mirror of
https://github.com/kubeshark/kubeshark.git
synced 2025-09-25 12:41:44 +00:00
Update worker liveness/readiness config (#1684)
* Increase worker init delay to 30s * Update values * fix * Make probe values configurable * upd --------- Co-authored-by: Alon Girmonsky <1990761+alongir@users.noreply.github.com>
This commit is contained in:
Volodymyr Stoiko
GitHub
@@ -117,6 +117,18 @@ type ResourcesConfig struct {
|
|||||||
Tracer ResourceRequirementsWorker `yaml:"tracer" json:"tracer"`
|
Tracer ResourceRequirementsWorker `yaml:"tracer" json:"tracer"`
|
||||||
}
|
}
|
||||||
|
|
||||||
|
type ProbesConfig struct {
|
||||||
|
Hub ProbeConfig `yaml:"hub" json:"hub"`
|
||||||
|
Sniffer ProbeConfig `yaml:"sniffer" json:"sniffer"`
|
||||||
|
}
|
||||||
|
|
||||||
|
type ProbeConfig struct {
|
||||||
|
InitialDelaySeconds int `yaml:"initialDelaySeconds" json:"initialDelaySeconds" default:"15"`
|
||||||
|
PeriodSeconds int `yaml:"periodSeconds" json:"periodSeconds" default:"10"`
|
||||||
|
SuccessThreshold int `yaml:"successThreshold" json:"successThreshold" default:"1"`
|
||||||
|
FailureThreshold int `yaml:"failureThreshold" json:"failureThreshold" default:"3"`
|
||||||
|
}
|
||||||
|
|
||||||
type ScriptingPermissions struct {
|
type ScriptingPermissions struct {
|
||||||
CanSave bool `yaml:"canSave" json:"canSave" default:"true"`
|
CanSave bool `yaml:"canSave" json:"canSave" default:"true"`
|
||||||
CanActivate bool `yaml:"canActivate" json:"canActivate" default:"true"`
|
CanActivate bool `yaml:"canActivate" json:"canActivate" default:"true"`
|
||||||
@@ -228,6 +240,7 @@ type TapConfig struct {
|
|||||||
StorageClass string `yaml:"storageClass" json:"storageClass" default:"standard"`
|
StorageClass string `yaml:"storageClass" json:"storageClass" default:"standard"`
|
||||||
DryRun bool `yaml:"dryRun" json:"dryRun" default:"false"`
|
DryRun bool `yaml:"dryRun" json:"dryRun" default:"false"`
|
||||||
Resources ResourcesConfig `yaml:"resources" json:"resources"`
|
Resources ResourcesConfig `yaml:"resources" json:"resources"`
|
||||||
|
Probes ProbesConfig `yaml:"probes" json:"probes"`
|
||||||
ServiceMesh bool `yaml:"serviceMesh" json:"serviceMesh" default:"true"`
|
ServiceMesh bool `yaml:"serviceMesh" json:"serviceMesh" default:"true"`
|
||||||
Tls bool `yaml:"tls" json:"tls" default:"true"`
|
Tls bool `yaml:"tls" json:"tls" default:"true"`
|
||||||
DisableTlsLog bool `yaml:"disableTlsLog" json:"disableTlsLog" default:"true"`
|
DisableTlsLog bool `yaml:"disableTlsLog" json:"disableTlsLog" default:"true"`
|
||||||
|
|||||||
@@ -160,6 +160,14 @@ Example for overriding image names:
|
|||||||
| `tap.resources.tracer.limits.memory` | Memory limit for tracer | `3Gi` |
|
| `tap.resources.tracer.limits.memory` | Memory limit for tracer | `3Gi` |
|
||||||
| `tap.resources.tracer.requests.cpu` | CPU request for tracer | `50m` |
|
| `tap.resources.tracer.requests.cpu` | CPU request for tracer | `50m` |
|
||||||
| `tap.resources.tracer.requests.memory` | Memory request for tracer | `50Mi` |
|
| `tap.resources.tracer.requests.memory` | Memory request for tracer | `50Mi` |
|
||||||
|
| `tap.probes.hub.initialDelaySeconds` | Initial delay before probing the hub | `15` |
|
||||||
|
| `tap.probes.hub.periodSeconds` | Period between probes for the hub | `10` |
|
||||||
|
| `tap.probes.hub.successThreshold` | Number of successful probes before considering the hub healthy | `1` |
|
||||||
|
| `tap.probes.hub.failureThreshold` | Number of failed probes before considering the hub unhealthy | `3` |
|
||||||
|
| `tap.probes.sniffer.initialDelaySeconds` | Initial delay before probing the sniffer | `15` |
|
||||||
|
| `tap.probes.sniffer.periodSeconds` | Period between probes for the sniffer | `10` |
|
||||||
|
| `tap.probes.sniffer.successThreshold` | Number of successful probes before considering the sniffer healthy | `1` |
|
||||||
|
| `tap.probes.sniffer.failureThreshold` | Number of failed probes before considering the sniffer unhealthy | `3` |
|
||||||
| `tap.serviceMesh` | Capture traffic from service meshes like Istio, Linkerd, Consul, etc. | `true` |
|
| `tap.serviceMesh` | Capture traffic from service meshes like Istio, Linkerd, Consul, etc. | `true` |
|
||||||
| `tap.tls` | Capture the encrypted/TLS traffic from cryptography libraries like OpenSSL | `true` |
|
| `tap.tls` | Capture the encrypted/TLS traffic from cryptography libraries like OpenSSL | `true` |
|
||||||
| `tap.disableTlsLog` | Suppress logging for TLS/eBPF | `true` |
|
| `tap.disableTlsLog` | Suppress logging for TLS/eBPF | `true` |
|
||||||
|
|||||||
@@ -65,17 +65,17 @@ spec:
|
|||||||
{{- end }}
|
{{- end }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
readinessProbe:
|
readinessProbe:
|
||||||
periodSeconds: 1
|
periodSeconds: {{ .Values.tap.probes.hub.periodSeconds }}
|
||||||
failureThreshold: 3
|
failureThreshold: {{ .Values.tap.probes.hub.failureThreshold }}
|
||||||
successThreshold: 1
|
successThreshold: {{ .Values.tap.probes.hub.successThreshold }}
|
||||||
initialDelaySeconds: 3
|
initialDelaySeconds: {{ .Values.tap.probes.hub.initialDelaySeconds }}
|
||||||
tcpSocket:
|
tcpSocket:
|
||||||
port: 8080
|
port: 8080
|
||||||
livenessProbe:
|
livenessProbe:
|
||||||
periodSeconds: 1
|
periodSeconds: {{ .Values.tap.probes.hub.periodSeconds }}
|
||||||
failureThreshold: 3
|
failureThreshold: {{ .Values.tap.probes.hub.failureThreshold }}
|
||||||
successThreshold: 1
|
successThreshold: {{ .Values.tap.probes.hub.successThreshold }}
|
||||||
initialDelaySeconds: 3
|
initialDelaySeconds: {{ .Values.tap.probes.hub.initialDelaySeconds }}
|
||||||
tcpSocket:
|
tcpSocket:
|
||||||
port: 8080
|
port: 8080
|
||||||
resources:
|
resources:
|
||||||
|
|||||||
@@ -163,17 +163,17 @@ spec:
|
|||||||
drop:
|
drop:
|
||||||
- ALL
|
- ALL
|
||||||
readinessProbe:
|
readinessProbe:
|
||||||
periodSeconds: 1
|
periodSeconds: {{ .Values.tap.probes.sniffer.periodSeconds }}
|
||||||
failureThreshold: 3
|
failureThreshold: {{ .Values.tap.probes.sniffer.failureThreshold }}
|
||||||
successThreshold: 1
|
successThreshold: {{ .Values.tap.probes.sniffer.successThreshold }}
|
||||||
initialDelaySeconds: 5
|
initialDelaySeconds: {{ .Values.tap.probes.sniffer.initialDelaySeconds }}
|
||||||
tcpSocket:
|
tcpSocket:
|
||||||
port: {{ .Values.tap.proxy.worker.srvPort }}
|
port: {{ .Values.tap.proxy.worker.srvPort }}
|
||||||
livenessProbe:
|
livenessProbe:
|
||||||
periodSeconds: 1
|
periodSeconds: {{ .Values.tap.probes.sniffer.periodSeconds }}
|
||||||
failureThreshold: 3
|
failureThreshold: {{ .Values.tap.probes.sniffer.failureThreshold }}
|
||||||
successThreshold: 1
|
successThreshold: {{ .Values.tap.probes.sniffer.successThreshold }}
|
||||||
initialDelaySeconds: 5
|
initialDelaySeconds: {{ .Values.tap.probes.sniffer.initialDelaySeconds }}
|
||||||
tcpSocket:
|
tcpSocket:
|
||||||
port: {{ .Values.tap.proxy.worker.srvPort }}
|
port: {{ .Values.tap.proxy.worker.srvPort }}
|
||||||
volumeMounts:
|
volumeMounts:
|
||||||
|
|||||||
@@ -59,6 +59,17 @@ tap:
|
|||||||
requests:
|
requests:
|
||||||
cpu: 50m
|
cpu: 50m
|
||||||
memory: 50Mi
|
memory: 50Mi
|
||||||
|
probes:
|
||||||
|
hub:
|
||||||
|
initialDelaySeconds: 15
|
||||||
|
periodSeconds: 10
|
||||||
|
successThreshold: 1
|
||||||
|
failureThreshold: 3
|
||||||
|
sniffer:
|
||||||
|
initialDelaySeconds: 15
|
||||||
|
periodSeconds: 10
|
||||||
|
successThreshold: 1
|
||||||
|
failureThreshold: 3
|
||||||
serviceMesh: true
|
serviceMesh: true
|
||||||
tls: true
|
tls: true
|
||||||
disableTlsLog: true
|
disableTlsLog: true
|
||||||
|
|||||||
Reference in New Issue
Block a user