolicy: {{ .Values.tap.docker.imagePullPolicy }}
+          name: cleanup-data-dir
+          volumeMounts:
+          - mountPath: /app/data
+            name: data
+      {{- end }}
       containers:
         - command:
             - ./worker

helm-chart/values.yaml

@@ -230,6 +230,7 @@ tap:
       - SYS_RESOURCE
       - IPC_LOCK
   mountBpf: true
+  cleanupDataDir: true
 logs:
   file: ""
   grep: ""