search

falcosecurity / falco-website

Source code of the official Falco website
https://falco.org
Creative Commons Attribution 4.0 International
35 stars 220 forks source link

update(docs): fixed command for running privileged ebpf falco docker. #1301

Closed terylt closed 6 months ago

terylt commented 6 months ago

The existing privileged docker command for running ebpf incorrectly tries to load the kmod, while running falco in ebpf mode. By adding an environment variable we force the container to load the ebpf probe. The command was also missing the falco cli.

What type of PR is this?

/kind bug

Any specific area of the project related to this PR?

/area documentation

What this PR does / why we need it:

It fixes the docker command for loading the ebpf version of falco. The current command errors in two ways:

  1. Since it doesn't have falco in it, docker incorrectly thinks the executable is -o
  2. The docker container loads the kmod probe, but falco is loaded in ebpf mode.

Which issue(s) this PR fixes:

Fixes #

Special notes for your reviewer:

poiana commented 6 months ago

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: LucaGuerra, terylt

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files: - ~~[content/OWNERS](https://github.com/falcosecurity/falco-website/blob/master/content/OWNERS)~~ [LucaGuerra] Approvers can indicate their approval by writing `/approve` in a comment Approvers can cancel approval by writing `/approve cancel` in a comment
poiana commented 6 months ago

LGTM label has been added.

Git tree hash: 383bd34b87e175ce07b597a9eedda351427fbb92