github.com/qsunny/k8s@v0.0.0-20220101153623-e6dca256d5bf/examples-master/staging/sysdig-cloud/sysdig-rc.yaml

github.com/qsunny/k8s@v0.0.0-20220101153623-e6dca256d5bf/examples-master/staging/sysdig-cloud/sysdig-rc.yaml (about)

     1  #Use this sysdig.yaml when Daemon Sets are NOT enabled on Kubernetes (minimum version 1.1.1). If Daemon Sets are available, use the other example sysdig.yaml - that is the recommended method.
     2  
     3  apiVersion: v1
     4  kind: ReplicationController                     
     5  metadata:
     6    name: sysdig-agent
     7    labels:
     8      app: sysdig-agent
     9  spec:
    10    replicas: 100             #REQUIRED - replace with the maximum number of slave nodes in the cluster
    11    template:
    12      spec:
    13        volumes:
    14        - name: docker-sock
    15          hostPath:
    16           path: /var/run/docker.sock
    17           type: Socket
    18        - name: dev-vol
    19          hostPath:
    20           path: /dev
    21        - name: proc-vol
    22          hostPath:
    23           path: /proc
    24        - name: boot-vol
    25          hostPath:
    26           path: /boot
    27        - name: modules-vol
    28          hostPath:
    29           path: /lib/modules
    30        - name: usr-vol
    31          hostPath:
    32            path: /usr
    33        hostNetwork: true
    34        hostPID: true
    35        containers:
    36        - name: sysdig-agent
    37          image: sysdig/agent
    38          ports:
    39          - containerPort: 6666
    40            hostPort: 6666
    41          securityContext:
    42           privileged: true
    43          env:
    44          - name: ACCESS_KEY                                  #REQUIRED - replace with your Sysdig Cloud access key
    45            value: 8312341g-5678-abcd-4a2b2c-33bcsd655
    46  #        - name: K8S_DELEGATED_NODE                         #OPTIONAL - only necessary when connecting remotely to API server
    47  #          value: <DELEGATED NODE IP>
    48  #        - name: K8S_API_URI                                #OPTIONAL - only necessary when connecting remotely to API server
    49  #          value: "http[s]://[username:passwd@]host[:port]"
    50  #        - name: TAGS                                       #OPTIONAL
    51  #          value: linux:ubuntu,dept:dev,local:nyc 
    52  #        - name: COLLECTOR                                  #OPTIONAL
    53  #          value: 192.168.183.200 
    54  #        - name: SECURE                                     #OPTIONAL        
    55  #          value: false
    56  #        - name: CHECK_CERTIFICATE                          #OPTIONAL
    57  #          value: false
    58  #        - name: ADDITIONAL_CONF                            #OPTIONAL
    59  #          value: "app_checks:\n  - name: nginx\n    check_module: nginx\n    pattern:\n      comm: nginx\n    conf:\n      nginx_status_url: "http://localhost:{port}/nginx_status\""
    60          volumeMounts:
    61          - mountPath: /host/var/run/docker.sock
    62            name: docker-sock
    63            readOnly: false
    64          - mountPath: /host/dev
    65            name: dev-vol
    66            readOnly: false
    67          - mountPath: /host/proc
    68            name: proc-vol
    69            readOnly: true
    70          - mountPath: /host/boot
    71            name: boot-vol
    72            readOnly: true
    73          - mountPath: /host/lib/modules
    74            name: modules-vol
    75            readOnly: true
    76          - mountPath: /host/usr
    77            name: usr-vol
    78            readOnly: true