diff --git a/cmd/tap.go b/cmd/tap.go index 4aeedae89..ee03011d6 100644 --- a/cmd/tap.go +++ b/cmd/tap.go @@ -61,4 +61,5 @@ func init() { tapCmd.Flags().Bool(configStructs.TlsLabel, defaultTapConfig.Tls, "Capture the traffic that's encrypted with OpenSSL or Go crypto/tls libraries") tapCmd.Flags().Bool(configStructs.IgnoreTaintedLabel, defaultTapConfig.IgnoreTainted, "Ignore tainted pods while running Worker DaemonSet") tapCmd.Flags().Bool(configStructs.IngressEnabledLabel, defaultTapConfig.Ingress.Enabled, "Enable Ingress") + tapCmd.Flags().Bool(configStructs.TelemetryEnabledLabel, defaultTapConfig.Telemetry.Enabled, "Enable/disable Telemetry") } diff --git a/cmd/tapRunner.go b/cmd/tapRunner.go index be50c054e..a6ff4b99f 100644 --- a/cmd/tapRunner.go +++ b/cmd/tapRunner.go @@ -77,6 +77,11 @@ func tap() { state.targetNamespaces = kubernetesProvider.GetNamespaces() + log.Info(). + Bool("enabled", config.Config.Tap.Telemetry.Enabled). + Str("notice", "Telemetry can be disabled by setting the flag: --telemetry-enabled=false"). + Msg("Telemetry") + log.Info().Strs("namespaces", state.targetNamespaces).Msg("Targeting pods in:") if err := printTargetedPodsPreview(ctx, kubernetesProvider, state.targetNamespaces); err != nil { diff --git a/config/configStructs/tapConfig.go b/config/configStructs/tapConfig.go index 2dd0bf3fa..a8d7ffbd3 100644 --- a/config/configStructs/tapConfig.go +++ b/config/configStructs/tapConfig.go @@ -27,6 +27,7 @@ const ( TlsLabel = "tls" IgnoreTaintedLabel = "ignoretainted" IngressEnabledLabel = "ingress-enabled" + TelemetryEnabledLabel = "telemetry-enabled" DebugLabel = "debug" ContainerPort = 80 ContainerPortStr = "80" @@ -100,6 +101,10 @@ type ReleaseConfig struct { Namespace string `yaml:"namespace" json:"namespace" default:"default"` } +type TelemetryConfig struct { + Enabled bool `yaml:"enabled" json:"enabled" default:"true"` +} + type TapConfig struct { Docker DockerConfig `yaml:"docker" json:"docker"` Proxy ProxyConfig `yaml:"proxy" json:"proxy"` @@ -123,6 +128,7 @@ type TapConfig struct { Ingress IngressConfig `yaml:"ingress" json:"ingress"` IPv6 bool `yaml:"ipv6" json:"ipv6" default:"true"` Debug bool `yaml:"debug" json:"debug" default:"false"` + Telemetry TelemetryConfig `yaml:"telemetry" json:"telemetry"` } func (config *TapConfig) PodRegex() *regexp.Regexp { diff --git a/helm-chart/templates/13-config-map.yaml b/helm-chart/templates/13-config-map.yaml index 90492b738..14b56b013 100644 --- a/helm-chart/templates/13-config-map.yaml +++ b/helm-chart/templates/13-config-map.yaml @@ -14,3 +14,4 @@ data: AUTH_ENABLED: '{{ .Values.tap.auth.enabled | ternary "true" "" }}' AUTH_APPROVED_EMAILS: '{{ gt (len .Values.tap.auth.approvedemails) 0 | ternary (join "," .Values.tap.auth.approvedemails) "" }}' AUTH_APPROVED_DOMAINS: '{{ gt (len .Values.tap.auth.approveddomains) 0 | ternary (join "," .Values.tap.auth.approveddomains) "" }}' + TELEMETRY_DISABLED: '{{ not .Values.tap.telemetry.enabled | ternary "true" "" }}' diff --git a/helm-chart/values.yaml b/helm-chart/values.yaml index c4762f709..b36ad2972 100644 --- a/helm-chart/values.yaml +++ b/helm-chart/values.yaml @@ -78,4 +78,6 @@ tap: servicemesh: true storageclass: standard storagelimit: 200Mi + telemetry: + enabled: true tls: true diff --git a/manifests/complete.yaml b/manifests/complete.yaml index 46dfdba47..2b8f97771 100644 --- a/manifests/complete.yaml +++ b/manifests/complete.yaml @@ -80,6 +80,7 @@ data: AUTH_ENABLED: '' AUTH_APPROVED_EMAILS: '' AUTH_APPROVED_DOMAINS: '' + TELEMETRY_DISABLED: '' --- # Source: kubeshark/templates/02-cluster-role.yaml apiVersion: rbac.authorization.k8s.io/v1