golang
/
flannel


			
				
					
						
						
							1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677
							#Use this sysdig.yaml when Daemon Sets are NOT enabled on Kubernetes (minimum version 1.1.1). If Daemon Sets are available, use the other example sysdig.yaml - that is the recommended method.

apiVersion: v1
kind: ReplicationController                     
metadata:
  name: sysdig-agent
  labels:
    app: sysdig-agent
spec:
  replicas: 100             #REQUIRED - replace with the maximum number of slave nodes in the cluster
  template:
    spec:
      volumes:
      - name: docker-sock
        hostPath:
         path: /var/run/docker.sock
      - name: dev-vol
        hostPath:
         path: /dev
      - name: proc-vol
        hostPath:
         path: /proc
      - name: boot-vol
        hostPath:
         path: /boot
      - name: modules-vol
        hostPath:
         path: /lib/modules
      - name: usr-vol
        hostPath:
          path: /usr
      hostNetwork: true
      hostPID: true
      containers:
      - name: sysdig-agent
        image: sysdig/agent
        ports:
        - containerPort: 6666
          hostPort: 6666
        securityContext:
         privileged: true
        env:
        - name: ACCESS_KEY                                  #REQUIRED - replace with your Sysdig Cloud access key
          value: 8312341g-5678-abcd-4a2b2c-33bcsd655
#        - name: K8S_DELEGATED_NODE                         #OPTIONAL - only necessary when connecting remotely to API server
#          value: <DELEGATED NODE IP>
#        - name: K8S_API_URI                                #OPTIONAL - only necessary when connecting remotely to API server
#          value: "http[s]://[username:passwd@]host[:port]"
#        - name: TAGS                                       #OPTIONAL
#          value: linux:ubuntu,dept:dev,local:nyc 
#        - name: COLLECTOR                                  #OPTIONAL
#          value: 192.168.183.200 
#        - name: SECURE                                     #OPTIONAL        
#          value: false
#        - name: CHECK_CERTIFICATE                          #OPTIONAL
#          value: false
#        - name: ADDITIONAL_CONF                            #OPTIONAL
#          value: "app_checks:\n  - name: nginx\n    check_module: nginx\n    pattern:\n      comm: nginx\n    conf:\n      nginx_status_url: "http://localhost:{port}/nginx_status\""
        volumeMounts:
        - mountPath: /host/var/run/docker.sock
          name: docker-sock
          readOnly: false
        - mountPath: /host/dev
          name: dev-vol
          readOnly: false
        - mountPath: /host/proc
          name: proc-vol
          readOnly: true
        - mountPath: /host/boot
          name: boot-vol
          readOnly: true
        - mountPath: /host/lib/modules
          name: modules-vol
          readOnly: true
        - mountPath: /host/usr
          name: usr-vol
          readOnly: true