mirror of
https://github.com/kubeshark/kubeshark.git
synced 2026-05-21 16:43:23 +00:00
783aa03b6a
* Add cmd to copy pcaps from worker * Update commands to merge pcaps * Remove test img * Remove usage of http endpoint in copy * Unify commands * Add copy flag * Address review comments * Update k8s config path processing * Remove debug prints * setting the pcapSrcDit to the name of the command * Update values.yaml * Remove the start,stop and copy flags * Clean up the the code a bit Changed the logic so it's either copy or start/stop. Works well for a first version. * Improved the logic * Changed pcapdump enable flag to boolean * Added helm value documentation * minor default configuration changes * Fix default val for enabled * Final changes Cleaned up the helm worker template Improve the logic a bit * Code cleanup Changed instances of `enable` to `enabled` for purpose of consistency Removed unused helm environment variables * Enable merging all node files to a single file. Before the outcome had been a merged file per node. Now the outcome is a single merged file for all nodes. * Committed for testing purpose * Reduced the initial disk foot print to 10MB per node --------- Co-authored-by: bogdan.balan1 <bogdanvalentin.balan@1nce.com> Co-authored-by: Alon Girmonsky <1990761+alongir@users.noreply.github.com>
180 lines
3.3 KiB
YAML
180 lines
3.3 KiB
YAML
tap:
|
|
docker:
|
|
registry: docker.io/kubeshark
|
|
tag: ""
|
|
tagLocked: true
|
|
imagePullPolicy: Always
|
|
imagePullSecrets: []
|
|
overrideTag:
|
|
worker: ""
|
|
hub: ""
|
|
front: ""
|
|
proxy:
|
|
worker:
|
|
srvPort: 30001
|
|
hub:
|
|
srvPort: 8898
|
|
front:
|
|
port: 8899
|
|
host: 127.0.0.1
|
|
regex: .*
|
|
namespaces: []
|
|
excludedNamespaces: []
|
|
bpfOverride: ""
|
|
stopped: true
|
|
release:
|
|
repo: https://helm.kubeshark.co
|
|
name: kubeshark
|
|
namespace: default
|
|
persistentStorage: false
|
|
persistentStorageStatic: false
|
|
efsFileSytemIdAndPath: ""
|
|
storageLimit: 5000Mi
|
|
storageClass: standard
|
|
dryRun: false
|
|
resources:
|
|
hub:
|
|
limits:
|
|
cpu: 1000m
|
|
memory: 1500Mi
|
|
requests:
|
|
cpu: 50m
|
|
memory: 50Mi
|
|
sniffer:
|
|
limits:
|
|
cpu: 1000m
|
|
memory: 1500Mi
|
|
requests:
|
|
cpu: 50m
|
|
memory: 50Mi
|
|
tracer:
|
|
limits:
|
|
cpu: 1000m
|
|
memory: 1500Mi
|
|
requests:
|
|
cpu: 50m
|
|
memory: 50Mi
|
|
serviceMesh: true
|
|
tls: true
|
|
disableTlsLog: false
|
|
packetCapture: best
|
|
ignoreTainted: false
|
|
labels: {}
|
|
annotations: {}
|
|
nodeSelectorTerms:
|
|
- matchExpressions:
|
|
- key: kubernetes.io/os
|
|
operator: In
|
|
values:
|
|
- linux
|
|
auth:
|
|
enabled: false
|
|
type: saml
|
|
saml:
|
|
idpMetadataUrl: ""
|
|
x509crt: ""
|
|
x509key: ""
|
|
roleAttribute: role
|
|
roles:
|
|
admin:
|
|
filter: ""
|
|
canDownloadPCAP: true
|
|
canUseScripting: true
|
|
canUpdateTargetedPods: true
|
|
canStopTrafficCapturing: true
|
|
showAdminConsoleLink: true
|
|
ingress:
|
|
enabled: false
|
|
className: ""
|
|
host: ks.svc.cluster.local
|
|
tls: []
|
|
annotations: {}
|
|
ipv6: true
|
|
debug: false
|
|
kernelModule:
|
|
enabled: false
|
|
image: kubeshark/pf-ring-module:all
|
|
unloadOnDestroy: false
|
|
telemetry:
|
|
enabled: true
|
|
resourceGuard:
|
|
enabled: false
|
|
sentry:
|
|
enabled: false
|
|
environment: production
|
|
defaultFilter: "!dns and !tcp and !udp and !icmp"
|
|
scriptingDisabled: false
|
|
targetedPodsUpdateDisabled: false
|
|
recordingDisabled: false
|
|
stopTrafficCapturingDisabled: false
|
|
capabilities:
|
|
networkCapture:
|
|
- NET_RAW
|
|
- NET_ADMIN
|
|
serviceMeshCapture:
|
|
- SYS_ADMIN
|
|
- SYS_PTRACE
|
|
- DAC_OVERRIDE
|
|
kernelModule:
|
|
- SYS_MODULE
|
|
ebpfCapture:
|
|
- SYS_ADMIN
|
|
- SYS_PTRACE
|
|
- SYS_RESOURCE
|
|
- IPC_LOCK
|
|
globalFilter: ""
|
|
enabledDissectors:
|
|
- amqp
|
|
- dns
|
|
- http
|
|
- icmp
|
|
- kafka
|
|
- redis
|
|
- sctp
|
|
- syscall
|
|
- tcp
|
|
- udp
|
|
- ws
|
|
- tls
|
|
metrics:
|
|
port: 49100
|
|
pprof:
|
|
enabled: false
|
|
port: 8000
|
|
view: flamegraph
|
|
misc:
|
|
jsonTTL: 5m
|
|
pcapTTL: 10s
|
|
pcapErrorTTL: 60s
|
|
trafficSampleRate: 100
|
|
tcpStreamChannelTimeoutMs: 10000
|
|
tcpStreamChannelTimeoutShow: false
|
|
resolutionStrategy: auto
|
|
duplicateTimeframe: 200ms
|
|
detectDuplicates: false
|
|
staleTimeoutSeconds: 30
|
|
logs:
|
|
file: ""
|
|
grep: ""
|
|
pcapdump:
|
|
enabled: true
|
|
timeInterval: 10m
|
|
maxTime: 1h
|
|
maxSize: 50MB
|
|
pcapSrcDir: pcapdump
|
|
kube:
|
|
configPath: ""
|
|
context: ""
|
|
dumpLogs: false
|
|
headless: false
|
|
license: ""
|
|
cloudLicenseEnabled: true
|
|
supportChatEnabled: true
|
|
internetConnectivity: true
|
|
dissectorsUpdatingEnabled: true
|
|
scripting:
|
|
env: {}
|
|
source: ""
|
|
watchScripts: true
|
|
timezone: ""
|