#Use this sysdig.yaml when Daemon Sets are enabled on Kubernetes (minimum version 1.1.1). Otherwise use the RC method. apiVersion: extensions/v1beta1 kind: DaemonSet metadata: name: sysdig-agent labels: app: sysdig-agent spec: template: metadata: labels: name: sysdig-agent spec: volumes: - name: docker-sock hostPath: path: /var/run/docker.sock type: Socket - name: dev-vol hostPath: path: /dev - name: proc-vol hostPath: path: /proc - name: boot-vol hostPath: path: /boot - name: modules-vol hostPath: path: /lib/modules - name: usr-vol hostPath: path: /usr hostNetwork: true hostPID: true containers: - name: sysdig-agent image: sysdig/agent securityContext: privileged: true env: - name: ACCESS_KEY #REQUIRED - replace with your Sysdig Cloud access key value: 8312341g-5678-abcd-4a2b2c-33bcsd655 # - name: TAGS #OPTIONAL # value: linux:ubuntu,dept:dev,local:nyc # - name: COLLECTOR #OPTIONAL - on-prem install only # value: 192.168.183.200 # - name: SECURE #OPTIONAL - on-prem install only # value: false # - name: CHECK_CERTIFICATE #OPTIONAL - on-prem install only # value: false # - name: ADDITIONAL_CONF #OPTIONAL pass additional parameters to the agent such as authentication example provided here # value: "k8s_uri: https://myacct:mypass@localhost:4430\nk8s_ca_certificate: k8s-ca.crt\nk8s_ssl_verify_certificate: true" volumeMounts: - mountPath: /host/var/run/docker.sock name: docker-sock readOnly: false - mountPath: /host/dev name: dev-vol readOnly: false - mountPath: /host/proc name: proc-vol readOnly: true - mountPath: /host/boot name: boot-vol readOnly: true - mountPath: /host/lib/modules name: modules-vol readOnly: true - mountPath: /host/usr name: usr-vol readOnly: true