search

draios / instruqt-assets

3 stars 3 forks source link

Kubeadm cluster support #88

Closed pabloopez closed 1 year ago

pabloopez commented 1 year ago

Add support to deploy as an option the Sysdig Agent with Helm in our k8s-based Instruqt environments.

This is required for Compliance training, support to use KSPM in our k3s cluster is not guaranteed, I prefer to run the new labs for compliance directly in our kubeadmin k8s cluster and avoid any issue due to not being compatible.

pmusa commented 1 year ago

I see a request for me to review, but this is still in draft. Should I review it?

pabloopez commented 1 year ago

No, is a draft. But yes, I'll ask you to review when this is ready.

pabloopez commented 1 year ago

Testing this now, looks like it works fine:

sysdig-agent   sysdig-agent-22wv5                            1/1     Running   0          2m38s
sysdig-agent   sysdig-agent-5q26m                            1/1     Running   0          2m38s
sysdig-agent   sysdig-agent-kspmcollector-858994c89d-wjbrw   1/1     Running   0          2m38s
sysdig-agent   sysdig-agent-node-analyzer-2xt7z              4/4     Running   0          2m38s
sysdig-agent   sysdig-agent-node-analyzer-rknrf              4/4     Running   0          2m38s

And logs for the kspm component:

root@controlplane:~# k logs -n sysdig-agent sysdig-agent-kspmcollector-858994c89d-wjbrw
2023/05/16 10:57:38 maxprocs: Updating GOMAXPROCS=1: using minimum allowed GOMAXPROCS
{"level":"info","ts":"2023-05-16T10:57:38.839Z","msg":"Starting up","agent":"collector","cluster":"insq_2023-05-16__12_57","node":"","buildVersion":"1.22.0","platform":"Vanilla (1.20)","runtime":"linux/amd64"}
{"level":"info","ts":"2023-05-16T10:57:38.839Z","caller":"nats/broker.go:183","msg":"Subscribing","name":"collector-insq_2023-05-16__12_57","subject":"agent.26067.653450653341000f496b9609080ab0c5.collector","queue":"collector","options":{"Parallelism":1,"PendingBytesLimit":0}}
{"level":"info","ts":"2023-05-16T10:58:52.712Z","msg":"Received a new message","agent":"collector","cluster":"insq_2023-05-16__12_57","node":"","msg":"taskID:406639  clusterID:\"insq_2023-05-16__12_57\"  action:Start  resultTopic:\"agent.26067.workload.results\""}
{"level":"info","ts":"2023-05-16T10:58:52.726Z","msg":"Starting scan","agent":"collector","cluster":"insq_2023-05-16__12_57","node":"","msg":"agent.26067.653450653341000f496b9609080ab0c5.collector","taskId":406639,"clusterId":"insq_2023-05-16__12_57"}
I0516 10:58:53.978763       1 request.go:665] Waited for 1.005004607s due to client-side throttling, not priority and fairness, request: GET:https://10.96.0.1:443/apis/apps/v1/namespaces/kube-system/daemonsets
{"level":"info","ts":"2023-05-16T10:58:54.777Z","msg":"Sending a final batch of results","agent":"collector","cluster":"insq_2023-05-16__12_57","node":"","taskID":406639,"objectCount":200,"batchSizeBytes":244137}
{"level":"info","ts":"2023-05-16T10:58:54.789Z","msg":"Scan completed","agent":"collector","cluster":"insq_2023-05-16__12_57","node":"","msg":"agent.26067.653450653341000f496b9609080ab0c5.collector","taskId":406639,"clusterId":"insq_2023-05-16__12_57"}
pabloopez commented 1 year ago

ty