From c837874bbee60208f6b8d1d6555000b9d76bcc1e Mon Sep 17 00:00:00 2001 From: "M. Mert Yildiran" Date: Fri, 2 Aug 2024 18:17:05 +0300 Subject: [PATCH] Add `ENABLED_DISSECTORS` to `ConfigMap` (#1570) Co-authored-by: Alon Girmonsky <1990761+alongir@users.noreply.github.com> --- config/configStruct.go | 12 ++++++++++++ config/configStructs/tapConfig.go | 1 + helm-chart/templates/12-config-map.yaml | 1 + helm-chart/values.yaml | 11 +++++++++++ manifests/complete.yaml | 6 +++++- 5 files changed, 30 insertions(+), 1 deletion(-) diff --git a/config/configStruct.go b/config/configStruct.go index 34d1f9493..97b42fa0a 100644 --- a/config/configStruct.go +++ b/config/configStruct.go @@ -73,6 +73,18 @@ func CreateDefaultConfig() ConfigStruct { }, }, }, + EnabledDissectors: []string{ + "amqp", + "dns", + "http", + "icmp", + "kafka", + "redis", + "sctp", + "syscall", + "tcp", + "ws", + }, }, } } diff --git a/config/configStructs/tapConfig.go b/config/configStructs/tapConfig.go index 48ba76209..e2748ec4f 100644 --- a/config/configStructs/tapConfig.go +++ b/config/configStructs/tapConfig.go @@ -194,6 +194,7 @@ type TapConfig struct { StopTrafficCapturingDisabled bool `yaml:"stopTrafficCapturingDisabled" json:"stopTrafficCapturingDisabled" default:"false"` Capabilities CapabilitiesConfig `yaml:"capabilities" json:"capabilities"` GlobalFilter string `yaml:"globalFilter" json:"globalFilter"` + EnabledDissectors []string `yaml:"enabledDissectors" json:"enabledDissectors"` Metrics MetricsConfig `yaml:"metrics" json:"metrics"` Misc MiscConfig `yaml:"misc" json:"misc"` } diff --git a/helm-chart/templates/12-config-map.yaml b/helm-chart/templates/12-config-map.yaml index e8287db02..1467f96f0 100644 --- a/helm-chart/templates/12-config-map.yaml +++ b/helm-chart/templates/12-config-map.yaml @@ -45,4 +45,5 @@ data: {{ .Values.cloudLicenseEnabled }} {{- end }}' DUPLICATE_TIMEFRAME: '{{ .Values.tap.misc.duplicateTimeframe }}' + ENABLED_DISSECTORS: '{{ gt (len .Values.tap.enabledDissectors) 0 | ternary (join "," .Values.tap.enabledDissectors) "" }}' diff --git a/helm-chart/values.yaml b/helm-chart/values.yaml index c93297e9c..03268b943 100644 --- a/helm-chart/values.yaml +++ b/helm-chart/values.yaml @@ -115,6 +115,17 @@ tap: - SYS_RESOURCE - IPC_LOCK globalFilter: "" + enabledDissectors: + - amqp + - dns + - http + - icmp + - kafka + - redis + - sctp + - syscall + - tcp + - ws metrics: port: 49100 misc: diff --git a/manifests/complete.yaml b/manifests/complete.yaml index 4107c963a..0aad74559 100644 --- a/manifests/complete.yaml +++ b/manifests/complete.yaml @@ -234,11 +234,12 @@ data: AUTH_TYPE: 'oidc' AUTH_SAML_IDP_METADATA_URL: '' AUTH_SAML_ROLE_ATTRIBUTE: 'role' - AUTH_SAML_ROLES: '{"admin":{"canDownloadPCAP":true,"canUpdateTargetedPods":true,"canUseScripting":true,"filter":"","showAdminConsoleLink":true}}' + AUTH_SAML_ROLES: '{"admin":{"canDownloadPCAP":true,"canStopTrafficCapturing":true,"canUpdateTargetedPods":true,"canUseScripting":true,"filter":"","showAdminConsoleLink":true}}' TELEMETRY_DISABLED: '' SCRIPTING_DISABLED: '' TARGETED_PODS_UPDATE_DISABLED: '' RECORDING_DISABLED: '' + STOP_TRAFFIC_CAPTURING_DISABLED: 'false' GLOBAL_FILTER: "" TRAFFIC_SAMPLE_RATE: '100' JSON_TTL: '5m' @@ -247,6 +248,7 @@ data: TIMEZONE: ' ' CLOUD_LICENSE_ENABLED: 'true' DUPLICATE_TIMEFRAME: '200ms' + ENABLED_DISSECTORS: 'amqp,dns,http,icmp,kafka,redis,sctp,syscall,tcp,ws' --- # Source: kubeshark/templates/02-cluster-role.yaml apiVersion: rbac.authorization.k8s.io/v1 @@ -773,6 +775,8 @@ spec: value: 'false' - name: REACT_APP_RECORDING_DISABLED value: 'false' + - name: REACT_APP_STOP_TRAFFIC_CAPTURING_DISABLED + value: 'false' - name: 'REACT_APP_CLOUD_LICENSE_ENABLED' value: 'true' image: 'docker.io/kubeshark/front:v52.3.69'