Add /etc mount for falco container (#475)

falcosecurity · Jan 24, 2019 · ec07f7c · ec07f7c
1 parent b8a25c6
commit ec07f7c
Showing 1 changed file with 13 additions and 0 deletions.
diff --git a/integrations/k8s-using-daemonset/k8s-with-rbac/falco-daemonset-configmap.yaml b/integrations/k8s-using-daemonset/k8s-with-rbac/falco-daemonset-configmap.yaml
@@ -18,6 +18,13 @@ spec:
           image: falcosecurity/falco:latest
           securityContext:
             privileged: true
+# Uncomment the 3 lines below to enable eBPF support for Falco.
+# This allows Falco to run on Google COS.
+# Leave blank for the default probe location, or set to the path
+# of a precompiled probe.
+#          env:
+#          - name: SYSDIG_BPF_PROBE
+#            value: ""
           args: [ "/usr/bin/falco", "-K", "/var/run/secrets/kubernetes.io/serviceaccount/token", "-k", "https://kubernetes.default", "-pk"]
           volumeMounts:
             - mountPath: /host/var/run/docker.sock
@@ -36,6 +43,9 @@ spec:
             - mountPath: /host/usr
               name: usr-fs
               readOnly: true
+            - mountPath: /host/etc/
+              name: etc-fs
+              readOnly: true
             - mountPath: /etc/falco
               name: falco-config
       volumes:
@@ -57,6 +67,9 @@ spec:
         - name: usr-fs
           hostPath:
             path: /usr
+        - name: etc-fs
+          hostPath:
+            path: /etc
         - name: falco-config
           configMap:
             name: falco-config