github/kubeshark
1
0
Fork 0
mirror of https://github.com/kubeshark/kubeshark.git synced 2025-07-07 05:19:15 +00:00
Code Issues Packages Projects Releases Wiki Activity
2,048 Commits 84 Branches 952 Tags 174 MiB
bpf-priviledged
Commit Graph

379 Commits

Author SHA1 Message Date
Alon Girmonsky
d4d1001cd8 templating bpf privileged helm value. 2024-12-26 12:29:18 -08:00
Alon Girmonsky
b377bfe35f
Revert "Revert "Initialize kubeshark pinned eBPF resources inside init container (#1665)" (#1676)" (#1678) 
This reverts commit 12f8883052.
 2024-12-25 16:21:08 -08:00
Serhii Ponomarenko
5242d9af07
🛂 Add save/activate/delete role scripting permissions (#1675) 
* 🛂 Add save/activate/delete role scripting permissions

* 🔧 Add scripting permissions to tap-config

* 🔨 Re-generate helm values & `complete.yaml`

* 📝 Add scripting permissions to helm chart docs

* 🏷️ Make scripting permissions `true` by default

---------

Co-authored-by: Alon Girmonsky <1990761+alongir@users.noreply.github.com>
 2024-12-25 12:33:16 -08:00
M. Mert Yildiran
12f8883052
Revert "Initialize kubeshark pinned eBPF resources inside init container (#1665)" (#1676) 
This reverts commit 29de008f22.
 2024-12-25 11:21:51 -08:00
Alon Girmonsky
7eef5efcd9
Added security capabilities, especially IPC_LOCK (#1671) 
to Sniffer in case eBPF traffic capture mechanism is used.
 2024-12-23 16:49:54 -08:00
M. Mert Yildiran
af47154a8d
Revert "Add CUSTOM_MACROS to ConfigMap" 
This reverts commit 17759d296d.
 2024-12-23 21:26:42 +03:00
M. Mert Yildiran
17759d296d
Add CUSTOM_MACROS to ConfigMap 2024-12-23 21:25:11 +03:00
Ilya Gavrilov
29de008f22
Initialize kubeshark pinned eBPF resources inside init container (#1665) 
* Clean kubeshark pinned bpf resources inside init container

* Clean kubeshark pinned bpf resources inside init container

* Update 09-worker-daemon-set.yaml

* add IPC_LOCK capability to sniffer

* add init container to mount bpf filesystem

* add init container to mount bpf filesystem

---------

Co-authored-by: Alon Girmonsky <1990761+alongir@users.noreply.github.com>
 2024-12-19 16:20:13 -08:00
Volodymyr Stoiko
261a0ca1a9
Replace sniffer 30001 port with 48999 (#1670) 
Co-authored-by: Alon Girmonsky <1990761+alongir@users.noreply.github.com>
 2024-12-19 12:37:01 -08:00
Volodymyr Stoiko
e819e9b697
Add hub metrics port (#1666) 
* Add hub metrics port

* Add policies and service

* Use static 9100 port for hub metrics

* fix

---------

Co-authored-by: Alon Girmonsky <1990761+alongir@users.noreply.github.com>
 2024-12-19 12:06:29 -08:00
Alon Girmonsky
a03aa56d07
removed the loglevel flag (#1669) 
following reverting tracer version: https://github.com/kubeshark/worker/pull/478
 2024-12-16 12:34:51 -08:00
Serhii Ponomarenko
83f437f3f8
🛂 Create save/activate/delete role scripting permissions (#1667) 
Co-authored-by: Alon Girmonsky <1990761+alongir@users.noreply.github.com>
 2024-12-16 11:19:00 -08:00
Alon Girmonsky
4cabf13788
from debug to logLevel (#1668) 
* updated helm values

* removed the tap.debug field
from the tapConfig struct

* Revert "removed the tap.debug field"

This reverts commit f911c02f0d.

* support the -d --debug command
with the new logLevel flag
 2024-12-15 17:27:05 -08:00
Alon Girmonsky
cd1d7e4a58 🔖 Bump the Helm chart version to 52.3.92 2024-12-09 11:42:05 -08:00
Alon Girmonsky
80fa18cbba
Added LDAP support (#1647) 2024-12-08 15:02:50 -08:00
Alon Girmonsky
dfbb321084
Default startup values change (#1646) 
* updated the defaultFilter default values and docs.

* fixed a small err in the docs
 2024-12-08 14:48:13 -08:00
Volodymyr Stoiko
993b8ae19e
Add permissions to watch namespaces (#1644) 
* Add permissions to watch namespaces

* Allow watching all namespaces

---------

Co-authored-by: Alon Girmonsky <1990761+alongir@users.noreply.github.com>
 2024-12-03 18:32:23 -08:00
Alon Girmonsky
77f81c8ab3 🔖 Bump the Helm chart version to 52.3.91 2024-12-01 15:26:34 -08:00
Alon Girmonsky
4817ed2a80 🔖 Bump the Helm chart version to 52.3.90 2024-11-20 12:47:04 +02:00
Alon Girmonsky
67006e2fc7 🔖 Bump the Helm chart version to 52.3.89 2024-11-10 15:04:27 -08:00
Volodymyr Stoiko
8e135d570b
Remove pfring leftovers from ds (#1642) 
Co-authored-by: Alon Girmonsky <1990761+alongir@users.noreply.github.com>
 2024-11-06 11:11:44 -08:00
Volodymyr Stoiko
80d23d62bd
Remove PF_RING references (#1638) 
* Remove PF_RING references

* Update values

---------

Co-authored-by: Alon Girmonsky <1990761+alongir@users.noreply.github.com>
 2024-11-05 14:13:50 -08:00
Volodymyr Stoiko
4a6628a3e8
Fix helm resource requests/limits templates (#1639) 2024-11-05 13:03:21 -08:00
Alon Girmonsky
bec0b25daa 🔖 Bump the Helm chart version to 52.3.88 2024-11-02 13:11:02 -07:00
Alon Girmonsky
9248f07af0 missing commit 2024-11-02 09:50:30 -07:00
Alon Girmonsky
a1e05db4b0 Improved resource limits and requests Helm templating 2024-11-02 09:49:45 -07:00
Alon Girmonsky
b3f6fdc831
Added an ability to override image names for a case, where when using a CI, one needs to use individual image names (#1636) 2024-10-31 21:18:13 -07:00
Alon Girmonsky
e0c010eb29 🔖 Bump the Helm chart version to 52.3.87 2024-10-30 12:51:15 -07:00
Alon Girmonsky
d1b4f9dcb1 🔖 Bump the Helm chart version to 52.3.86 2024-10-29 21:53:23 -07:00
Alon Girmonsky
629fb118e8 Revert "Set resource guard to true by default." 
This reverts commit a7692a664d.
 2024-10-29 21:49:25 -07:00
Alon Girmonsky
b7ab3da6d2 🔖 Bump the Helm chart version to 52.3.85 2024-10-29 16:42:31 -07:00
Alon Girmonsky
3027fdab40 fixed an issue that was added for debugging purposes 2024-10-29 16:22:31 -07:00
Alon Girmonsky
a7692a664d Set resource guard to true by default. 2024-10-29 15:11:07 -07:00
Alon Girmonsky
696f3fca93 Merge branch 'master' of github.com:kubeshark/kubeshark 2024-10-26 17:36:54 -07:00
Serhii Ponomarenko
ba9b85bb12
Revert "🐛 Prevent hub host-not-found nginx upstream error in front (#1628)" (#1633) 
This reverts commit cc3f8c86ff.
 2024-10-25 11:31:03 -07:00
Alon Girmonsky
6a890e6653 Removed the timestamp>now() fro the globalFilter flag. 2024-10-25 10:41:06 -07:00
Alon Girmonsky
22766c2983 remove tcp and udp dissectors by default 2024-10-21 13:03:53 -07:00
Alon Girmonsky
da1d2c5260 changed tap.stopped to false by default 2024-10-21 12:59:25 -07:00
Volodymyr Stoiko
f026c3604a
Add networkpolicies permissions (#1631) 
Co-authored-by: Alon Girmonsky <1990761+alongir@users.noreply.github.com>
 2024-10-19 17:02:42 -07:00
Alon Girmonsky
517c127d93 🔖 Bump the Helm chart version to 52.3.84 2024-10-17 12:16:45 -07:00
Alon Girmonsky
580c612982 added timestamp>now() as a global filter 2024-10-17 12:05:35 -07:00
Alon Girmonsky
7a1cd9afbc set disableTlsLog to true by default. 2024-10-17 10:48:11 -07:00
Alon Girmonsky
816f614ebb change CPU limit to no limit 
Change memory limit to 3Gi
 2024-10-16 11:01:25 -07:00
Alon Girmonsky
674a554767
scripting-revamp-1 (#1630) 
* First commit in this PR
Added `scripting.active` as a helm value

* added `scripting.active` to the config struct and the helm chart
this array of strings will include the active script titles

* updated the `active` filed in the script struct

* go mod tidy

* update go ver to 1.21.1
 2024-10-15 10:35:38 -07:00
Serhii Ponomarenko
cc3f8c86ff
🐛 Prevent hub host-not-found nginx upstream error in front (#1628) 
* 🔧 Add `proxy_next_upstream` to retry finding `hub`

* 🔨 Set up `front` init-container to wait for `hub`

* Revert "🔧 Add `proxy_next_upstream` to retry finding `hub`"

This reverts commit 118b173069.

---------

Co-authored-by: Alon Girmonsky <1990761+alongir@users.noreply.github.com>
 2024-10-15 09:48:11 -07:00
Alon Girmonsky
b7b0e3dcee 🔖 Bump the Helm chart version to 52.3.83 2024-10-09 21:57:05 -07:00
Alon Girmonsky
1926067bd9 🔖 Bump the Helm chart version to 72.3.83 2024-10-09 21:46:06 -07:00
Serhii Ponomarenko
223ada3e2b
🔨 Add tap.presetFiltersChangingEnabled helm value (#1627) 
* 🔨 Replace default-filter `front` env with config

* 🔨 Add `tap.presetFiltersChangingEnabled` helm value

* 🔨 Add preset-filters-changing-enabled `front` env

* 🔨 Add preset-filters-changing-enabled config
 2024-10-08 18:24:49 -07:00
bogdanvbalan
783aa03b6a
Feat pcapsaver (#1621) 
* Add cmd to copy pcaps from worker

* Update commands to merge pcaps

* Remove test img

* Remove usage of http endpoint in copy

* Unify commands

* Add copy flag

* Address review comments

* Update k8s config path processing

* Remove debug prints

* setting the pcapSrcDit to the name of the command

* Update values.yaml

* Remove the start,stop and copy flags

* Clean up the the code a bit
Changed the logic so it's either copy or start/stop.
Works well for a first version.

* Improved the logic

* Changed pcapdump enable flag to boolean

* Added helm value documentation

* minor default configuration changes

* Fix default val for enabled

* Final changes
Cleaned up the helm worker template
Improve the logic a bit

* Code cleanup
Changed instances of `enable` to `enabled` for purpose of consistency
Removed unused helm environment variables

* Enable merging all node files to a single file.
Before the outcome had been a merged file per node.
Now the outcome is a single merged file for all nodes.

* Committed for testing purpose

* Reduced the initial disk foot print to 10MB per node

---------

Co-authored-by: bogdan.balan1 <bogdanvalentin.balan@1nce.com>
Co-authored-by: Alon Girmonsky <1990761+alongir@users.noreply.github.com>
 2024-10-07 08:39:52 -07:00
Volodymyr Stoiko
afa81e7be9
Update README with resource guard configuration (#1623) 2024-09-30 13:06:21 -07:00