From 4f795cbcfac0c9cfb4fbb5c9ae5402061b84a15d Mon Sep 17 00:00:00 2001 From: Anastasios Papagiannis Date: Wed, 29 May 2024 08:20:28 +0000 Subject: [PATCH] [helm] Export health server configuration This patch allows the user to configure the gRPC health server through helm. Signed-off-by: Anastasios Papagiannis --- docs/content/en/docs/reference/helm-chart.md | 3 +++ install/kubernetes/tetragon/README.md | 3 +++ .../kubernetes/tetragon/templates/_container_tetragon.tpl | 2 +- .../kubernetes/tetragon/templates/tetragon_configmap.yaml | 6 ++++++ install/kubernetes/tetragon/values.yaml | 7 +++++++ 5 files changed, 20 insertions(+), 1 deletion(-) diff --git a/docs/content/en/docs/reference/helm-chart.md b/docs/content/en/docs/reference/helm-chart.md index cdb0231ac4d..c223ce2669b 100644 --- a/docs/content/en/docs/reference/helm-chart.md +++ b/docs/content/en/docs/reference/helm-chart.md @@ -78,6 +78,9 @@ To use [the values available](#values), with `helm install` or `helm upgrade`, u | tetragon.gops.port | int | `8118` | The port at which to expose gops. | | tetragon.grpc.address | string | `"localhost:54321"` | The address at which to expose gRPC. Examples: localhost:54321, unix:///var/run/tetragon/tetragon.sock | | tetragon.grpc.enabled | bool | `true` | Whether to enable exposing Tetragon gRPC. | +| tetragon.healthGrpc.enabled | bool | `true` | Whether to enable health gRPC server. | +| tetragon.healthGrpc.interval | int | `10` | The interval at which to check the health of the agent. | +| tetragon.healthGrpc.port | int | `6789` | The port at which to expose health gRPC. | | tetragon.hostProcPath | string | `"/proc"` | Location of the host proc filesystem in the runtime environment. If the runtime runs in the host, the path is /proc. Exceptions to this are environments like kind, where the runtime itself does not run on the host. | | tetragon.image.override | string | `nil` | | | tetragon.image.repository | string | `"quay.io/cilium/tetragon"` | | diff --git a/install/kubernetes/tetragon/README.md b/install/kubernetes/tetragon/README.md index ad0c7bcd000..599741e0d01 100644 --- a/install/kubernetes/tetragon/README.md +++ b/install/kubernetes/tetragon/README.md @@ -60,6 +60,9 @@ Helm chart for Tetragon | tetragon.gops.port | int | `8118` | The port at which to expose gops. | | tetragon.grpc.address | string | `"localhost:54321"` | The address at which to expose gRPC. Examples: localhost:54321, unix:///var/run/tetragon/tetragon.sock | | tetragon.grpc.enabled | bool | `true` | Whether to enable exposing Tetragon gRPC. | +| tetragon.healthGrpc.enabled | bool | `true` | Whether to enable health gRPC server. | +| tetragon.healthGrpc.interval | int | `10` | The interval at which to check the health of the agent. | +| tetragon.healthGrpc.port | int | `6789` | The port at which to expose health gRPC. | | tetragon.hostProcPath | string | `"/proc"` | Location of the host proc filesystem in the runtime environment. If the runtime runs in the host, the path is /proc. Exceptions to this are environments like kind, where the runtime itself does not run on the host. | | tetragon.image.override | string | `nil` | | | tetragon.image.repository | string | `"quay.io/cilium/tetragon"` | | diff --git a/install/kubernetes/tetragon/templates/_container_tetragon.tpl b/install/kubernetes/tetragon/templates/_container_tetragon.tpl index 3ce0609ec74..fa2d0e0af58 100644 --- a/install/kubernetes/tetragon/templates/_container_tetragon.tpl +++ b/install/kubernetes/tetragon/templates/_container_tetragon.tpl @@ -71,7 +71,7 @@ livenessProbe: timeoutSeconds: 60 grpc: - port: 6789 + port: {{ .Values.tetragon.healthGrpc.port }} service: "liveness" {{- end -}} {{- end -}} diff --git a/install/kubernetes/tetragon/templates/tetragon_configmap.yaml b/install/kubernetes/tetragon/templates/tetragon_configmap.yaml index c3e36cfc095..765e80b26c5 100644 --- a/install/kubernetes/tetragon/templates/tetragon_configmap.yaml +++ b/install/kubernetes/tetragon/templates/tetragon_configmap.yaml @@ -44,6 +44,12 @@ data: server-address: {{ .Values.tetragon.grpc.address }} {{- else }} {{- end }} +{{- if .Values.tetragon.healthGrpc.enabled }} + health-server-address: :{{ .Values.tetragon.healthGrpc.port }} + health-server-interval: {{ .Values.tetragon.healthGrpc.interval | quote }} +{{- else }} + health-server-address: "" +{{- end }} {{- if .Values.tetragon.tcpStatsSampleSegs }} tcp-stats-sample-segs: {{ .Values.tetragon.tcpStatsSampleSegs | quote }} {{- end }} diff --git a/install/kubernetes/tetragon/values.yaml b/install/kubernetes/tetragon/values.yaml index d113a0d63ba..fe4db85d3e6 100644 --- a/install/kubernetes/tetragon/values.yaml +++ b/install/kubernetes/tetragon/values.yaml @@ -193,6 +193,13 @@ tetragon: enablePolicyFilterDebug: false # -- Enable latency monitoring in message handling enableMsgHandlingLatency: false + healthGrpc: + # -- Whether to enable health gRPC server. + enabled: true + # -- The port at which to expose health gRPC. + port: 6789 + # -- The interval at which to check the health of the agent. + interval: 10 # -- Location of the host proc filesystem in the runtime environment. If the runtime runs in the # host, the path is /proc. Exceptions to this are environments like kind, where the runtime itself # does not run on the host.