Falco 0.25.0-60+1efa4d3 - Segmentation fault (core dumped) when using K8s integration #1409
Labels
Milestone
Comments
|
The problem occurs even just sending SIGINT: |
leogr
changed the title
This was referenced Sep 18, 2020
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Describe the bug
Falco version 0.25.0-60+1efa4d3 process exits (Segmentation fault (core dumped)) when using K8s integration.
How to reproduce it
Just deploying Falco on Kubernetes using the current
falcosecurity/falco:masterimage (version0.25.0-60+1efa4d3) . Then the container will restart since the Falco process is exiting.I also tried to manually run Falco from within the container, and I noticed the segfault:
root@falco-w9tcx:/# /usr/bin/falco --cri /run/containerd/containerd.sock -K /var/run/secrets/kubernetes.io/serviceaccount/token -k "https://$KUBERNETES_SERVICE_HOST" -pk Thu Sep 17 16:00:10 2020: Falco version 0.25.0-60+1efa4d3 (driver version 73554b9c48b06612eb50494ee6fa5b779c57edc0) Thu Sep 17 16:00:10 2020: Falco initialized with configuration file /etc/falco/falco.yaml Thu Sep 17 16:00:10 2020: Loading rules from file /etc/falco/falco_rules.yaml: Thu Sep 17 16:00:13 2020: Loading rules from file /etc/falco/falco_rules.local.yaml: Thu Sep 17 16:00:18 2020: Starting internal webserver, listening on port 8765 Segmentation fault (core dumped)It does not happen without the
-kflag.Expected behaviour
No segmentation fault.
Screenshots
Environment
0.25.0-60+1efa4d3Linux x1 5.8.9-arch2-1 #1 SMP PREEMPT Sun, 13 Sep 2020 23:44:55 +0000 x86_64 GNU/LinuxHelm chart or manual deployment on K8s (kind)
Additional context
Need further investigation.
The current version on the master branch misses this fix draios/sysdig#1686 which might be related to this issue.
The text was updated successfully, but these errors were encountered: