diff --git a/Makefile b/Makefile index 531e2fe51..832523ba4 100644 --- a/Makefile +++ b/Makefile @@ -75,75 +75,44 @@ generate-helm-values: ## Generate the Helm values from config.yaml generate-manifests: ## Generate the manifests from the Helm chart using default configuration helm template kubeshark -n default ./helm-chart > ./manifests/complete.yaml -logs-sniffer: +logs-worker: export LOGS_POD_PREFIX=kubeshark-worker- - export LOGS_SUFFIX="-c sniffer" + export LOGS_FOLLOW= ${MAKE} logs -logs-sniffer-follow: +logs-worker-follow: export LOGS_POD_PREFIX=kubeshark-worker- - export LOGS_SUFFIX="-c sniffer --follow" - ${MAKE} logs - -logs-server: - export LOGS_POD_PREFIX=kubeshark-worker- - export LOGS_SUFFIX="-c server" - ${MAKE} logs - -logs-server-follow: - export LOGS_POD_PREFIX=kubeshark-worker- - export LOGS_SUFFIX="-c server --follow" - ${MAKE} logs - -logs-tracer: - export LOGS_POD_PREFIX=kubeshark-worker- - export LOGS_SUFFIX="-c tracer" - ${MAKE} logs - -logs-tracer-follow: - export LOGS_POD_PREFIX=kubeshark-worker- - export LOGS_SUFFIX="-c tracer --follow" + export LOGS_FOLLOW=--follow ${MAKE} logs logs-hub: export LOGS_POD_PREFIX=kubeshark-hub - export LOGS_SUFFIX= + export LOGS_FOLLOW= ${MAKE} logs logs-hub-follow: export LOGS_POD_PREFIX=kubeshark-hub - export LOGS_SUFFIX=--follow + export LOGS_FOLLOW=--follow ${MAKE} logs logs-front: export LOGS_POD_PREFIX=kubeshark-front - export LOGS_SUFFIX= + export LOGS_FOLLOW= ${MAKE} logs logs-front-follow: export LOGS_POD_PREFIX=kubeshark-front - export LOGS_SUFFIX=--follow + export LOGS_FOLLOW=--follow ${MAKE} logs logs: - kubectl logs $$(kubectl get pods | awk '$$1 ~ /^$(LOGS_POD_PREFIX)/' | awk 'END {print $$1}') $(LOGS_SUFFIX) + kubectl logs $$(kubectl get pods | awk '$$1 ~ /^$(LOGS_POD_PREFIX)/' | awk 'END {print $$1}') $(LOGS_FOLLOW) ssh-node: kubectl ssh node $$(kubectl get nodes | awk 'END {print $$1}') -exec-sniffer: +exec-worker: export EXEC_POD_PREFIX=kubeshark-worker- - export EXEC_SUFFIX="-c sniffer" - ${MAKE} exec - -exec-server: - export EXEC_POD_PREFIX=kubeshark-worker- - export EXEC_SUFFIX="-c server" - ${MAKE} exec - -exec-tracer: - export EXEC_POD_PREFIX=kubeshark-worker- - export EXEC_SUFFIX="-c tracer" ${MAKE} exec exec-hub: @@ -155,7 +124,7 @@ exec-front: ${MAKE} exec exec: - kubectl exec --stdin --tty $$(kubectl get pods | awk '$$1 ~ /^$(EXEC_POD_PREFIX)/' | awk 'END {print $$1}') $(EXEC_SUFFIX) -- /bin/sh + kubectl exec --stdin --tty $$(kubectl get pods | awk '$$1 ~ /^$(EXEC_POD_PREFIX)/' | awk 'END {print $$1}') -- /bin/sh helm-install: cd helm-chart && helm install kubeshark . && cd .. @@ -182,4 +151,4 @@ proxy: kubeshark proxy port-forward-worker: - kubectl port-forward $$(kubectl get pods | awk '$$1 ~ /^$(LOGS_POD_PREFIX)/' | awk 'END {print $$1}') $(LOGS_SUFFIX) 8897:8897 + kubectl port-forward $$(kubectl get pods | awk '$$1 ~ /^$(LOGS_POD_PREFIX)/' | awk 'END {print $$1}') $(LOGS_FOLLOW) 8897:8897 diff --git a/helm-chart/templates/09-worker-daemon-set.yaml b/helm-chart/templates/09-worker-daemon-set.yaml index 455a17b57..044e90ba8 100644 --- a/helm-chart/templates/09-worker-daemon-set.yaml +++ b/helm-chart/templates/09-worker-daemon-set.yaml @@ -30,6 +30,8 @@ spec: - ./worker - -i - any + - -port + - '{{ .Values.tap.proxy.worker.srvport }}' - -servicemesh - -procfs - /hostproc @@ -76,56 +78,6 @@ spec: - SYS_MODULE drop: - ALL - volumeMounts: - - mountPath: /hostproc - name: proc - readOnly: true - - mountPath: /sys - name: sys - readOnly: true - - mountPath: /app/data - name: data - - command: - - ./worker - - -server-mode - - -port - - '{{ .Values.tap.proxy.worker.srvport }}' - {{ .Values.tap.debug | ternary "- -debug" "" }} - image: '{{ .Values.tap.docker.registry }}/worker:{{ .Values.tap.docker.tag }}' - imagePullPolicy: {{ .Values.tap.docker.imagepullpolicy }} - name: server - env: - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: POD_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - envFrom: - - secretRef: - name: kubeshark-secret - {{- if .Values.tap.debug }} - env: - - name: PROFILING_ENABLED - value: "true" - - name: PROFILING_DUMP_PATH - value: "pprof" - - name: PROFILING_INTERVAL_SECONDS - value: "60" - {{- end }} - resources: - limits: - cpu: {{ .Values.tap.resources.worker.limits.cpu }} - memory: {{ .Values.tap.resources.worker.limits.memory }} - requests: - cpu: {{ .Values.tap.resources.worker.requests.cpu }} - memory: {{ .Values.tap.resources.worker.requests.memory }} - securityContext: - capabilities: - drop: - - ALL readinessProbe: periodSeconds: 1 failureThreshold: 3 @@ -147,8 +99,10 @@ spec: - mountPath: /sys name: sys readOnly: true + {{- if .Values.tap.persistentstorage }} - mountPath: /app/data - name: data + name: kubeshark-persistent-volume + {{- end }} {{- if .Values.tap.tls }} - command: - ./tracer @@ -193,8 +147,10 @@ spec: - mountPath: /sys name: sys readOnly: true + {{- if .Values.tap.persistentstorage }} - mountPath: /app/data - name: data + name: kubeshark-persistent-volume + {{- end }} {{- end }} dnsPolicy: ClusterFirstWithHostNet hostNetwork: true @@ -221,8 +177,8 @@ spec: - hostPath: path: /sys name: sys - - name: data {{- if .Values.tap.persistentstorage }} + - name: kubeshark-persistent-volume persistentVolumeClaim: claimName: kubeshark-persistent-volume-claim {{- else }}