Skip to content

Commit

Permalink
update limits, documentation, and Makefile version
Browse files Browse the repository at this point in the history
  • Loading branch information
@gpontejos
gpontejos committed Sep 24, 2024
1 parent f6f7be8 commit d343a0f
Show file tree
Hide file tree
Showing 5 changed files with 26 additions and 20 deletions.
2 changes: 1 addition & 1 deletion Makefile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@
# To re-generate a bundle for another specific version without changing the standard setup, you can:
# - use the VERSION as arg of the bundle target (e.g make bundle VERSION=0.0.2)
# - use environment variables to overwrite this value (e.g export VERSION=0.0.2)
VERSION ?= 1.1.0
VERSION ?= 1.3.0

# CHANNELS define the bundle channels used in the bundle.
# Add a new line here if you would like to change its default config. (E.g CHANNELS = "candidate,fast,stable")
Expand Down
6 changes: 3 additions & 3 deletions api/falcon/v1alpha1/falconadmission_types.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -141,15 +141,15 @@ type FalconAdmissionConfigSpec struct {
ImagePullSecrets []corev1.LocalObjectReference `json:"imagePullSecrets,omitempty"`

// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Falcon Admission Controller Client Resources",order=9,xDescriptors={"urn:alm:descriptor:com.tectonic.ui:resourceRequirements"}
// +kubebuilder:default:={"limits":{"cpu":"750m","memory":"256Mi"},"requests":{"cpu":"500m","memory":"256Mi"}}
// +kubebuilder:default:={"limits":{"cpu":"750m","memory":"384Mi"},"requests":{"cpu":"500m","memory":"384Mi"}}
ResourcesClient *corev1.ResourceRequirements `json:"resourcesClient,omitempty"`

// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Falcon Admission Controller Watcher Resources",order=14,xDescriptors={"urn:alm:descriptor:com.tectonic.ui:resourceRequirements"}
// +kubebuilder:default:={"limits":{"cpu":"750m","memory":"256Mi"},"requests":{"cpu":"500m","memory":"256Mi"}}
// +kubebuilder:default:={"limits":{"cpu":"750m","memory":"384Mi"},"requests":{"cpu":"500m","memory":"384Mi"}}
ResourcesWatcher *corev1.ResourceRequirements `json:"resourcesWatcher,omitempty"`

// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Falcon Admission Controller Resources",order=10,xDescriptors={"urn:alm:descriptor:com.tectonic.ui:resourceRequirements"}
//+kubebuilder:default:={"limits":{"cpu":"300m","memory":"512Mi"},"requests":{"cpu":"300m","memory":"512Mi"}}
//+kubebuilder:default:={"limits":{"cpu":"300m","memory":"256Mi"},"requests":{"cpu":"300m","memory":"256Mi"}}
ResourcesAC *corev1.ResourceRequirements `json:"resources,omitempty"`

// Type of Deployment update. Can be "RollingUpdate" or "OnDelete". Default is RollingUpdate.
Expand Down
12 changes: 6 additions & 6 deletions config/crd/bases/falcon.crowdstrike.com_falconadmissions.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -114,10 +114,10 @@ spec:
default:
limits:
cpu: 300m
memory: 512Mi
memory: 256Mi
requests:
cpu: 300m
memory: 512Mi
memory: 256Mi
description: ResourceRequirements describes the compute resource
requirements.
properties:
Expand Down Expand Up @@ -171,10 +171,10 @@ spec:
default:
limits:
cpu: 750m
memory: 256Mi
memory: 384Mi
requests:
cpu: 500m
memory: 256Mi
memory: 384Mi
description: ResourceRequirements describes the compute resource
requirements.
properties:
Expand Down Expand Up @@ -228,10 +228,10 @@ spec:
default:
limits:
cpu: 750m
memory: 256Mi
memory: 384Mi
requests:
cpu: 500m
memory: 256Mi
memory: 384Mi
description: ResourceRequirements describes the compute resource
requirements.
properties:
Expand Down
12 changes: 6 additions & 6 deletions deploy/falcon-operator.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -128,10 +128,10 @@ spec:
default:
limits:
cpu: 300m
memory: 512Mi
memory: 256Mi
requests:
cpu: 300m
memory: 512Mi
memory: 256Mi
description: ResourceRequirements describes the compute resource
requirements.
properties:
Expand Down Expand Up @@ -185,10 +185,10 @@ spec:
default:
limits:
cpu: 750m
memory: 256Mi
memory: 384Mi
requests:
cpu: 500m
memory: 256Mi
memory: 384Mi
description: ResourceRequirements describes the compute resource
requirements.
properties:
Expand Down Expand Up @@ -242,10 +242,10 @@ spec:
default:
limits:
cpu: 750m
memory: 256Mi
memory: 384Mi
requests:
cpu: 500m
memory: 256Mi
memory: 384Mi
description: ResourceRequirements describes the compute resource
requirements.
properties:
Expand Down
14 changes: 10 additions & 4 deletions docs/resources/admission/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -32,6 +32,12 @@ spec:
```
### FalconAdmission Reference Manual
#### Falcon Operator Support for Falcon Admission Controller
| Falcon Operator Version | Falcon Admission Controller Version |
|:-----------------------------|:------------------------------------------|
| `<= 1.2.x` | `< 7.20.x` |
| `>= 1.3.x` | `>= 7.20.x` |

#### Falcon API Settings
| Spec | Description |
Expand Down Expand Up @@ -59,10 +65,10 @@ spec:
| admissionConfig.tls.validity | (optional) Configure the validity of the TLS certificate used by the Falcon Admission Controller |
| admissionConfig.failurePolicy | (optional) Configure the failure policy of the Falcon Admission Controller |
| admissionConfig.disabledNamespaces.namespaces | (optional) Configure the list of namespaces the Falcon Admission Controller validating webhook should ignore |
| admissionConfig.deployWatcher | (optional) Determines if falcon-watcher container is added to the Falcon Admission Controller Pod |
| admissionConfig.snapshotsEnabled | (optional) Determines if snapshots of Kubernetes resources are periodically taken for cluster visibility. |
| admissionConfig.snapshotsInterval | (optional) Time interval between two snapshots of Kubernetes resources in the cluster |
| admissionConfig.watcherEnabled | (optional) Determines if Kubernetes resources are watched for cluster visibility |
| admissionConfig.deployWatcher | (optional) Determines if the falcon-watcher container is added to the Falcon Admission Controller Pod |
| admissionConfig.snapshotsEnabled | (optional) Determines if snapshots of Kubernetes resources are periodically taken for cluster visibility in. Requires falcon-watcher container. |
| admissionConfig.snapshotsInterval | (optional) Time interval between two snapshots of Kubernetes resources in the cluster. Requires falcon-watcher container. |
| admissionConfig.watcherEnabled | (optional) Determines if Kubernetes resources are watched for cluster visibility. Requires falcon-watcher container. |
| admissionConfig.replicas | (optional) Currently ignored and internally set to 1 |
| admissionConfig.imagePullPolicy | (optional) Configure the image pull policy of the Falcon Admission Controller |
| admissionConfig.imagePullSecrets | (optional) Configure the image pull secrets of the Falcon Admission Controller |
Expand Down

0 comments on commit d343a0f

Please sign in to comment.