diff --git a/helm-chart/Chart.yaml b/helm-chart/Chart.yaml index cb875706d..e2807adee 100644 --- a/helm-chart/Chart.yaml +++ b/helm-chart/Chart.yaml @@ -1,6 +1,6 @@ apiVersion: v2 name: kubeshark -version: "52.3.96" +version: "52.4" description: The API Traffic Analyzer for Kubernetes home: https://kubeshark.co keywords: diff --git a/helm-chart/values.yaml b/helm-chart/values.yaml index 418f29650..257f8c298 100644 --- a/helm-chart/values.yaml +++ b/helm-chart/values.yaml @@ -76,7 +76,6 @@ tap: failureThreshold: 3 serviceMesh: true tls: true - mountBpf: true disableTlsLog: true packetCapture: best ignoreTainted: false diff --git a/manifests/complete.yaml b/manifests/complete.yaml index 4cdabd011..8db5b820e 100644 --- a/manifests/complete.yaml +++ b/manifests/complete.yaml @@ -4,10 +4,10 @@ apiVersion: networking.k8s.io/v1 kind: NetworkPolicy metadata: labels: - helm.sh/chart: kubeshark-52.3.96 + helm.sh/chart: kubeshark-52.4 app.kubernetes.io/name: kubeshark app.kubernetes.io/instance: kubeshark - app.kubernetes.io/version: "52.3.96" + app.kubernetes.io/version: "52.4" app.kubernetes.io/managed-by: Helm annotations: name: kubeshark-hub-network-policy @@ -34,10 +34,10 @@ apiVersion: networking.k8s.io/v1 kind: NetworkPolicy metadata: labels: - helm.sh/chart: kubeshark-52.3.96 + helm.sh/chart: kubeshark-52.4 app.kubernetes.io/name: kubeshark app.kubernetes.io/instance: kubeshark - app.kubernetes.io/version: "52.3.96" + app.kubernetes.io/version: "52.4" app.kubernetes.io/managed-by: Helm annotations: name: kubeshark-front-network-policy @@ -61,10 +61,10 @@ apiVersion: networking.k8s.io/v1 kind: NetworkPolicy metadata: labels: - helm.sh/chart: kubeshark-52.3.96 + helm.sh/chart: kubeshark-52.4 app.kubernetes.io/name: kubeshark app.kubernetes.io/instance: kubeshark - app.kubernetes.io/version: "52.3.96" + app.kubernetes.io/version: "52.4" app.kubernetes.io/managed-by: Helm annotations: name: kubeshark-worker-network-policy @@ -90,10 +90,10 @@ apiVersion: v1 kind: ServiceAccount metadata: labels: - helm.sh/chart: kubeshark-52.3.96 + helm.sh/chart: kubeshark-52.4 app.kubernetes.io/name: kubeshark app.kubernetes.io/instance: kubeshark - app.kubernetes.io/version: "52.3.96" + app.kubernetes.io/version: "52.4" app.kubernetes.io/managed-by: Helm annotations: name: kubeshark-service-account @@ -107,10 +107,10 @@ metadata: namespace: default labels: app.kubeshark.co/app: hub - helm.sh/chart: kubeshark-52.3.96 + helm.sh/chart: kubeshark-52.4 app.kubernetes.io/name: kubeshark app.kubernetes.io/instance: kubeshark - app.kubernetes.io/version: "52.3.96" + app.kubernetes.io/version: "52.4" app.kubernetes.io/managed-by: Helm stringData: LICENSE: '' @@ -124,10 +124,10 @@ metadata: namespace: default labels: app.kubeshark.co/app: hub - helm.sh/chart: kubeshark-52.3.96 + helm.sh/chart: kubeshark-52.4 app.kubernetes.io/name: kubeshark app.kubernetes.io/instance: kubeshark - app.kubernetes.io/version: "52.3.96" + app.kubernetes.io/version: "52.4" app.kubernetes.io/managed-by: Helm stringData: AUTH_SAML_X509_CRT: | @@ -140,10 +140,10 @@ metadata: namespace: default labels: app.kubeshark.co/app: hub - helm.sh/chart: kubeshark-52.3.96 + helm.sh/chart: kubeshark-52.4 app.kubernetes.io/name: kubeshark app.kubernetes.io/instance: kubeshark - app.kubernetes.io/version: "52.3.96" + app.kubernetes.io/version: "52.4" app.kubernetes.io/managed-by: Helm stringData: AUTH_SAML_X509_KEY: | @@ -155,10 +155,10 @@ metadata: name: kubeshark-nginx-config-map namespace: default labels: - helm.sh/chart: kubeshark-52.3.96 + helm.sh/chart: kubeshark-52.4 app.kubernetes.io/name: kubeshark app.kubernetes.io/instance: kubeshark - app.kubernetes.io/version: "52.3.96" + app.kubernetes.io/version: "52.4" app.kubernetes.io/managed-by: Helm data: default.conf: | @@ -219,10 +219,10 @@ metadata: namespace: default labels: app.kubeshark.co/app: hub - helm.sh/chart: kubeshark-52.3.96 + helm.sh/chart: kubeshark-52.4 app.kubernetes.io/name: kubeshark app.kubernetes.io/instance: kubeshark - app.kubernetes.io/version: "52.3.96" + app.kubernetes.io/version: "52.4" app.kubernetes.io/managed-by: Helm data: POD_REGEX: '.*' @@ -270,10 +270,10 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: labels: - helm.sh/chart: kubeshark-52.3.96 + helm.sh/chart: kubeshark-52.4 app.kubernetes.io/name: kubeshark app.kubernetes.io/instance: kubeshark - app.kubernetes.io/version: "52.3.96" + app.kubernetes.io/version: "52.4" app.kubernetes.io/managed-by: Helm annotations: name: kubeshark-cluster-role-default @@ -318,10 +318,10 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: labels: - helm.sh/chart: kubeshark-52.3.96 + helm.sh/chart: kubeshark-52.4 app.kubernetes.io/name: kubeshark app.kubernetes.io/instance: kubeshark - app.kubernetes.io/version: "52.3.96" + app.kubernetes.io/version: "52.4" app.kubernetes.io/managed-by: Helm annotations: name: kubeshark-cluster-role-binding-default @@ -340,10 +340,10 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: labels: - helm.sh/chart: kubeshark-52.3.96 + helm.sh/chart: kubeshark-52.4 app.kubernetes.io/name: kubeshark app.kubernetes.io/instance: kubeshark - app.kubernetes.io/version: "52.3.96" + app.kubernetes.io/version: "52.4" app.kubernetes.io/managed-by: Helm annotations: name: kubeshark-self-config-role @@ -370,10 +370,10 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: labels: - helm.sh/chart: kubeshark-52.3.96 + helm.sh/chart: kubeshark-52.4 app.kubernetes.io/name: kubeshark app.kubernetes.io/instance: kubeshark - app.kubernetes.io/version: "52.3.96" + app.kubernetes.io/version: "52.4" app.kubernetes.io/managed-by: Helm annotations: name: kubeshark-self-config-role-binding @@ -393,10 +393,10 @@ kind: Service metadata: labels: app.kubeshark.co/app: hub - helm.sh/chart: kubeshark-52.3.96 + helm.sh/chart: kubeshark-52.4 app.kubernetes.io/name: kubeshark app.kubernetes.io/instance: kubeshark - app.kubernetes.io/version: "52.3.96" + app.kubernetes.io/version: "52.4" app.kubernetes.io/managed-by: Helm annotations: name: kubeshark-hub @@ -415,10 +415,10 @@ apiVersion: v1 kind: Service metadata: labels: - helm.sh/chart: kubeshark-52.3.96 + helm.sh/chart: kubeshark-52.4 app.kubernetes.io/name: kubeshark app.kubernetes.io/instance: kubeshark - app.kubernetes.io/version: "52.3.96" + app.kubernetes.io/version: "52.4" app.kubernetes.io/managed-by: Helm annotations: name: kubeshark-front @@ -437,10 +437,10 @@ kind: Service apiVersion: v1 metadata: labels: - helm.sh/chart: kubeshark-52.3.96 + helm.sh/chart: kubeshark-52.4 app.kubernetes.io/name: kubeshark app.kubernetes.io/instance: kubeshark - app.kubernetes.io/version: "52.3.96" + app.kubernetes.io/version: "52.4" app.kubernetes.io/managed-by: Helm annotations: prometheus.io/scrape: 'true' @@ -450,10 +450,10 @@ metadata: spec: selector: app.kubeshark.co/app: worker - helm.sh/chart: kubeshark-52.3.96 + helm.sh/chart: kubeshark-52.4 app.kubernetes.io/name: kubeshark app.kubernetes.io/instance: kubeshark - app.kubernetes.io/version: "52.3.96" + app.kubernetes.io/version: "52.4" app.kubernetes.io/managed-by: Helm ports: - name: metrics @@ -466,10 +466,10 @@ kind: Service apiVersion: v1 metadata: labels: - helm.sh/chart: kubeshark-52.3.96 + helm.sh/chart: kubeshark-52.4 app.kubernetes.io/name: kubeshark app.kubernetes.io/instance: kubeshark - app.kubernetes.io/version: "52.3.96" + app.kubernetes.io/version: "52.4" app.kubernetes.io/managed-by: Helm annotations: prometheus.io/scrape: 'true' @@ -479,10 +479,10 @@ metadata: spec: selector: app.kubeshark.co/app: hub - helm.sh/chart: kubeshark-52.3.96 + helm.sh/chart: kubeshark-52.4 app.kubernetes.io/name: kubeshark app.kubernetes.io/instance: kubeshark - app.kubernetes.io/version: "52.3.96" + app.kubernetes.io/version: "52.4" app.kubernetes.io/managed-by: Helm ports: - name: metrics @@ -497,10 +497,10 @@ metadata: labels: app.kubeshark.co/app: worker sidecar.istio.io/inject: "false" - helm.sh/chart: kubeshark-52.3.96 + helm.sh/chart: kubeshark-52.4 app.kubernetes.io/name: kubeshark app.kubernetes.io/instance: kubeshark - app.kubernetes.io/version: "52.3.96" + app.kubernetes.io/version: "52.4" app.kubernetes.io/managed-by: Helm annotations: name: kubeshark-worker-daemon-set @@ -515,39 +515,14 @@ spec: metadata: labels: app.kubeshark.co/app: worker - helm.sh/chart: kubeshark-52.3.96 + helm.sh/chart: kubeshark-52.4 app.kubernetes.io/name: kubeshark app.kubernetes.io/instance: kubeshark - app.kubernetes.io/version: "52.3.96" + app.kubernetes.io/version: "52.4" app.kubernetes.io/managed-by: Helm name: kubeshark-worker-daemon-set namespace: kubeshark spec: - initContainers: - - command: - - /bin/sh - - -c - - mkdir -p /sys/fs/bpf && mount | grep -q '/sys/fs/bpf' || mount -t bpf bpf /sys/fs/bpf - image: 'docker.io/kubeshark/worker:v52.3.96' - imagePullPolicy: Always - name: check-bpf - securityContext: - privileged: true - volumeMounts: - - mountPath: /sys - name: sys - mountPropagation: Bidirectional - - command: - - ./tracer - - -init-bpf - image: 'docker.io/kubeshark/worker:v52.3.96' - imagePullPolicy: Always - name: init-bpf - securityContext: - privileged: true - volumeMounts: - - mountPath: /sys - name: sys containers: - command: - ./worker @@ -561,7 +536,6 @@ spec: - 'best' - -loglevel - 'warning' - - -unixsocket - -servicemesh - -procfs - /hostproc @@ -569,7 +543,7 @@ spec: - 'auto' - -staletimeout - '30' - image: 'docker.io/kubeshark/worker:v52.3.96' + image: 'docker.io/kubeshark/worker:v52.4' imagePullPolicy: Always name: sniffer ports: @@ -611,19 +585,7 @@ spec: memory: 50Mi securityContext: - capabilities: - add: - - NET_RAW - - NET_ADMIN - - SYS_ADMIN - - SYS_PTRACE - - DAC_OVERRIDE - - SYS_ADMIN - - SYS_PTRACE - - SYS_RESOURCE - - IPC_LOCK - drop: - - ALL + privileged: true readinessProbe: periodSeconds: 10 failureThreshold: 3 @@ -645,6 +607,7 @@ spec: - mountPath: /sys name: sys readOnly: true + mountPropagation: HostToContainer - mountPath: /app/data name: data - command: @@ -652,9 +615,9 @@ spec: - -procfs - /hostproc - -disable-tls-log - # - -loglevel - # - 'warning' - image: 'docker.io/kubeshark/worker:v52.3.96' + - -loglevel + - 'warning' + image: 'docker.io/kubeshark/worker:v52.4' imagePullPolicy: Always name: tracer env: @@ -686,16 +649,7 @@ spec: memory: 50Mi securityContext: - capabilities: - add: - - SYS_ADMIN - - SYS_PTRACE - - SYS_RESOURCE - - IPC_LOCK - - NET_RAW - - NET_ADMIN - drop: - - ALL + privileged: true volumeMounts: - mountPath: /hostproc name: proc @@ -703,6 +657,7 @@ spec: - mountPath: /sys name: sys readOnly: true + mountPropagation: HostToContainer - mountPath: /app/data name: data - mountPath: /etc/os-release @@ -756,10 +711,10 @@ kind: Deployment metadata: labels: app.kubeshark.co/app: hub - helm.sh/chart: kubeshark-52.3.96 + helm.sh/chart: kubeshark-52.4 app.kubernetes.io/name: kubeshark app.kubernetes.io/instance: kubeshark - app.kubernetes.io/version: "52.3.96" + app.kubernetes.io/version: "52.4" app.kubernetes.io/managed-by: Helm annotations: name: kubeshark-hub @@ -775,10 +730,10 @@ spec: metadata: labels: app.kubeshark.co/app: hub - helm.sh/chart: kubeshark-52.3.96 + helm.sh/chart: kubeshark-52.4 app.kubernetes.io/name: kubeshark app.kubernetes.io/instance: kubeshark - app.kubernetes.io/version: "52.3.96" + app.kubernetes.io/version: "52.4" app.kubernetes.io/managed-by: Helm spec: dnsPolicy: ClusterFirstWithHostNet @@ -808,7 +763,7 @@ spec: value: 'https://api.kubeshark.co' - name: PROFILING_ENABLED value: 'false' - image: 'docker.io/kubeshark/hub:v52.3.96' + image: 'docker.io/kubeshark/hub:v52.4' imagePullPolicy: Always readinessProbe: periodSeconds: 10 @@ -871,10 +826,10 @@ kind: Deployment metadata: labels: app.kubeshark.co/app: front - helm.sh/chart: kubeshark-52.3.96 + helm.sh/chart: kubeshark-52.4 app.kubernetes.io/name: kubeshark app.kubernetes.io/instance: kubeshark - app.kubernetes.io/version: "52.3.96" + app.kubernetes.io/version: "52.4" app.kubernetes.io/managed-by: Helm annotations: name: kubeshark-front @@ -890,10 +845,10 @@ spec: metadata: labels: app.kubeshark.co/app: front - helm.sh/chart: kubeshark-52.3.96 + helm.sh/chart: kubeshark-52.4 app.kubernetes.io/name: kubeshark app.kubernetes.io/instance: kubeshark - app.kubernetes.io/version: "52.3.96" + app.kubernetes.io/version: "52.4" app.kubernetes.io/managed-by: Helm spec: containers: @@ -928,7 +883,7 @@ spec: value: 'false' - name: REACT_APP_SENTRY_ENVIRONMENT value: 'production' - image: 'docker.io/kubeshark/front:v52.3.96' + image: 'docker.io/kubeshark/front:v52.4' imagePullPolicy: Always name: kubeshark-front livenessProbe: