-
Notifications
You must be signed in to change notification settings - Fork 902
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Cannot run falco in Minikube #1276
Comments
Hey @afbjorklund, I saw your commits (here) in the minikube repo (thanks, btw) to make it support Falco 0.23 and its driver. Any hints why minikube v1.11 is not able to find a "system" Falco driver? |
Not really, seemed to work here: minikube version
minikube version: v1.11.0
commit: 57e2f55f47effe9ce396cea42a1e0eb4f611ebbd
minikube ssh
_ _
_ _ ( ) ( )
___ ___ (_) ___ (_)| |/') _ _ | |_ __
/' _ ` _ `\| |/' _ `\| || , < ( ) ( )| '_`\ /'__`\
| ( ) ( ) || || ( ) || || |\`\ | (_) || |_) )( ___/
(_) (_) (_)(_)(_) (_)(_)(_) (_)`\___/'(_,__/'`\____)
$ sudo modprobe falco-probe
$ lsmod
Module Size Used by
falco_probe 630784 0
...
$ more /etc/os-release
NAME=Buildroot
VERSION=2019.02.10
ID=buildroot
VERSION_ID=2019.02.10
PRETTY_NAME="Buildroot 2019.02.10"
$ uname -r
4.19.107
$ ls /lib/modules/4.19.107/extra/falco-probe.ko
/lib/modules/4.19.107/extra/falco-probe.ko |
Probably due to ab722c3 and 762ef01 ? https://github.com/falcosecurity/falco/blob/0.23.0/CHANGELOG.md#major-changes
|
I think I understand what happened. Minikube v1.11.0 is still using falco-probe 0.21.0, and then it was called "falco-probe.ko" Minikube v1.12.0 (out next week or so) will use falco 0.23.0, and now it is called "falco.ko". Maybe I should rename the package ? |
@afbjorklund, thanks! Shell snippet from #1276 (comment) helped to get out of CrashLoopBackoff. I'll proceed evaluating falco then) |
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions. Issues labeled "cncf", "roadmap" and "help wanted" will not be automatically closed. Please refer to a maintainer to get such label added if you think this should be kept open. |
AFAIK it should work now. Could anybody confirm that, please? |
minikube version: v1.12.3 name: falco
|
Should update for 1.13 We still need a variable for the hardcoded tarball location, though. See #1034 (comment) ExternalProject_Add(
sysdig
URL "https://github.com/draios/sysdig/archive/${SYSDIG_VERSION}.tar.gz"
URL_HASH "${SYSDIG_CHECKSUM}"
|
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions. Issues labeled "cncf", "roadmap" and "help wanted" will not be automatically closed. Please refer to a maintainer to get such label added if you think this should be kept open. |
Describe the bug
Falco fails to run in minikube. I have followed the guide https://falco.org/blog/minikube-falco-kernel-module/ and expected to have falco up and running in my minikube VM. However, while
helm install
command worked fine (at least without any errors), daemonset pod is failing to use prebuilt kernel module.How to reproduce it
Follow steps from guide: https://falco.org/blog/minikube-falco-kernel-module/
minikube start
. In my case kvm2 driver was usedkubectl create ns falco
helm --namespace falco install falco falcosecurity/falco
kubectl -n falco logs -l app=falco -f
Logs say the following:
Pay attention at lines
and
Expected behaviour
Pod successfuly ran. Logs are similar to one in blogpost. Module is downloaded and loaded.
Screenshots
Environment
0.23.0
Kubernetes, helm, https://falco.org/blog/minikube-falco-kernel-module/
The text was updated successfully, but these errors were encountered: