github.com/qsunny/k8s@v0.0.0-20220101153623-e6dca256d5bf/examples-master/staging/sysdig-cloud/sysdig-daemonset.yaml

github.com/qsunny/k8s@v0.0.0-20220101153623-e6dca256d5bf/examples-master/staging/sysdig-cloud/sysdig-daemonset.yaml (about)

     1  #Use this sysdig.yaml when Daemon Sets are enabled on Kubernetes (minimum version 1.1.1). Otherwise use the RC method.
     2  
     3  apiVersion: apps/v1  #for k8s versions before 1.9.0 use apps/v1beta2  and before 1.8.0 use extensions/v1beta1
     4  kind: DaemonSet
     5  metadata:
     6    name: sysdig-agent
     7    labels:
     8      app: sysdig-agent
     9  spec:
    10    selector:
    11      matchLabels:
    12        name: sysdig-agent
    13    template:
    14      metadata:
    15        labels:
    16          name: sysdig-agent
    17      spec:
    18        volumes:
    19        - name: docker-sock
    20          hostPath:
    21           path: /var/run/docker.sock
    22           type: Socket
    23        - name: dev-vol
    24          hostPath:
    25           path: /dev
    26        - name: proc-vol
    27          hostPath:
    28           path: /proc
    29        - name: boot-vol
    30          hostPath:
    31           path: /boot
    32        - name: modules-vol
    33          hostPath:
    34           path: /lib/modules
    35        - name: usr-vol
    36          hostPath:
    37            path: /usr
    38        hostNetwork: true
    39        hostPID: true
    40        containers:
    41        - name: sysdig-agent
    42          image: sysdig/agent
    43          securityContext:
    44           privileged: true
    45          env:
    46          - name: ACCESS_KEY                                  #REQUIRED - replace with your Sysdig Cloud access key
    47            value: 8312341g-5678-abcd-4a2b2c-33bcsd655
    48  #        - name: TAGS                                       #OPTIONAL
    49  #          value: linux:ubuntu,dept:dev,local:nyc
    50  #        - name: COLLECTOR                                  #OPTIONAL - on-prem install only
    51  #          value: 192.168.183.200
    52  #        - name: SECURE                                     #OPTIONAL - on-prem install only
    53  #          value: false
    54  #        - name: CHECK_CERTIFICATE                          #OPTIONAL - on-prem install only
    55  #          value: false
    56  #        - name: ADDITIONAL_CONF                            #OPTIONAL pass additional parameters to the agent such as authentication example provided here
    57  #          value: "k8s_uri: https://myacct:mypass@localhost:4430\nk8s_ca_certificate: k8s-ca.crt\nk8s_ssl_verify_certificate: true"
    58          volumeMounts:
    59          - mountPath: /host/var/run/docker.sock
    60            name: docker-sock
    61            readOnly: false
    62          - mountPath: /host/dev
    63            name: dev-vol
    64            readOnly: false
    65          - mountPath: /host/proc
    66            name: proc-vol
    67            readOnly: true
    68          - mountPath: /host/boot
    69            name: boot-vol
    70            readOnly: true
    71          - mountPath: /host/lib/modules
    72            name: modules-vol
    73            readOnly: true
    74          - mountPath: /host/usr
    75            name: usr-vol
    76            readOnly: true