mirror of
https://github.com/kubeshark/kubeshark.git
synced 2025-05-15 03:49:32 +00:00
264 lines
4.8 KiB
YAML
264 lines
4.8 KiB
YAML
# find a detailed description here: https://github.com/kubeshark/kubeshark/blob/master/helm-chart/README.md
|
|
tap:
|
|
docker:
|
|
registry: docker.io/kubeshark
|
|
tag: ""
|
|
tagLocked: true
|
|
imagePullPolicy: Always
|
|
imagePullSecrets: []
|
|
overrideImage:
|
|
worker: ""
|
|
hub: ""
|
|
front: ""
|
|
overrideTag:
|
|
worker: ""
|
|
hub: ""
|
|
front: ""
|
|
proxy:
|
|
worker:
|
|
srvPort: 48999
|
|
hub:
|
|
srvPort: 8898
|
|
front:
|
|
port: 8899
|
|
host: 127.0.0.1
|
|
regex: .*
|
|
namespaces: []
|
|
excludedNamespaces: []
|
|
bpfOverride: ""
|
|
stopped: false
|
|
release:
|
|
repo: https://helm.kubeshark.co
|
|
name: kubeshark
|
|
namespace: default
|
|
persistentStorage: false
|
|
persistentStorageStatic: false
|
|
persistentStoragePvcVolumeMode: FileSystem
|
|
efsFileSytemIdAndPath: ""
|
|
storageLimit: 5Gi
|
|
storageClass: standard
|
|
dryRun: false
|
|
dns:
|
|
nameservers: []
|
|
searches: []
|
|
options: []
|
|
resources:
|
|
hub:
|
|
limits:
|
|
cpu: "0"
|
|
memory: 5Gi
|
|
requests:
|
|
cpu: 50m
|
|
memory: 50Mi
|
|
sniffer:
|
|
limits:
|
|
cpu: "0"
|
|
memory: 5Gi
|
|
requests:
|
|
cpu: 50m
|
|
memory: 50Mi
|
|
tracer:
|
|
limits:
|
|
cpu: "0"
|
|
memory: 5Gi
|
|
requests:
|
|
cpu: 50m
|
|
memory: 50Mi
|
|
probes:
|
|
hub:
|
|
initialDelaySeconds: 5
|
|
periodSeconds: 5
|
|
successThreshold: 1
|
|
failureThreshold: 3
|
|
sniffer:
|
|
initialDelaySeconds: 5
|
|
periodSeconds: 5
|
|
successThreshold: 1
|
|
failureThreshold: 3
|
|
serviceMesh: true
|
|
tls: true
|
|
disableTlsLog: true
|
|
packetCapture: best
|
|
labels: {}
|
|
annotations: {}
|
|
nodeSelectorTerms:
|
|
hub:
|
|
- matchExpressions:
|
|
- key: kubernetes.io/os
|
|
operator: In
|
|
values:
|
|
- linux
|
|
workers:
|
|
- matchExpressions:
|
|
- key: kubernetes.io/os
|
|
operator: In
|
|
values:
|
|
- linux
|
|
front:
|
|
- matchExpressions:
|
|
- key: kubernetes.io/os
|
|
operator: In
|
|
values:
|
|
- linux
|
|
dex:
|
|
- matchExpressions:
|
|
- key: kubernetes.io/os
|
|
operator: In
|
|
values:
|
|
- linux
|
|
tolerations:
|
|
hub: []
|
|
workers:
|
|
- operator: Exists
|
|
effect: NoExecute
|
|
front: []
|
|
auth:
|
|
enabled: false
|
|
type: saml
|
|
saml:
|
|
idpMetadataUrl: ""
|
|
x509crt: ""
|
|
x509key: ""
|
|
roleAttribute: role
|
|
roles:
|
|
admin:
|
|
filter: ""
|
|
canDownloadPCAP: true
|
|
canUseScripting: true
|
|
scriptingPermissions:
|
|
canSave: true
|
|
canActivate: true
|
|
canDelete: true
|
|
canUpdateTargetedPods: true
|
|
canStopTrafficCapturing: true
|
|
showAdminConsoleLink: true
|
|
ingress:
|
|
enabled: false
|
|
className: ""
|
|
host: ks.svc.cluster.local
|
|
tls: []
|
|
annotations: {}
|
|
routing:
|
|
front:
|
|
basePath: ""
|
|
ipv6: true
|
|
debug: false
|
|
dashboard:
|
|
completeStreamingEnabled: true
|
|
telemetry:
|
|
enabled: true
|
|
resourceGuard:
|
|
enabled: false
|
|
watchdog:
|
|
enabled: true
|
|
gitops:
|
|
enabled: false
|
|
sentry:
|
|
enabled: false
|
|
environment: production
|
|
defaultFilter: "!dns and !error"
|
|
liveConfigMapChangesDisabled: false
|
|
globalFilter: ""
|
|
enabledDissectors:
|
|
- amqp
|
|
- dns
|
|
- http
|
|
- icmp
|
|
- kafka
|
|
- redis
|
|
- sctp
|
|
- ws
|
|
- ldap
|
|
- radius
|
|
- diameter
|
|
portMapping:
|
|
http:
|
|
- 80
|
|
- 443
|
|
- 8080
|
|
amqp:
|
|
- 5671
|
|
- 5672
|
|
kafka:
|
|
- 9092
|
|
redis:
|
|
- 6379
|
|
ldap:
|
|
- 389
|
|
diameter:
|
|
- 3868
|
|
customMacros:
|
|
https: tls and (http or http2)
|
|
metrics:
|
|
port: 49100
|
|
pprof:
|
|
enabled: false
|
|
port: 8000
|
|
view: flamegraph
|
|
misc:
|
|
jsonTTL: 5m
|
|
pcapTTL: 10s
|
|
pcapErrorTTL: 60s
|
|
trafficSampleRate: 100
|
|
tcpStreamChannelTimeoutMs: 10000
|
|
tcpStreamChannelTimeoutShow: false
|
|
resolutionStrategy: auto
|
|
duplicateTimeframe: 200ms
|
|
detectDuplicates: false
|
|
staleTimeoutSeconds: 30
|
|
securityContext:
|
|
privileged: true
|
|
appArmorProfile:
|
|
type: ""
|
|
localhostProfile: ""
|
|
seLinuxOptions:
|
|
level: ""
|
|
role: ""
|
|
type: ""
|
|
user: ""
|
|
capabilities:
|
|
networkCapture:
|
|
- NET_RAW
|
|
- NET_ADMIN
|
|
serviceMeshCapture:
|
|
- SYS_ADMIN
|
|
- SYS_PTRACE
|
|
- DAC_OVERRIDE
|
|
ebpfCapture:
|
|
- SYS_ADMIN
|
|
- SYS_PTRACE
|
|
- SYS_RESOURCE
|
|
- IPC_LOCK
|
|
mountBpf: true
|
|
logs:
|
|
file: ""
|
|
grep: ""
|
|
pcapdump:
|
|
enabled: true
|
|
timeInterval: 1m
|
|
maxTime: 1h
|
|
maxSize: 500MB
|
|
time: time
|
|
debug: false
|
|
dest: ""
|
|
kube:
|
|
configPath: ""
|
|
context: ""
|
|
dumpLogs: false
|
|
headless: false
|
|
license: ""
|
|
cloudLicenseEnabled: true
|
|
aiAssistantEnabled: true
|
|
demoModeEnabled: false
|
|
supportChatEnabled: false
|
|
internetConnectivity: true
|
|
scripting:
|
|
env: {}
|
|
source: ""
|
|
sources: []
|
|
watchScripts: true
|
|
active: []
|
|
console: true
|
|
timezone: ""
|
|
logLevel: warning
|