forked from inspektor-gadget/inspektor-gadget
-
Notifications
You must be signed in to change notification settings - Fork 0
/
pod-ig.yaml
40 lines (40 loc) · 1.03 KB
/
pod-ig.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
# This manifest is a template for running the ig binary inside a pod. For simplicity, we use a
# privileged pod, but you can use a more restrictive setup. Check
# charts/gadget/templates/daemonset.yaml that is our source of true for the security configuration
# needed by Inspektor Gadget.
apiVersion: v1
kind: Pod
metadata:
name: ig
labels:
k8s-app: example-ig
spec:
containers:
- name: ig
image: ghcr.io/inspektor-gadget/ig:latest
securityContext:
# CHANGEME: see comment at the top of this file
privileged: true
command:
# CHANGEME: run the gadget of your choice
- "ig"
- "trace"
- "exec"
- "--host"
env:
- name: HOST_ROOT
value: "/host"
volumeMounts:
- mountPath: /host
name: host
- mountPath: /run
name: run
# CHANGEME: where do you want to run this pod?
nodeName: minikube-containerd
volumes:
- name: host
hostPath:
path: /
- name: run
hostPath:
path: /run