Open bmassemin opened 9 months ago
Can you check if the redis pod is up and running please?
❯ kubectl get pods -n falco
NAME READY STATUS RESTARTS AGE
falco-falcosidekick-5954875598-dmkwm 1/1 Running 0 3h22m
falco-falcosidekick-5954875598-tdp2x 1/1 Running 0 3h22m
falco-falcosidekick-ui-9896c86df-tbrlz 1/1 Running 3 (3h22m ago) 3h22m
falco-falcosidekick-ui-redis-0 1/1 Running 0 3h22m
falco-zl4nw 2/2 Running 0 3h22m
I was curious about the 3 restarts for falco-falcosidekick-ui-9896c86df-tbrlz
:
2023/11/28 10:38:55 [WARN] : Index does not exist
2023/11/28 10:38:55 [WARN] : Create Index
2023/11/28 10:38:55 dial tcp 10.3.101.247:6379: connect: connection refused
Looks like a transient error.
UPDATE: it was juste some restart while the pod was waiting for redis, so there's no error.
The restarts of the UI at the bootstrap are "normal", I will fix that with an initContainer asap.
In your case, I don't understand how you can have the deployment of the UI but not the enabling in Falcosidekick.
Can you check the secrets for Falcosidekick to see if the webui output is correctly set please.
There's no secret, and apparently that's because I use existingSecret: "falcosidekick-config"
to set the discord webhook url.
Removing that line resolve the issue.
Is there a way to set the webhook url through a secret without overriding the generated secret? Thanks.
If you use your own secret file you have to set up the settings for the Webui too, not just Discord. The existingSecret
overrides everything, can't mix for now.
Ok thanks, I'll copy paste the generated one in my secret, and I'll freeze the chart updates until we can mix configs.
Ok thanks, I'll copy paste the generated one in my secret, and I'll freeze the chart updates until we can mix configs.
I'm adding that in my todo then.
Issues go stale after 90d of inactivity.
Mark the issue as fresh with /remove-lifecycle stale
.
Stale issues rot after an additional 30d of inactivity and eventually close.
If this issue is safe to close now please do so with /close
.
Provide feedback via https://github.com/falcosecurity/community.
/lifecycle stale
Stale issues rot after 30d of inactivity.
Mark the issue as fresh with /remove-lifecycle rotten
.
Rotten issues close after an additional 30d of inactivity.
If this issue is safe to close now please do so with /close
.
Provide feedback via https://github.com/falcosecurity/community.
/lifecycle rotten
/remove-lifecycle rotten
What are the variables I need to include in my own secret/env vars so the events make it to the UI? Im doing the same thing for a slack webhook url (using existingSecret) and trying to pass in:
falcosidekick:
enabled: true
environment:
- WEBUI_URL=http://myaddress:2802
- REDIS_DATABASE=0
- REDIS_KEY=falco
- REDIS_STORAGETYPE=list
But no dice. A lot of the other vars dont seem relevant.
Edit: for anyone who may run into issue. Setting the following helm values forwards to UI and you can use existingSecret for whatever else youre forwarding alerts to:
falcosidekick:
enabled: true
webui:
enabled: true
config:
extraEnv:
- name: WEBUI_URL
value: "http://myaddress:2802"
- name: REDIS_DATABASE
value: "0"
- name: REDIS_KEY
value: "falco"
- name: REDIS_STORAGETYPE
value: "list"
existingSecret: "my-external-secret"
/assign @Issif
Describe the bug
The chart is deployed successfully, the discord events are properly fired, but not the WebUI ones.
How to reproduce it
My helmfile:
Expected behaviour
Looking at the logs, I only see Discord events:
But I would have expected WebUI events too.
Screenshots
Environment
Linux falco-zl4nw 5.15.0-84-generic #93-Ubuntu SMP Tue Sep 5 17:16:10 UTC 2023 x86_64 GNU/Linux
Additional context