Falcon node sensor small resources rejected

[sivanov-nuodb]

The Falcon node sensor custom resource doesn't accept small resources allocation. For example, the below CR will fail:

apiVersion: falcon.crowdstrike.com/v1alpha1
kind: FalconNodeSensor
metadata:
  labels:
    crowdstrike.com/instance: falcon-node-sensor
    crowdstrike.com/managed-by: terraform
    crowdstrike.com/name: falconnodesensor
    crowdstrike.com/part-of: Falcon
    crowdstrike.com/provider: crowdstrike
  name: falcon-node-sensor
spec:
  falcon_api:
    client_id: "${CLIENT_ID}"
    client_secret: "${CLIENT_SECRET}"
    cloud_region: autodiscover
  node:
    resources:
      limits:
        cpu: 500m
        memory: 128Mi
      requests:
        cpu: 100m
        memory: 50Mi
  falcon:
    trace: none
    tags:
      - daemonset

The validation regex used validation are allowing certain ranges which seems to be too restrictive.

• memory^(([5-9][0-9]{2}[Mi]+)|([0-9.]+[iEGTP]+))|(([5-9][0-9]{8})|([0-9]{10,}))$
• cpu is ^(([0-9]{4,}|[2-9][5-9][0-9])m$)|[0-9]+$.

[redhatrises]

This is correct your values are too low and don't meet the requirement. Please configure them correctly.

[sivanov-nuodb]

What are the recommended resources for the falcon sensor pod? I still think that the regex is too restrictive. Does it make sense to configure CPU requests of 250m but not 500m?

[redhatrises]

We don't recommend setting resources at all. The minimums are 250m CPU and 500M memory.