falcosecurity-retire / falco-operator Goto Github PK
View Code? Open in Web Editor NEWKubernetes operator for Falco that allows developers to manage rules for detecting intruders and backdoors
License: Apache License 2.0
Kubernetes operator for Falco that allows developers to manage rules for detecting intruders and backdoors
License: Apache License 2.0
This is my fault :D I will supply the patch tomorrow.
In this moment, the operator is deployed using the helm tiller
plugin. Not all people has helm or neither the tiller plugin installed.
Is there another user experience deploying operators like:
$ kubectl create -f https://coreos.com/operators/etcd/latest/deployment.yaml
$ kubectl create -f https://coreos.com/operators/prometheus/latest/prometheus-operator.yaml
The point is that the less external dependencies we have, the better for get more people involved using and contributing to Falco, so I think that using just kubectl
like etcd or prometheus would be awesome.
Thanks!
Right now, the repository is hosted under falcosecurity
organization and the Golang import statements refers to mumoshu
.
This should be fixed for compiling the operator.
Thanks!
A new release of Falco happened a few days ago. The Helm chart will be bumped in a few days and then, we should use the latest version of Falco.
Thanks!
What to document
Some information in the README.md should be fixed:
In daemonset.yaml line 155 configmap name falco-operator is used, but it may actually be created under different name so the correct here would be {{ template "falco.fullname" . }} just like it is used in configmap.yaml.
Hi @mumoshu,
thanks for contributing an operator for falco!
During our first test we discovered some issues i would like to share.
To get falco-operator running we had to:
v0.12.1
=> to look like: 0.12.1
in these files (related: #2):
charts/falco-operator/values.yaml
deploy/operator.yaml
deploy/operator.yaml
to use operator generated resource name for configMap:
- name: falco-operator-rules
configMap:
name: falco-operator
- name: falco-operator-rules
configMap:
name: {{ template "falco.fullname" . }}
k apply --namespace falco -f deploy/crd.yaml
k apply --namespace falco -f deploy/cr.yaml
Our complete walk through (which may be helpful for others to get started) including requirements, encountered errors and fixes for them:
falco-operator-install-walkthrough.md
Motivation
Feature
Can we please rename this project to falco-rules-operator
so that we can use this name for an officially supported install operator?
Alternatives
Keep this name the same for backward compatibility reasons, and find a new name for the new operator.
Additional context
Motivation
Current API Version is mumoshu.github.io/v1alpha1, but this doesn't represent the current state of the project well.
Feature
Change the API Group to something like falco.security.cncf.io or whatever would be consistent with other CNCF projects. The sooner thing gets in the smoother the future updates will be.
In DockerHub, there is a falco-operator image which has the 0.12.1
tag. But in the Makefile and in the deployment manifests the tag value is v0.12.1
.
AFAIK, the convention followed for Falco is to use vX.XX.X for git tag name and use just X.XX.X for images uploaded to DockerHub.
So I think, this should be fixed because otherwise an ErrImagePull is received.
Thanks!
Falco now accepts SIGHUP that triggers a restart. Use it so that falco-operator takes less time to restart falco, and therefore less chances to miss events.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.