mirror of
https://github.com/kubeshark/kubeshark.git
synced 2025-07-16 17:31:58 +00:00
Make node selector component specific (#1694)
* Make node selector component specific * Update templates --------- Co-authored-by: Alon Girmonsky <1990761+alongir@users.noreply.github.com>
This commit is contained in:
Volodymyr Stoiko
GitHub
parent
aa7c8f36f5
commit
ef17eb9fbe
@ -16,7 +16,8 @@ const (
|
||||
func CreateDefaultConfig() ConfigStruct {
|
||||
return ConfigStruct{
|
||||
Tap: configStructs.TapConfig{
|
||||
NodeSelectorTerms: []v1.NodeSelectorTerm{
|
||||
NodeSelectorTerms: configStructs.NodeSelectorTermsConfig{
|
||||
Workers: []v1.NodeSelectorTerm{
|
||||
{
|
||||
MatchExpressions: []v1.NodeSelectorRequirement{
|
||||
{
|
||||
@ -27,6 +28,29 @@ func CreateDefaultConfig() ConfigStruct {
|
||||
},
|
||||
},
|
||||
},
|
||||
Hub: []v1.NodeSelectorTerm{
|
||||
{
|
||||
MatchExpressions: []v1.NodeSelectorRequirement{
|
||||
{
|
||||
Key: "kubernetes.io/os",
|
||||
Operator: v1.NodeSelectorOpIn,
|
||||
Values: []string{"linux"},
|
||||
},
|
||||
},
|
||||
},
|
||||
},
|
||||
Front: []v1.NodeSelectorTerm{
|
||||
{
|
||||
MatchExpressions: []v1.NodeSelectorRequirement{
|
||||
{
|
||||
Key: "kubernetes.io/os",
|
||||
Operator: v1.NodeSelectorOpIn,
|
||||
Values: []string{"linux"},
|
||||
},
|
||||
},
|
||||
},
|
||||
},
|
||||
},
|
||||
Capabilities: configStructs.CapabilitiesConfig{
|
||||
NetworkCapture: []string{
|
||||
// NET_RAW is required to listen the network traffic
|
||||
|
||||
@ -122,6 +122,12 @@ type ProbesConfig struct {
|
||||
Sniffer ProbeConfig `yaml:"sniffer" json:"sniffer"`
|
||||
}
|
||||
|
||||
type NodeSelectorTermsConfig struct {
|
||||
Hub []v1.NodeSelectorTerm `yaml:"hub" json:"hub" default:"[]"`
|
||||
Workers []v1.NodeSelectorTerm `yaml:"workers" json:"workers" default:"[]"`
|
||||
Front []v1.NodeSelectorTerm `yaml:"front" json:"front" default:"[]"`
|
||||
}
|
||||
|
||||
type ProbeConfig struct {
|
||||
InitialDelaySeconds int `yaml:"initialDelaySeconds" json:"initialDelaySeconds" default:"15"`
|
||||
PeriodSeconds int `yaml:"periodSeconds" json:"periodSeconds" default:"10"`
|
||||
@ -247,7 +253,7 @@ type TapConfig struct {
|
||||
IgnoreTainted bool `yaml:"ignoreTainted" json:"ignoreTainted" default:"false"`
|
||||
Labels map[string]string `yaml:"labels" json:"labels" default:"{}"`
|
||||
Annotations map[string]string `yaml:"annotations" json:"annotations" default:"{}"`
|
||||
NodeSelectorTerms []v1.NodeSelectorTerm `yaml:"nodeSelectorTerms" json:"nodeSelectorTerms" default:"[]"`
|
||||
NodeSelectorTerms NodeSelectorTermsConfig `yaml:"nodeSelectorTerms" json:"nodeSelectorTerms" default:"{}"`
|
||||
Auth AuthConfig `yaml:"auth" json:"auth"`
|
||||
Ingress IngressConfig `yaml:"ingress" json:"ingress"`
|
||||
IPv6 bool `yaml:"ipv6" json:"ipv6" default:"true"`
|
||||
|
||||
@ -174,7 +174,9 @@ Example for overriding image names:
|
||||
| `tap.ignoreTainted` | Whether to ignore tainted nodes | `false` |
|
||||
| `tap.labels` | Kubernetes labels to apply to all Kubeshark resources | `{}` |
|
||||
| `tap.annotations` | Kubernetes annotations to apply to all Kubeshark resources | `{}` |
|
||||
| `tap.nodeSelectorTerms` | Node selector terms | `[{"matchExpressions":[{"key":"kubernetes.io/os","operator":"In","values":["linux"]}]}]` |
|
||||
| `tap.nodeSelectorTerms.Workers` | Node selector terms for workers components | `[{"matchExpressions":[{"key":"kubernetes.io/os","operator":"In","values":["linux"]}]}]` |
|
||||
| `tap.nodeSelectorTerms.Hub` | Node selector terms for hub component | `[{"matchExpressions":[{"key":"kubernetes.io/os","operator":"In","values":["linux"]}]}]` |
|
||||
| `tap.nodeSelectorTerms.Front` | Node selector terms for front-end component | `[{"matchExpressions":[{"key":"kubernetes.io/os","operator":"In","values":["linux"]}]}]` |
|
||||
| `tap.auth.enabled` | Enable authentication | `false` |
|
||||
| `tap.auth.type` | Authentication type (1 option available: `saml`) | `saml` |
|
||||
| `tap.auth.approvedEmails` | List of approved email addresses for authentication | `[]` |
|
||||
|
||||
@ -97,6 +97,13 @@ spec:
|
||||
- name: saml-x509-volume
|
||||
mountPath: "/etc/saml/x509"
|
||||
readOnly: true
|
||||
{{- if gt (len .Values.tap.nodeSelectorTerms.hub) 0}}
|
||||
affinity:
|
||||
nodeAffinity:
|
||||
requiredDuringSchedulingIgnoredDuringExecution:
|
||||
nodeSelectorTerms:
|
||||
{{- toYaml .Values.tap.nodeSelectorTerms.hub | nindent 12 }}
|
||||
{{- end }}
|
||||
volumes:
|
||||
- name: saml-x509-volume
|
||||
projected:
|
||||
|
||||
@ -108,6 +108,13 @@ spec:
|
||||
mountPath: /etc/nginx/conf.d/default.conf
|
||||
subPath: default.conf
|
||||
readOnly: true
|
||||
{{- if gt (len .Values.tap.nodeSelectorTerms.front) 0}}
|
||||
affinity:
|
||||
nodeAffinity:
|
||||
requiredDuringSchedulingIgnoredDuringExecution:
|
||||
nodeSelectorTerms:
|
||||
{{- toYaml .Values.tap.nodeSelectorTerms.front | nindent 12 }}
|
||||
{{- end }}
|
||||
volumes:
|
||||
- name: nginx-config
|
||||
configMap:
|
||||
|
||||
@ -286,12 +286,12 @@ spec:
|
||||
- effect: NoSchedule
|
||||
operator: Exists
|
||||
{{- end }}
|
||||
{{- if gt (len .Values.tap.nodeSelectorTerms) 0}}
|
||||
{{- if gt (len .Values.tap.nodeSelectorTerms.workers) 0}}
|
||||
affinity:
|
||||
nodeAffinity:
|
||||
requiredDuringSchedulingIgnoredDuringExecution:
|
||||
nodeSelectorTerms:
|
||||
{{- toYaml .Values.tap.nodeSelectorTerms | nindent 12 }}
|
||||
{{- toYaml .Values.tap.nodeSelectorTerms.workers | nindent 12 }}
|
||||
{{- end }}
|
||||
volumes:
|
||||
- hostPath:
|
||||
|
||||
@ -78,6 +78,19 @@ tap:
|
||||
labels: {}
|
||||
annotations: {}
|
||||
nodeSelectorTerms:
|
||||
hub:
|
||||
- matchExpressions:
|
||||
- key: kubernetes.io/os
|
||||
operator: In
|
||||
values:
|
||||
- linux
|
||||
workers:
|
||||
- matchExpressions:
|
||||
- key: kubernetes.io/os
|
||||
operator: In
|
||||
values:
|
||||
- linux
|
||||
front:
|
||||
- matchExpressions:
|
||||
- key: kubernetes.io/os
|
||||
operator: In
|
||||
|
||||
Loading…
Reference in New Issue
Block a user