mirror of
https://github.com/kubeshark/kubeshark.git
synced 2025-06-23 23:08:35 +00:00
200 lines
9.4 KiB
Go
200 lines
9.4 KiB
Go
package configStructs
|
|
|
|
import (
|
|
"fmt"
|
|
"regexp"
|
|
|
|
v1 "k8s.io/api/core/v1"
|
|
networking "k8s.io/api/networking/v1"
|
|
)
|
|
|
|
const (
|
|
DockerRegistryLabel = "docker-registry"
|
|
DockerTagLabel = "docker-tag"
|
|
DockerImagePullPolicy = "docker-imagePullPolicy"
|
|
DockerImagePullSecrets = "docker-imagePullSecrets"
|
|
ProxyFrontPortLabel = "proxy-front-port"
|
|
ProxyHubPortLabel = "proxy-hub-port"
|
|
ProxyHostLabel = "proxy-host"
|
|
NamespacesLabel = "namespaces"
|
|
ReleaseNamespaceLabel = "release-namespace"
|
|
PersistentStorageLabel = "persistentStorage"
|
|
PersistentStorageStaticLabel = "persistentStorageStatic"
|
|
EfsFileSytemIdAndPathLabel = "efsFileSytemIdAndPath"
|
|
StorageLimitLabel = "storageLimit"
|
|
StorageClassLabel = "storageClass"
|
|
DryRunLabel = "dryRun"
|
|
PcapLabel = "pcap"
|
|
ServiceMeshLabel = "serviceMesh"
|
|
TlsLabel = "tls"
|
|
IgnoreTaintedLabel = "ignoreTainted"
|
|
IngressEnabledLabel = "ingress-enabled"
|
|
TelemetryEnabledLabel = "telemetry-enabled"
|
|
DebugLabel = "debug"
|
|
ContainerPort = 80
|
|
ContainerPortStr = "80"
|
|
)
|
|
|
|
type ResourceLimits struct {
|
|
CPU string `yaml:"cpu" json:"cpu" default:"750m"`
|
|
Memory string `yaml:"memory" json:"memory" default:"1Gi"`
|
|
}
|
|
|
|
type ResourceRequests struct {
|
|
CPU string `yaml:"cpu" json:"cpu" default:"50m"`
|
|
Memory string `yaml:"memory" json:"memory" default:"50Mi"`
|
|
}
|
|
|
|
type ResourceRequirements struct {
|
|
Limits ResourceLimits `yaml:"limits" json:"limits"`
|
|
Requests ResourceRequests `yaml:"requests" json:"requests"`
|
|
}
|
|
|
|
type WorkerConfig struct {
|
|
SrvPort uint16 `yaml:"srvPort" json:"srvPort" default:"30001"`
|
|
}
|
|
|
|
type HubConfig struct {
|
|
SrvPort uint16 `yaml:"srvPort" json:"srvPort" default:"8898"`
|
|
}
|
|
|
|
type FrontConfig struct {
|
|
Port uint16 `yaml:"port" json:"port" default:"8899"`
|
|
}
|
|
|
|
type ProxyConfig struct {
|
|
Worker WorkerConfig `yaml:"worker" json:"worker"`
|
|
Hub HubConfig `yaml:"hub" json:"hub"`
|
|
Front FrontConfig `yaml:"front" json:"front"`
|
|
Host string `yaml:"host" json:"host" default:"127.0.0.1"`
|
|
}
|
|
|
|
type DockerConfig struct {
|
|
Registry string `yaml:"registry" json:"registry" default:"docker.io/kubeshark"`
|
|
Tag string `yaml:"tag" json:"tag" default:""`
|
|
ImagePullPolicy string `yaml:"imagePullPolicy" json:"imagePullPolicy" default:"Always"`
|
|
ImagePullSecrets []string `yaml:"imagePullSecrets" json:"imagePullSecrets"`
|
|
}
|
|
|
|
type ResourcesConfig struct {
|
|
Hub ResourceRequirements `yaml:"hub" json:"hub"`
|
|
Sniffer ResourceRequirements `yaml:"sniffer" json:"sniffer"`
|
|
Tracer ResourceRequirements `yaml:"tracer" json:"tracer"`
|
|
}
|
|
|
|
type Role struct {
|
|
Filter string `yaml:"filter" json:"filter" default:""`
|
|
CanReplayTraffic bool `yaml:"canReplayTraffic" json:"canReplayTraffic" default:"false"`
|
|
CanDownloadPCAP bool `yaml:"canDownloadPCAP" json:"canDownloadPCAP" default:"false"`
|
|
CanUseScripting bool `yaml:"canUseScripting" json:"canUseScripting" default:"false"`
|
|
CanUpdateTargetedPods bool `yaml:"canUpdateTargetedPods" json:"canUpdateTargetedPods" default:"false"`
|
|
ShowAdminConsoleLink bool `yaml:"showAdminConsoleLink" json:"showAdminConsoleLink" default:"false"`
|
|
}
|
|
|
|
type SamlConfig struct {
|
|
IdpMetadataUrl string `yaml:"idpMetadataUrl" json:"idpMetadataUrl"`
|
|
X509crt string `yaml:"x509crt" json:"x509crt"`
|
|
X509key string `yaml:"x509key" json:"x509key"`
|
|
RoleAttribute string `yaml:"roleAttribute" json:"roleAttribute"`
|
|
Roles map[string]Role `yaml:"roles" json:"roles"`
|
|
}
|
|
|
|
type AuthConfig struct {
|
|
Enabled bool `yaml:"enabled" json:"enabled" default:"false"`
|
|
Type string `yaml:"type" json:"type" default:"saml"`
|
|
Saml SamlConfig `yaml:"saml" json:"saml"`
|
|
}
|
|
|
|
type IngressConfig struct {
|
|
Enabled bool `yaml:"enabled" json:"enabled" default:"false"`
|
|
ClassName string `yaml:"className" json:"className" default:""`
|
|
Host string `yaml:"host" json:"host" default:"ks.svc.cluster.local"`
|
|
TLS []networking.IngressTLS `yaml:"tls" json:"tls" default:"[]"`
|
|
Annotations map[string]string `yaml:"annotations" json:"annotations" default:"{}"`
|
|
}
|
|
|
|
type ReleaseConfig struct {
|
|
Repo string `yaml:"repo" json:"repo" default:"https://helm.kubeshark.co"`
|
|
Name string `yaml:"name" json:"name" default:"kubeshark"`
|
|
Namespace string `yaml:"namespace" json:"namespace" default:"default"`
|
|
}
|
|
|
|
type TelemetryConfig struct {
|
|
Enabled bool `yaml:"enabled" json:"enabled" default:"true"`
|
|
}
|
|
|
|
type CapabilitiesConfig struct {
|
|
NetworkCapture []string `yaml:"networkCapture" json:"networkCapture" default:"[]"`
|
|
ServiceMeshCapture []string `yaml:"serviceMeshCapture" json:"serviceMeshCapture" default:"[]"`
|
|
KernelModule []string `yaml:"kernelModule" json:"kernelModule" default:"[]"`
|
|
EBPFCapture []string `yaml:"ebpfCapture" json:"ebpfCapture" default:"[]"`
|
|
}
|
|
|
|
type KernelModuleConfig struct {
|
|
Enabled bool `yaml:"enabled" json:"enabled" default:"true"`
|
|
Image string `yaml:"image" json:"image" default:"kubeshark/pf-ring-module:all"`
|
|
UnloadOnDestroy bool `yaml:"unloadOnDestroy" json:"unloadOnDestroy" default:"false"`
|
|
}
|
|
|
|
type MetricsConfig struct {
|
|
Port uint16 `yaml:"port" json:"port" default:"49100"`
|
|
}
|
|
|
|
type MiscConfig struct {
|
|
JsonTTL string `yaml:"jsonTTL" json:"jsonTTL" default:"5m"`
|
|
PcapTTL string `yaml:"pcapTTL" json:"pcapTTL" default:"10s"`
|
|
PcapErrorTTL string `yaml:"pcapErrorTTL" json:"pcapErrorTTL" default:"60s"`
|
|
}
|
|
|
|
type TapConfig struct {
|
|
Docker DockerConfig `yaml:"docker" json:"docker"`
|
|
Proxy ProxyConfig `yaml:"proxy" json:"proxy"`
|
|
PodRegexStr string `yaml:"regex" json:"regex" default:".*"`
|
|
Namespaces []string `yaml:"namespaces" json:"namespaces" default:"[]"`
|
|
Release ReleaseConfig `yaml:"release" json:"release"`
|
|
PersistentStorage bool `yaml:"persistentStorage" json:"persistentStorage" default:"false"`
|
|
PersistentStorageStatic bool `yaml:"persistentStorageStatic" json:"persistentStorageStatic" default:"false"`
|
|
EfsFileSytemIdAndPath string `yaml:"efsFileSytemIdAndPath" json:"efsFileSytemIdAndPath" default:""`
|
|
StorageLimit string `yaml:"storageLimit" json:"storageLimit" default:"500Mi"`
|
|
StorageClass string `yaml:"storageClass" json:"storageClass" default:"standard"`
|
|
DryRun bool `yaml:"dryRun" json:"dryRun" default:"false"`
|
|
Resources ResourcesConfig `yaml:"resources" json:"resources"`
|
|
ServiceMesh bool `yaml:"serviceMesh" json:"serviceMesh" default:"true"`
|
|
Tls bool `yaml:"tls" json:"tls" default:"true"`
|
|
IgnoreTainted bool `yaml:"ignoreTainted" json:"ignoreTainted" default:"false"`
|
|
Labels map[string]string `yaml:"labels" json:"labels" default:"{}"`
|
|
Annotations map[string]string `yaml:"annotations" json:"annotations" default:"{}"`
|
|
NodeSelectorTerms []v1.NodeSelectorTerm `yaml:"nodeSelectorTerms" json:"nodeSelectorTerms" default:"[]"`
|
|
Auth AuthConfig `yaml:"auth" json:"auth"`
|
|
Ingress IngressConfig `yaml:"ingress" json:"ingress"`
|
|
IPv6 bool `yaml:"ipv6" json:"ipv6" default:"true"`
|
|
Debug bool `yaml:"debug" json:"debug" default:"false"`
|
|
KernelModule KernelModuleConfig `yaml:"kernelModule" json:"kernelModule"`
|
|
Telemetry TelemetryConfig `yaml:"telemetry" json:"telemetry"`
|
|
DefaultFilter string `yaml:"defaultFilter" json:"defaultFilter"`
|
|
ReplayDisabled bool `yaml:"replayDisabled" json:"replayDisabled" default:"false"`
|
|
ScriptingDisabled bool `yaml:"scriptingDisabled" json:"scriptingDisabled" default:"false"`
|
|
TargetedPodsUpdateDisabled bool `yaml:"targetedPodsUpdateDisabled" json:"targetedPodsUpdateDisabled" default:"false"`
|
|
RecordingDisabled bool `yaml:"recordingDisabled" json:"recordingDisabled" default:"false"`
|
|
Capabilities CapabilitiesConfig `yaml:"capabilities" json:"capabilities"`
|
|
GlobalFilter string `yaml:"globalFilter" json:"globalFilter"`
|
|
Metrics MetricsConfig `yaml:"metrics" json:"metrics"`
|
|
TrafficSampleRate int `yaml:"trafficSampleRate" json:"trafficSampleRate" default:"100"`
|
|
TcpStreamChannelTimeoutMs int `yaml:"tcpStreamChannelTimeoutMs" json:"tcpStreamChannelTimeoutMs" default:"10000"`
|
|
Misc MiscConfig `yaml:"misc" json:"misc"`
|
|
}
|
|
|
|
func (config *TapConfig) PodRegex() *regexp.Regexp {
|
|
podRegex, _ := regexp.Compile(config.PodRegexStr)
|
|
return podRegex
|
|
}
|
|
|
|
func (config *TapConfig) Validate() error {
|
|
_, compileErr := regexp.Compile(config.PodRegexStr)
|
|
if compileErr != nil {
|
|
return fmt.Errorf("%s is not a valid regex %s", config.PodRegexStr, compileErr)
|
|
}
|
|
|
|
return nil
|
|
}
|