k3s/examples/sysdig-cloud/sysdig-rc.yaml

#Use this sysdig.yaml when Daemon Sets are NOT enabled on Kubernetes (minimum version 1.1.1). If Daemon Sets are available, use the other example sysdig.yaml - that is the recommended method.

apiVersion: v1
kind: ReplicationController                     
metadata:
  name: sysdig-agent
  labels:
    app: sysdig-agent
spec:
  replicas: 100             #REQUIRED - replace with the maximum number of slave nodes in the cluster
  template:
    spec:
      volumes:
      - name: docker-sock
        hostPath:
         path: /var/run/docker.sock
         type: Socket
      - name: dev-vol
        hostPath:
         path: /dev
      - name: proc-vol
        hostPath:
         path: /proc
      - name: boot-vol
        hostPath:
         path: /boot
      - name: modules-vol
        hostPath:
         path: /lib/modules
      - name: usr-vol
        hostPath:
          path: /usr
      hostNetwork: true
      hostPID: true
      containers:
      - name: sysdig-agent
        image: sysdig/agent
        ports:
        - containerPort: 6666
          hostPort: 6666
        securityContext:
         privileged: true
        env:
        - name: ACCESS_KEY                                  #REQUIRED - replace with your Sysdig Cloud access key
          value: 8312341g-5678-abcd-4a2b2c-33bcsd655
#        - name: K8S_DELEGATED_NODE                         #OPTIONAL - only necessary when connecting remotely to API server
#          value: <DELEGATED NODE IP>
#        - name: K8S_API_URI                                #OPTIONAL - only necessary when connecting remotely to API server
#          value: "http[s]://[username:passwd@]host[:port]"
#        - name: TAGS                                       #OPTIONAL
#          value: linux:ubuntu,dept:dev,local:nyc 
#        - name: COLLECTOR                                  #OPTIONAL
#          value: 192.168.183.200 
#        - name: SECURE                                     #OPTIONAL        
#          value: false
#        - name: CHECK_CERTIFICATE                          #OPTIONAL
#          value: false
#        - name: ADDITIONAL_CONF                            #OPTIONAL
#          value: "app_checks:\n  - name: nginx\n    check_module: nginx\n    pattern:\n      comm: nginx\n    conf:\n      nginx_status_url: "http://localhost:{port}/nginx_status\""
        volumeMounts:
        - mountPath: /host/var/run/docker.sock
          name: docker-sock
          readOnly: false
        - mountPath: /host/dev
          name: dev-vol
          readOnly: false
        - mountPath: /host/proc
          name: proc-vol
          readOnly: true
        - mountPath: /host/boot
          name: boot-vol
          readOnly: true
        - mountPath: /host/lib/modules
          name: modules-vol
          readOnly: true
        - mountPath: /host/usr
          name: usr-vol
          readOnly: true
Adding Sysdig Cloud example 2016-07-18 06:42:15 +00:00			`#Use this sysdig.yaml when Daemon Sets are NOT enabled on Kubernetes (minimum version 1.1.1). If Daemon Sets are available, use the other example sysdig.yaml - that is the recommended method.`

			`apiVersion: v1`
			`kind: ReplicationController`
			`metadata:`
			`name: sysdig-agent`
			`labels:`
			`app: sysdig-agent`
			`spec:`
			`replicas: 100 #REQUIRED - replace with the maximum number of slave nodes in the cluster`
			`template:`
			`spec:`
			`volumes:`
			`- name: docker-sock`
			`hostPath:`
			`path: /var/run/docker.sock`
update related files 2017-06-18 13:34:24 +00:00			`type: Socket`
Adding Sysdig Cloud example 2016-07-18 06:42:15 +00:00			`- name: dev-vol`
			`hostPath:`
			`path: /dev`
			`- name: proc-vol`
			`hostPath:`
			`path: /proc`
			`- name: boot-vol`
			`hostPath:`
			`path: /boot`
			`- name: modules-vol`
			`hostPath:`
			`path: /lib/modules`
			`- name: usr-vol`
			`hostPath:`
			`path: /usr`
			`hostNetwork: true`
			`hostPID: true`
			`containers:`
			`- name: sysdig-agent`
			`image: sysdig/agent`
			`ports:`
			`- containerPort: 6666`
			`hostPort: 6666`
			`securityContext:`
			`privileged: true`
			`env:`
			`- name: ACCESS_KEY #REQUIRED - replace with your Sysdig Cloud access key`
			`value: 8312341g-5678-abcd-4a2b2c-33bcsd655`
			`# - name: K8S_DELEGATED_NODE #OPTIONAL - only necessary when connecting remotely to API server`
			`# value: <DELEGATED NODE IP>`
			`# - name: K8S_API_URI #OPTIONAL - only necessary when connecting remotely to API server`
			`# value: "http[s]://[username:passwd@]host[:port]"`
			`# - name: TAGS #OPTIONAL`
			`# value: linux:ubuntu,dept:dev,local:nyc`
			`# - name: COLLECTOR #OPTIONAL`
			`# value: 192.168.183.200`
			`# - name: SECURE #OPTIONAL`
			`# value: false`
			`# - name: CHECK_CERTIFICATE #OPTIONAL`
			`# value: false`
			`# - name: ADDITIONAL_CONF #OPTIONAL`
			`# value: "app_checks:\n - name: nginx\n check_module: nginx\n pattern:\n comm: nginx\n conf:\n nginx_status_url: "http://localhost:{port}/nginx_status\""`
			`volumeMounts:`
			`- mountPath: /host/var/run/docker.sock`
			`name: docker-sock`
			`readOnly: false`
			`- mountPath: /host/dev`
			`name: dev-vol`
			`readOnly: false`
			`- mountPath: /host/proc`
			`name: proc-vol`
			`readOnly: true`
			`- mountPath: /host/boot`
			`name: boot-vol`
			`readOnly: true`
			`- mountPath: /host/lib/modules`
			`name: modules-vol`
			`readOnly: true`
			`- mountPath: /host/usr`
			`name: usr-vol`
addressed comments 2016-07-23 00:22:46 +00:00			`readOnly: true`