-
Notifications
You must be signed in to change notification settings - Fork 51
/
Copy pathkubehound.yaml
73 lines (59 loc) · 1.67 KB
/
kubehound.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
#
# Default KubeHound configuration
# NOTE: this is optimized for smaller clusters of 1-2k pods
#
# K8s collector configuration
collector:
# Type of collector to use
type: live-k8s-api-collector
# Live collector configuration
live:
# Rate limit of requests/second to the Kubernetes API
rate_limit_per_second: 50
# General storage configuration
storage:
# Number of connection retries before declaring an error
retry: 5
# Delay between connection retries
retry_delay: 10s
# Store database configuration
mongodb:
# Connection URL to the mongo DB instance
url: "mongodb://localhost:27017"
# Timeout on requests to the mongo DB instance
connection_timeout: 30s
# Graph database configuration
janusgraph:
# Connection URL to the JanusGraph DB instance
url: "ws://localhost:8182/gremlin"
# Timeout on requests to the JanusGraph DB instance
connection_timeout: 30s
# Graph builder configuration
builder:
# Vertex builder configuration
vertex:
# Batch size for vertex inserts
batch_size: 500
# Edge builder configuration
edge:
worker_pool_size: 2
# Batch size for edge inserts
batch_size: 500
# Cluster impact batch size for edge inserts
batch_size_cluster_impact: 10
# Enable for large clusters to prevent number of edges growing exponentially
large_cluster_optimizations: true
# Ingestor configuration (for KHaaS)
ingestor:
blob:
# (i.e.: s3://<your-bucket>)
bucket: ""
# (i.e.: us-east-1)
region: ""
temp_dir: "/tmp/kubehound"
archive_name: "archive.tar.gz"
max_archive_size: 2147483648 # 2GB
# GRPC endpoint for the ingestor
api:
endpoint: "127.0.0.1:9000"
insecure: true