mirror of
https://github.com/kubeshark/kubeshark.git
synced 2026-02-14 18:09:51 +00:00
4cabf13788
* updated helm values
* removed the tap.debug field
from the tapConfig struct
* Revert "removed the tap.debug field"
This reverts commit f911c02f0d.
* support the -d --debug command
with the new logLevel flag
114 lines
4.0 KiB
YAML
114 lines
4.0 KiB
YAML
---
|
|
apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
labels:
|
|
app.kubeshark.co/app: hub
|
|
{{- include "kubeshark.labels" . | nindent 4 }}
|
|
annotations:
|
|
{{- if .Values.tap.annotations }}
|
|
{{- toYaml .Values.tap.annotations | nindent 4 }}
|
|
{{- end }}
|
|
name: {{ include "kubeshark.name" . }}-hub
|
|
namespace: {{ .Release.Namespace }}
|
|
spec:
|
|
replicas: 1 # Set the desired number of replicas
|
|
selector:
|
|
matchLabels:
|
|
app.kubeshark.co/app: hub
|
|
{{- include "kubeshark.selectorLabels" . | nindent 6 }}
|
|
template:
|
|
metadata:
|
|
labels:
|
|
app.kubeshark.co/app: hub
|
|
{{- include "kubeshark.labels" . | nindent 8 }}
|
|
spec:
|
|
dnsPolicy: ClusterFirstWithHostNet
|
|
serviceAccountName: {{ include "kubeshark.serviceAccountName" . }}
|
|
containers:
|
|
- name: hub
|
|
command:
|
|
- ./hub
|
|
- -port
|
|
- "8080"
|
|
- -loglevel
|
|
- '{{ .Values.logLevel | default "warning" }}'
|
|
env:
|
|
- name: POD_NAME
|
|
valueFrom:
|
|
fieldRef:
|
|
fieldPath: metadata.name
|
|
- name: POD_NAMESPACE
|
|
valueFrom:
|
|
fieldRef:
|
|
fieldPath: metadata.namespace
|
|
- name: SENTRY_ENABLED
|
|
value: '{{ (include "sentry.enabled" .) }}'
|
|
- name: SENTRY_ENVIRONMENT
|
|
value: '{{ .Values.tap.sentry.environment }}'
|
|
- name: KUBESHARK_CLOUD_API_URL
|
|
value: 'https://api.kubeshark.co'
|
|
- name: PROFILING_ENABLED
|
|
value: '{{ .Values.tap.pprof.enabled }}'
|
|
{{- if .Values.tap.docker.overrideImage.hub }}
|
|
image: '{{ .Values.tap.docker.overrideImage.hub }}'
|
|
{{- else if .Values.tap.docker.overrideTag.hub }}
|
|
image: '{{ .Values.tap.docker.registry }}/hub:{{ .Values.tap.docker.overrideTag.hub }}'
|
|
{{ else }}
|
|
image: '{{ .Values.tap.docker.registry }}/hub:{{ not (eq .Values.tap.docker.tag "") | ternary .Values.tap.docker.tag (include "kubeshark.defaultVersion" .) }}'
|
|
{{- end }}
|
|
imagePullPolicy: {{ .Values.tap.docker.imagePullPolicy }}
|
|
{{- if .Values.tap.docker.imagePullSecrets }}
|
|
imagePullSecrets:
|
|
{{- range .Values.tap.docker.imagePullSecrets }}
|
|
- name: {{ . }}
|
|
{{- end }}
|
|
{{- end }}
|
|
readinessProbe:
|
|
periodSeconds: 1
|
|
failureThreshold: 3
|
|
successThreshold: 1
|
|
initialDelaySeconds: 3
|
|
tcpSocket:
|
|
port: 8080
|
|
livenessProbe:
|
|
periodSeconds: 1
|
|
failureThreshold: 3
|
|
successThreshold: 1
|
|
initialDelaySeconds: 3
|
|
tcpSocket:
|
|
port: 8080
|
|
resources:
|
|
limits:
|
|
{{ if ne (toString .Values.tap.resources.hub.limits.cpu) "0" }}
|
|
cpu: {{ .Values.tap.resources.hub.limits.cpu }}
|
|
{{ end }}
|
|
{{ if ne (toString .Values.tap.resources.hub.limits.memory) "0" }}
|
|
memory: {{ .Values.tap.resources.hub.limits.memory }}
|
|
{{ end }}
|
|
requests:
|
|
{{ if ne (toString .Values.tap.resources.hub.requests.cpu) "0" }}
|
|
cpu: {{ .Values.tap.resources.hub.requests.cpu }}
|
|
{{ end }}
|
|
{{ if ne (toString .Values.tap.resources.hub.requests.memor) "0" }}
|
|
memory: {{ .Values.tap.resources.hub.requests.memory }}
|
|
{{ end }}
|
|
volumeMounts:
|
|
- name: saml-x509-volume
|
|
mountPath: "/etc/saml/x509"
|
|
readOnly: true
|
|
volumes:
|
|
- name: saml-x509-volume
|
|
projected:
|
|
sources:
|
|
- secret:
|
|
name: kubeshark-saml-x509-crt-secret
|
|
items:
|
|
- key: AUTH_SAML_X509_CRT
|
|
path: kubeshark.crt
|
|
- secret:
|
|
name: kubeshark-saml-x509-key-secret
|
|
items:
|
|
- key: AUTH_SAML_X509_KEY
|
|
path: kubeshark.key
|