From 3baa94baafc3145e587825dade7364eb21a21985 Mon Sep 17 00:00:00 2001 From: Hasan Mahmood <6599778+hmahmood@users.noreply.github.com> Date: Tue, 17 Dec 2024 12:20:07 -0600 Subject: [PATCH] Add /sys/fs/bpf to system-probe container volumes (#1634) --- charts/datadog/CHANGELOG.md | 4 ++++ charts/datadog/Chart.yaml | 2 +- charts/datadog/README.md | 2 +- charts/datadog/templates/_container-system-probe.yaml | 6 ++++++ charts/datadog/templates/_daemonset-volumes-linux.yaml | 5 +++++ 5 files changed, 17 insertions(+), 2 deletions(-) diff --git a/charts/datadog/CHANGELOG.md b/charts/datadog/CHANGELOG.md index bfb699795..d9923af94 100644 --- a/charts/datadog/CHANGELOG.md +++ b/charts/datadog/CHANGELOG.md @@ -1,5 +1,9 @@ # Datadog changelog +## 3.83.1 + +* Add /sys/fs/bpf to system-probe volume mounts + ## 3.83.0 * Added the configuration value `datadog.disablePasswdMount` to disable mounting the `/etc/passwd` path from the host filesystem. This option should be used when the underlying OS does not have these files (e.g., Talos OS). diff --git a/charts/datadog/Chart.yaml b/charts/datadog/Chart.yaml index 51ac9983d..6add375c6 100644 --- a/charts/datadog/Chart.yaml +++ b/charts/datadog/Chart.yaml @@ -1,7 +1,7 @@ --- apiVersion: v1 name: datadog -version: 3.83.0 +version: 3.83.1 appVersion: "7" description: Datadog Agent keywords: diff --git a/charts/datadog/README.md b/charts/datadog/README.md index 8e5b1fb00..c4243577b 100644 --- a/charts/datadog/README.md +++ b/charts/datadog/README.md @@ -1,6 +1,6 @@ # Datadog -![Version: 3.83.0](https://img.shields.io/badge/Version-3.83.0-informational?style=flat-square) ![AppVersion: 7](https://img.shields.io/badge/AppVersion-7-informational?style=flat-square) +![Version: 3.83.1](https://img.shields.io/badge/Version-3.83.1-informational?style=flat-square) ![AppVersion: 7](https://img.shields.io/badge/AppVersion-7-informational?style=flat-square) [Datadog](https://www.datadoghq.com/) is a hosted infrastructure monitoring platform. This chart adds the Datadog Agent to all nodes in your cluster via a DaemonSet. It also optionally depends on the [kube-state-metrics chart](https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-state-metrics). For more information about monitoring Kubernetes with Datadog, please refer to the [Datadog documentation website](https://docs.datadoghq.com/agent/basic_agent_usage/kubernetes/). diff --git a/charts/datadog/templates/_container-system-probe.yaml b/charts/datadog/templates/_container-system-probe.yaml index cf77ed4db..d3935459e 100644 --- a/charts/datadog/templates/_container-system-probe.yaml +++ b/charts/datadog/templates/_container-system-probe.yaml @@ -43,6 +43,12 @@ mountPath: /sys/kernel/debug mountPropagation: {{ .Values.datadog.hostVolumeMountPropagation }} readOnly: false # Need RW for kprobe_events +{{- if .Values.datadog.networkMonitoring.enabled }} + - name: bpffs + mountPath: /sys/fs/bpf + mountPropagation: {{ .Values.datadog.hostVolumeMountPropagation }} + readOnly: true +{{- end }} - name: config mountPath: {{ template "datadog.confPath" . }} readOnly: true diff --git a/charts/datadog/templates/_daemonset-volumes-linux.yaml b/charts/datadog/templates/_daemonset-volumes-linux.yaml index 6b6cb50f0..4a2251f65 100644 --- a/charts/datadog/templates/_daemonset-volumes-linux.yaml +++ b/charts/datadog/templates/_daemonset-volumes-linux.yaml @@ -81,6 +81,11 @@ - hostPath: path: /sys/kernel/debug name: debugfs +{{- if .Values.datadog.networkMonitoring.enabled }} +- hostPath: + path: /sys/fs/bpf + name: bpffs +{{- end }} - name: sysprobe-socket-dir emptyDir: {} {{- if and (eq (include "runtime-compilation-enabled" .) "true") .Values.datadog.systemProbe.enableDefaultKernelHeadersPaths }}