EFS persistent volume helm deployment support (#1455)

* EFS persistent volume docs/14 EFS static and dynamic provision added to default * Update helm-chart/values.yaml Co-authored-by: M. Mert Yildiran <mehmetmertyildiran@gmail.com> * Update helm-chart/templates/08-persistent-volume-claim.yaml Co-authored-by: M. Mert Yildiran <mehmetmertyildiran@gmail.com> * Update config/configStructs/tapConfig.go Fix format Co-authored-by: M. Mert Yildiran <mehmetmertyildiran@gmail.com> * Fix format config/configStructs/tapConfig.go Co-authored-by: M. Mert Yildiran <mehmetmertyildiran@gmail.com> * Improve formatting --------- Co-authored-by: Alon Girmonsky <1990761+alongir@users.noreply.github.com> Co-authored-by: M. Mert Yildiran <mehmetmertyildiran@gmail.com>
2025-09-02 19:15:26 +00:00 · 2023-12-11 19:52:58 +01:00
parent 510d5e5ed8
commit d3c21a07bb
5 changed files with 75 additions and 44 deletions
--- a/cmd/tap.go
+++ b/cmd/tap.go
@@ -50,6 +50,8 @@ func init() {
 	tapCmd.Flags().StringSliceP(configStructs.NamespacesLabel, "n", defaultTapConfig.Namespaces, "Namespaces selector")
 	tapCmd.Flags().StringP(configStructs.ReleaseNamespaceLabel, "s", defaultTapConfig.Release.Namespace, "Release namespace of Kubeshark")
 	tapCmd.Flags().Bool(configStructs.PersistentStorageLabel, defaultTapConfig.PersistentStorage, "Enable persistent storage (PersistentVolumeClaim)")
 	tapCmd.Flags().Bool(configStructs.PersistentStorageStaticLabel, defaultTapConfig.PersistentStorageStatic, "Persistent storage static provision")
 	tapCmd.Flags().Bool(configStructs.EfsFileSytemIdAndPathLabel, defaultTapConfig.EfsFileSytemIdAndPath, "EFS file system ID")
 	tapCmd.Flags().String(configStructs.StorageLimitLabel, defaultTapConfig.StorageLimit, "Override the default storage limit (per node)")
 	tapCmd.Flags().String(configStructs.StorageClassLabel, defaultTapConfig.StorageClass, "Override the default storage class of the PersistentVolumeClaim (per node)")
 	tapCmd.Flags().Bool(configStructs.DryRunLabel, defaultTapConfig.DryRun, "Preview of all pods matching the regex, without tapping them")
--- a/config/configStructs/tapConfig.go
+++ b/config/configStructs/tapConfig.go
@@ -9,28 +9,30 @@ import (
 )
 const (
-	DockerRegistryLabel    = "docker-registry"
+	DockerRegistryLabel          = "docker-registry"
-	DockerTagLabel         = "docker-tag"
+	DockerTagLabel               = "docker-tag"
-	DockerImagePullPolicy  = "docker-imagePullPolicy"
+	DockerImagePullPolicy        = "docker-imagePullPolicy"
-	DockerImagePullSecrets = "docker-imagePullSecrets"
+	DockerImagePullSecrets       = "docker-imagePullSecrets"
-	ProxyFrontPortLabel    = "proxy-front-port"
+	ProxyFrontPortLabel          = "proxy-front-port"
-	ProxyHubPortLabel      = "proxy-hub-port"
+	ProxyHubPortLabel            = "proxy-hub-port"
-	ProxyHostLabel         = "proxy-host"
+	ProxyHostLabel               = "proxy-host"
-	NamespacesLabel        = "namespaces"
+	NamespacesLabel              = "namespaces"
-	ReleaseNamespaceLabel  = "release-namespace"
+	ReleaseNamespaceLabel        = "release-namespace"
-	PersistentStorageLabel = "persistentStorage"
+	PersistentStorageLabel       = "persistentStorage"
-	StorageLimitLabel      = "storageLimit"
+	PersistentStorageStaticLabel = "persistentStorageStatic"
-	StorageClassLabel      = "storageClass"
+	EfsFileSytemIdAndPathLabel   = "efsFileSytemIdAndPath"
-	DryRunLabel            = "dryRun"
+	StorageLimitLabel            = "storageLimit"
-	PcapLabel              = "pcap"
+	StorageClassLabel            = "storageClass"
-	ServiceMeshLabel       = "serviceMesh"
+	DryRunLabel                  = "dryRun"
-	TlsLabel               = "tls"
+	PcapLabel                    = "pcap"
-	IgnoreTaintedLabel     = "ignoreTainted"
+	ServiceMeshLabel             = "serviceMesh"
-	IngressEnabledLabel    = "ingress-enabled"
+	TlsLabel                     = "tls"
-	TelemetryEnabledLabel  = "telemetry-enabled"
+	IgnoreTaintedLabel           = "ignoreTainted"
-	DebugLabel             = "debug"
+	IngressEnabledLabel          = "ingress-enabled"
-	ContainerPort          = 80
+	TelemetryEnabledLabel        = "telemetry-enabled"
-	ContainerPortStr       = "80"
+	DebugLabel                   = "debug"
 	ContainerPort                = 80
 	ContainerPortStr             = "80"
 )
 type ResourceLimits struct {
@@ -105,28 +107,30 @@ type TelemetryConfig struct {
 }
 type TapConfig struct {
-	Docker            DockerConfig          `yaml:"docker" json:"docker"`
+	Docker                  DockerConfig          `yaml:"docker" json:"docker"`
-	Proxy             ProxyConfig           `yaml:"proxy" json:"proxy"`
+	Proxy                   ProxyConfig           `yaml:"proxy" json:"proxy"`
-	PodRegexStr       string                `yaml:"regex" json:"regex" default:".*"`
+	PodRegexStr             string                `yaml:"regex" json:"regex" default:".*"`
-	Namespaces        []string              `yaml:"namespaces" json:"namespaces" default:"[]"`
+	Namespaces              []string              `yaml:"namespaces" json:"namespaces" default:"[]"`
-	Release           ReleaseConfig         `yaml:"release" json:"release"`
+	Release                 ReleaseConfig         `yaml:"release" json:"release"`
-	PersistentStorage bool                  `yaml:"persistentStorage" json:"persistentStorage" default:"false"`
+	PersistentStorage       bool                  `yaml:"persistentStorage" json:"persistentStorage" default:"false"`
-	StorageLimit      string                `yaml:"storageLimit" json:"storageLimit" default:"500Mi"`
+	PersistentStorageStatic bool                  `yaml:"persistentStorageStatic" json:"persistentStorageStatic" default:"false"`
-	StorageClass      string                `yaml:"storageClass" json:"storageClass" default:"standard"`
+	EfsFileSytemIdAndPath   bool                  `yaml:"efsFileSytemIdAndPath" json:"efsFileSytemIdAndPath" default:""`
-	DryRun            bool                  `yaml:"dryRun" json:"dryRun" default:"false"`
+	StorageLimit            string                `yaml:"storageLimit" json:"storageLimit" default:"500Mi"`
-	Resources         ResourcesConfig       `yaml:"resources" json:"resources"`
+	StorageClass            string                `yaml:"storageClass" json:"storageClass" default:"standard"`
-	ServiceMesh       bool                  `yaml:"serviceMesh" json:"serviceMesh" default:"true"`
+	DryRun                  bool                  `yaml:"dryRun" json:"dryRun" default:"false"`
-	Tls               bool                  `yaml:"tls" json:"tls" default:"true"`
+	Resources               ResourcesConfig       `yaml:"resources" json:"resources"`
-	IgnoreTainted     bool                  `yaml:"ignoreTainted" json:"ignoreTainted" default:"false"`
+	ServiceMesh             bool                  `yaml:"serviceMesh" json:"serviceMesh" default:"true"`
-	Labels            map[string]string     `yaml:"labels" json:"labels" default:"{}"`
+	Tls                     bool                  `yaml:"tls" json:"tls" default:"true"`
-	Annotations       map[string]string     `yaml:"annotations" json:"annotations" default:"{}"`
+	IgnoreTainted           bool                  `yaml:"ignoreTainted" json:"ignoreTainted" default:"false"`
-	NodeSelectorTerms []v1.NodeSelectorTerm `yaml:"nodeSelectorTerms" json:"nodeSelectorTerms" default:"[]"`
+	Labels                  map[string]string     `yaml:"labels" json:"labels" default:"{}"`
-	Auth              AuthConfig            `yaml:"auth" json:"auth"`
+	Annotations             map[string]string     `yaml:"annotations" json:"annotations" default:"{}"`
-	Ingress           IngressConfig         `yaml:"ingress" json:"ingress"`
+	NodeSelectorTerms       []v1.NodeSelectorTerm `yaml:"nodeSelectorTerms" json:"nodeSelectorTerms" default:"[]"`
-	IPv6              bool                  `yaml:"ipv6" json:"ipv6" default:"true"`
+	Auth                    AuthConfig            `yaml:"auth" json:"auth"`
-	Debug             bool                  `yaml:"debug" json:"debug" default:"false"`
+	Ingress                 IngressConfig         `yaml:"ingress" json:"ingress"`
-	NoKernelModule    bool                  `yaml:"noKernelModule" json:"noKernelModule" default:"false"`
+	IPv6                    bool                  `yaml:"ipv6" json:"ipv6" default:"true"`
-	Telemetry         TelemetryConfig       `yaml:"telemetry" json:"telemetry"`
+	Debug                   bool                  `yaml:"debug" json:"debug" default:"false"`
 	NoKernelModule          bool                  `yaml:"noKernelModule" json:"noKernelModule" default:"false"`
 	Telemetry               TelemetryConfig       `yaml:"telemetry" json:"telemetry"`
 }
 func (config *TapConfig) PodRegex() *regexp.Regexp {
--- a/helm-chart/README.md
+++ b/helm-chart/README.md
@@ -122,6 +122,8 @@ helm install kubeshark kubeshark/kubeshark \
 | `tap.release.name`                        | Helm release name                          | `kubeshark`                                             |
 | `tap.release.namespace`                   | Helm release namespace                | `default`                                               |
 | `tap.persistentStorage`                   | Use `persistentVolumeClaim` instead of `emptyDir` | `false`                                                |
 | `tap.persistentStorageStatic`             | Use static persistent volume provisioning (explicitly defined `PersistentVolume` ) | `false`                                                      |
 | `tap.efsFileSytemIdAndPath`               | [EFS file system ID and, optionally, subpath and/or access point](https://github.com/kubernetes-sigs/aws-efs-csi-driver/blob/master/examples/kubernetes/access_points/README.md) `<FileSystemId>:<Path>:<AccessPointId>`     | ""                                                           |
 | `tap.storageLimit`                        | Limit of either the `emptyDir` or `persistentVolumeClaim`                  | `500Mi`                                                 |
 | `tap.storageClass`                        | Storage class of the `PersistentVolumeClaim`          | `standard`                                              |
 | `tap.dryRun`                              | Preview of all pods matching the regex, without tapping them                    | `false`                                                 |
--- a/helm-chart/templates/08-persistent-volume-claim.yaml
+++ b/helm-chart/templates/08-persistent-volume-claim.yaml
@@ -1,4 +1,25 @@
 ---
 {{- if .Values.tap.persistentStorageStatic }}
 apiVersion: v1
 kind: PersistentVolume
 metadata:
  name: kubeshark-persistent-volume
  namespace: {{ .Release.Namespace }}
 spec:
  capacity:
    storage: {{ .Values.tap.storageLimit }}
  volumeMode: Filesystem
  accessModes:
    - ReadWriteMany
  persistentVolumeReclaimPolicy: Retain
  storageClassName: {{ .Values.tap.storageClass }}
  {{- if .Values.tap.efsFileSytemIdAndPath }}
  csi:
    driver: efs.csi.aws.com
    volumeHandle: {{ .Values.tap.efsFileSytemIdAndPath }}
  {{ end }}
 ---
 {{ end }}
 {{- if .Values.tap.persistentStorage }}
 apiVersion: v1
 kind: PersistentVolumeClaim
--- a/helm-chart/values.yaml
+++ b/helm-chart/values.yaml
@@ -19,6 +19,8 @@ tap:
    name: kubeshark
    namespace: default
  persistentStorage: false
  persistentStorageStatic: false
  efsFileSytemIdAndPath: ""
  storageLimit: 500Mi
  storageClass: standard
  dryRun: false