Skip to content

Commit

Permalink
rewrite node-agent config
Browse files Browse the repository at this point in the history
Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>
  • Loading branch information
matthyx committed Jul 5, 2023
1 parent 2f88868 commit 99bc3ae
Show file tree
Hide file tree
Showing 3 changed files with 30 additions and 32 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -2,30 +2,13 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ .Values.nodeAgent.config.name }}
name: {{ .Values.nodeAgent.name }}
namespace: {{ .Values.ksNamespace }}
data:
ConfigurationFile.json: |
config.json: |
{
"sniffer": {
"services": [
{
"Name": "relevantCVEs"
}
],
"maxSniffingTimePerContainer": {{ .Values.nodeAgent.config.maxLearningPeriod }}
},
"falcoEbpfEngine": {
"kernelObjPath": "/root/.falco/falco-bpf.o",
"ebpfEngineLoaderPath": "/etc/node-agent/resources/ebpf/falco/userspace_app"
},
"node": {
"name": ""
},
"db": {
"updateDataPeriod": {{ .Values.nodeAgent.config.learningPeriod }}
},
"clusterName": "{{ regexReplaceAll "\\W+" .Values.clusterName "-" }}",
"accountID": "{{ .Values.account }}"
"relevantCVEServiceEnabled": true,
"maxSniffingTimePerContainer": "{{ .Values.nodeAgent.config.maxLearningPeriod }}",
"updateDataPeriod": "{{ .Values.nodeAgent.config.learningPeriod }}"
}
{{- end }}
Original file line number Diff line number Diff line change
Expand Up @@ -57,6 +57,18 @@ spec:
kubernetes.io/os: linux
kubernetes.io/arch: amd64
volumes:
- name: {{ .Values.global.cloudConfig }}
configMap:
name: {{ .Values.global.cloudConfig }}
items:
- key: "clusterData"
path: "clusterData.json"
- name: config
configMap:
name: {{ .Values.nodeAgent.name }}
items:
- key: "config.json"
path: "config.json"
{{- range .Values.nodeAgent.volumes }}
- name: {{ .name }}
{{- if .configMap }}
Expand Down Expand Up @@ -121,6 +133,14 @@ spec:
add:
- SYS_ADMIN
volumeMounts:
- name: {{ .Values.global.cloudConfig }}
mountPath: /etc/config/clusterData.json
readOnly: true
subPath: "clusterData.json"
- name: config
mountPath: /etc/config/config.json
readOnly: true
subPath: "config.json"
{{- range .Values.nodeAgent.containers.nodeAgent.volumeMounts }}
- mountPath: {{ .mountPath }}
name: {{ .name }}
Expand Down
15 changes: 5 additions & 10 deletions charts/kubescape-cloud-operator/values.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -570,9 +570,8 @@ nodeAgent:
name: "node-agent"

config:
name: node-agent-config-map
maxLearningPeriod: 180 # minutes
learningPeriod: 2 # minutes
maxLearningPeriod: 3h
learningPeriod: 2m

resources:
requests:
Expand Down Expand Up @@ -610,20 +609,16 @@ nodeAgent:
containers:
nodeAgent:
name: node-agent
image:
image:
repository: quay.io/matthiasb_1/node-agent
tag: inspektor
tag: rewrite
pullPolicy: Always
env:
- name: CONFIG_ENV_VAR
value: "/etc/node-agent/configuration/ConfigurationFile.json"
env:
- name: NodeName
valueFrom:
fieldRef:
fieldPath: spec.nodeName
volumeMounts:
- mountPath: /etc/node-agent/configuration
name: configmap-volume
- mountPath: /host
name: host
- mountPath: /run
Expand Down

0 comments on commit 99bc3ae

Please sign in to comment.