hadi2f244 · October 4, 2023 09:37
diff --git a/kubeshark b/kubeshark
 ```
 # start kubeshark on port 0.0.0.0:8899 for all namespaces and decrypt tls connection
 sudo kubeshark tap  --docker-registry nexus.hadiazad.local/kubeshark --proxy-host 0.0.0.0 --ignoretainted  --tls
 # Delete kubeshark deployments
 sudo kubeshark clean
 ```

 You can also change kubeshark config : 
 ```
 # create config file :
 sudo kubeshark config -r 
 # edit it 
 sudo vim /root/.kubeshark/config.yaml
 # Now you can just simply run kubeshark
 sudo kubeshark tap
 ```

 # Note: for air-gapped env you can use following config. Also, open 8899,8898,8897 on masters and workers on undelay firewall.

 # Custom config (include custom helm repo and regsitry)
 ```
 tap:
  docker:
    registry: nexus.hadiazad.local/kubeshark
    tag: latest
    imagepullpolicy: Always
    imagepullsecrets: []
  proxy:
    worker:
      srvport: 8897
    hub:
      port: 8898
      srvport: 8898
    front:
      port: 8899
    host: 0.0.0.0
  regex: .*
  namespaces: []
  release:
    repo: https://nexus.hadiazad.local/repository/helm.kubeshark.co
    name: kubeshark
    namespace: default
  persistentstorage: false
  storagelimit: 200Mi
  storageclass: standard
  dryrun: false
  pcap: ""
  resources:
    worker:
      limits:
        cpu: 750m
        memory: 1Gi
      requests:
        cpu: 50m
        memory: 50Mi
    hub:
      limits:
        cpu: 750m
        memory: 1Gi
      requests:
        cpu: 50m
        memory: 50Mi
  servicemesh: true
  tls: true
  packetcapture: libpcap
  ignoretainted: false
  labels: {}
  annotations: {}
  nodeselectorterms:
  - matchExpressions:
    - key: kubernetes.io/os
      operator: In
      values:
      - linux
  auth:
    enabled: false
    approvedemails: []
    approveddomains: []
  ingress:
    enabled: false
    classname: ""
    host: ks.svc.cluster.local
    tls: []
    annotations: {}
  ipv6: true
  debug: false
  telemetry:
    enabled: true
 logs:
  file: ""
 kube:
  configpath: ""
  context: ""
 dumplogs: false
 headless: true
 license: ""
 scripting:
  env: {}
  source: ""
  watchscripts: true
 ```
	```
	# start kubeshark on port 0.0.0.0:8899 for all namespaces and decrypt tls connection
	sudo kubeshark tap --docker-registry nexus.hadiazad.local/kubeshark --proxy-host 0.0.0.0 --ignoretainted --tls
	# Delete kubeshark deployments
	sudo kubeshark clean
	```

	You can also change kubeshark config :
	```
	# create config file :
	sudo kubeshark config -r
	# edit it
	sudo vim /root/.kubeshark/config.yaml
	# Now you can just simply run kubeshark
	sudo kubeshark tap
	```

	# Note: for air-gapped env you can use following config. Also, open 8899,8898,8897 on masters and workers on undelay firewall.

	# Custom config (include custom helm repo and regsitry)
	```
	tap:
	docker:
	registry: nexus.hadiazad.local/kubeshark
	tag: latest
	imagepullpolicy: Always
	imagepullsecrets: []
	proxy:
	worker:
	srvport: 8897
	hub:
	port: 8898
	srvport: 8898
	front:
	port: 8899
	host: 0.0.0.0
	regex: .*
	namespaces: []
	release:
	repo: https://nexus.hadiazad.local/repository/helm.kubeshark.co
	name: kubeshark
	namespace: default
	persistentstorage: false
	storagelimit: 200Mi
	storageclass: standard
	dryrun: false
	pcap: ""
	resources:
	worker:
	limits:
	cpu: 750m
	memory: 1Gi
	requests:
	cpu: 50m
	memory: 50Mi
	hub:
	limits:
	cpu: 750m
	memory: 1Gi
	requests:
	cpu: 50m
	memory: 50Mi
	servicemesh: true
	tls: true
	packetcapture: libpcap
	ignoretainted: false
	labels: {}
	annotations: {}
	nodeselectorterms:
	- matchExpressions:
	- key: kubernetes.io/os
	operator: In
	values:
	- linux
	auth:
	enabled: false
	approvedemails: []
	approveddomains: []
	ingress:
	enabled: false
	classname: ""
	host: ks.svc.cluster.local
	tls: []
	annotations: {}
	ipv6: true
	debug: false
	telemetry:
	enabled: true
	logs:
	file: ""
	kube:
	configpath: ""
	context: ""
	dumplogs: false
	headless: true
	license: ""
	scripting:
	env: {}
	source: ""
	watchscripts: true
	```