-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathbpf-scaffold.sh
executable file
·25 lines (21 loc) · 1.27 KB
/
bpf-scaffold.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
#!/bin/zsh
docker exec -it k3d-foo-agent-0 mount bpffs /sys/fs/bpf -t bpf
docker exec -it k3d-foo-agent-0 mount --make-shared /sys/fs/bpf
# this needs to be done for every container (every agent and every server)
docker exec -it k3d-foo-server-0 mount bpffs /sys/fs/bpf -t bpf
docker exec -it k3d-foo-server-0 mount --make-shared /sys/fs/bpf
# bugged for cilium and needed to fix for falco
# TODO: still not working but 1.10.5 bypasses
docker exec -it k3d-foo-agent-0 mount cgroupfs-mount /sys/fs/cgroup -t cgroup
docker exec -it k3d-foo-agent-0 mount --make-shared /sys/fs/cgroup
docker exec -it k3d-foo-server-0 mount cgroupfs-mount /sys/fs/cgroup -t cgroup
docker exec -it k3d-foo-server-0 mount --make-shared /sys/fs/cgroup
# K3d is busybox so no package manager and wget doesn't support https public endpoints
# need falco's driver, k3s/k3d overrides the distro name to PRETTY_NAME="K3s dev"
# for falco
docker exec -it k3d-foo-agent-0 mkdir -p /host/dev/falco0
docker exec -it k3d-foo-agent-0 mount falco /host/dev/falco0 -t bpf
docker exec -it k3d-foo-agent-0 mount --make-shared /host/dev/falco0
docker exec -it k3d-foo-server-0 mkdir -p /host/dev/falco0
docker exec -it k3d-foo-server-0 mount falco /host/dev/falco0 -t bpf
docker exec -it k3d-foo-server-0 mount --make-shared /host/dev/falco0