Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Adds falco-driver-loader 0.38.2 rock #13

Merged
merged 1 commit into from
Oct 4, 2024
Merged

Adds falco-driver-loader 0.38.2 rock #13

merged 1 commit into from
Oct 4, 2024

Conversation

claudiubelu
Copy link
Contributor

@claudiubelu claudiubelu commented Oct 2, 2024
edited
Loading

The falco-driver-loader image is just the falco image with a different entrypoint.

Note that Pebble doesn't like it when a process finishes too quickly. Which is why we're adding a sleep workaround for this rock image, as it is expected for the image workload to eventually end.

Adds falco-driver-loader usage to the integration test. We also need to set the "driver.kind=modern_ebpf" Helm chart option, in order for the falco-driver-loader init container to properly run. By default, it will try to autodetect the right driver, but it will fail when trying to use the kmod driver (insmod will fail with "Operation not permitted"), but the script exit code is still 0, meaning that the init container "successfully" finishes, which results in the workload container to not start properly.

@claudiubelu claudiubelu marked this pull request as draft October 2, 2024 08:53
@claudiubelu claudiubelu force-pushed the adds-falco-driver-loader-rock branch from c66079a to 97953b8 Compare October 3, 2024 12:18
@claudiubelu claudiubelu marked this pull request as ready for review October 3, 2024 12:19
bschimke95
bschimke95 approved these changes Oct 4, 2024
View reviewed changes
Copy link
Collaborator

@bschimke95 bschimke95 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, please rebase then we can merge

@claudiubelu
Adds falco-driver-loader 0.38.2 rock
cd64bf6 
The falco-driver-loader is just the falco image with a different
entrypoint.

Note that Pebble doesn't like it when a process finishes too quickly.
Which is why we're adding a sleep workaround for this rock image, as
it is expected for the image workload to eventually end.

Adds falco-driver-loader usage to the integration test. We also need to
set the "driver.kind=modern_ebpf" Helm chart option, in order for the
falco-driver-loader init container to properly run. By default, it will
try to autodetect the right driver, but it will fail when trying to use
the kmod driver (insmod will fail with "Operation not permitted"), but
the script exit code is still 0, meaning that the init container "successfully"
finishes, which results in the workload container to not start properly.
@claudiubelu claudiubelu force-pushed the adds-falco-driver-loader-rock branch from 97953b8 to cd64bf6 Compare October 4, 2024 07:44
@claudiubelu claudiubelu requested a review from a team as a code owner October 4, 2024 07:44
@claudiubelu
Copy link
Contributor Author

LGTM, please rebase then we can merge

rebased.

@claudiubelu claudiubelu merged commit e4eb6f3 into canonical:main Oct 4, 2024
5 of 9 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@bschimke95 bschimke95 bschimke95 approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@claudiubelu @bschimke95