#Use this sysdig.yaml when Daemon Sets are NOT enabled on Kubernetes (minimum version 1.1.1). If Daemon Sets are available, use the other example sysdig.yaml - that is the recommended method. apiVersion: v1 kind: ReplicationController metadata: name: sysdig-agent labels: app: sysdig-agent spec: replicas: 100 #REQUIRED - replace with the maximum number of slave nodes in the cluster template: spec: volumes: - name: docker-sock hostPath: path: /var/run/docker.sock type: Socket - name: dev-vol hostPath: path: /dev - name: proc-vol hostPath: path: /proc - name: boot-vol hostPath: path: /boot - name: modules-vol hostPath: path: /lib/modules - name: usr-vol hostPath: path: /usr hostNetwork: true hostPID: true containers: - name: sysdig-agent image: sysdig/agent ports: - containerPort: 6666 hostPort: 6666 securityContext: privileged: true env: - name: ACCESS_KEY #REQUIRED - replace with your Sysdig Cloud access key value: 8312341g-5678-abcd-4a2b2c-33bcsd655 # - name: K8S_DELEGATED_NODE #OPTIONAL - only necessary when connecting remotely to API server # value: # - name: K8S_API_URI #OPTIONAL - only necessary when connecting remotely to API server # value: "http[s]://[username:passwd@]host[:port]" # - name: TAGS #OPTIONAL # value: linux:ubuntu,dept:dev,local:nyc # - name: COLLECTOR #OPTIONAL # value: 192.168.183.200 # - name: SECURE #OPTIONAL # value: false # - name: CHECK_CERTIFICATE #OPTIONAL # value: false # - name: ADDITIONAL_CONF #OPTIONAL # value: "app_checks:\n - name: nginx\n check_module: nginx\n pattern:\n comm: nginx\n conf:\n nginx_status_url: "http://localhost:{port}/nginx_status\"" volumeMounts: - mountPath: /host/var/run/docker.sock name: docker-sock readOnly: false - mountPath: /host/dev name: dev-vol readOnly: false - mountPath: /host/proc name: proc-vol readOnly: true - mountPath: /host/boot name: boot-vol readOnly: true - mountPath: /host/lib/modules name: modules-vol readOnly: true - mountPath: /host/usr name: usr-vol readOnly: true