295 lines
9.3 KiB
YAML
295 lines
9.3 KiB
YAML
questions:
|
|
- variable: node.enabled
|
|
description: "Deploy the Falcon Sensor to the Kubernetes nodes"
|
|
required: true
|
|
type: boolean
|
|
default: true
|
|
label: Deploy daemonset to nodes
|
|
group: "Falcon Node settings"
|
|
|
|
- variable: node.daemonset.updateStrategy
|
|
description: "Update strategy to role out new daemonset configuration to the nodes."
|
|
required: false
|
|
type: enum
|
|
options:
|
|
- RollingUpdate
|
|
- OnDelete
|
|
label: Container Image Repository
|
|
group: "Falcon Node settings"
|
|
|
|
- variable: node.daemonset.maxUnavailable
|
|
description: "Sets the max unavailable nodes. Default is 1 when no value exists."
|
|
required: false
|
|
type: int
|
|
default: 1
|
|
label: Max number of unavailable nodes
|
|
group: "Falcon Node settings"
|
|
|
|
- variable: node.image.repository
|
|
description: "URL of container image repository holding containerized Falcon sensor. Defaults to 'falcon-node-sensor'."
|
|
required: true
|
|
type: string
|
|
default: falcon-node-sensor
|
|
label: Image Repository
|
|
group: "Falcon Node settings"
|
|
|
|
- variable: node.image.tag
|
|
description: "Container registry image tag. Defaults to 'latest'."
|
|
required: true
|
|
type: string
|
|
default: "latest"
|
|
label: Image Tag
|
|
group: "Falcon Node settings"
|
|
|
|
- variable: node.image.pullPolicy
|
|
description: "The default image pullPolicy. Defaults to 'Always'."
|
|
required: false
|
|
type: enum
|
|
options:
|
|
- IfNotPresent
|
|
- Always
|
|
- Never
|
|
default: Always
|
|
label: Image pullPolicy
|
|
group: "Falcon Node settings"
|
|
|
|
- variable: node.image.pullSecrets
|
|
description: "Name of the pull secret to pull the container image. Conflicts with node.image.registryConfigJSON"
|
|
required: false
|
|
type: string
|
|
label: Pull Secret Name
|
|
group: "Falcon Node settings"
|
|
|
|
- variable: node.image.registryConfigJSON
|
|
description: "Value must be base64. This setting conflicts with node.image.pullSecrets. The base64 encoded string of the docker config json for the pull secret can be gotten through `$ cat ~/.docker/config.json | base64 -`"
|
|
required: false
|
|
type: string
|
|
label: Pull Secret as a base64 string
|
|
group: "Falcon Node settings"
|
|
|
|
- variable: container.enabled
|
|
description: "Deploy the Falcon Sensor to the Kubernetes pods as a sidecar"
|
|
required: true
|
|
type: boolean
|
|
default: false
|
|
label: Deploy sidecar sensor to pods
|
|
group: "Falcon Container settings"
|
|
|
|
- variable: container.image.repository
|
|
description: "URL of container image repository holding containerized Falcon sensor. Defaults to 'falcon-sensor'."
|
|
required: true
|
|
type: string
|
|
default: falcon-sensor
|
|
label: Image Repository
|
|
group: "Falcon Container settings"
|
|
|
|
- variable: container.image.tag
|
|
description: "Container registry image tag. Defaults to 'latest'."
|
|
required: true
|
|
type: string
|
|
default: "latest"
|
|
label: Image Tag
|
|
group: "Falcon Container settings"
|
|
|
|
- variable: container.image.pullPolicy
|
|
description: "The default image pullPolicy. Defaults to 'Always'."
|
|
required: false
|
|
type: enum
|
|
options:
|
|
- IfNotPresent
|
|
- Always
|
|
- Never
|
|
default: Always
|
|
label: Image pullPolicy
|
|
group: "Falcon Container settings"
|
|
|
|
- variable: container.image.pullSecrets.enable
|
|
description: "Enable pullSecrets to get container from registry that requires authentication."
|
|
required: false
|
|
type: boolean
|
|
default: false
|
|
label: Enable pullSecrets
|
|
group: "Falcon Container settings"
|
|
|
|
- variable: container.image.pullSecrets.namespaces
|
|
description: "Configure the list of namespaces that should have access to pull the Falcon sensor from a registry that requires authentication. This is a comma separated."
|
|
required: false
|
|
type: string
|
|
show_if: "container.image.pullSecrets.enable=true"
|
|
label: List of Namespaces for pullSecret
|
|
group: "Falcon Container settings"
|
|
|
|
- variable: container.image.pullSecrets.allNamespaces
|
|
description: "Attempt to create the Falcon sensor pull secret in all Namespaces instead of using 'container.image.pullSecrets.namespaces'"
|
|
required: false
|
|
type: boolean
|
|
default: false
|
|
show_if: "container.image.pullSecrets.enable=true"
|
|
label: Create pullSecret in all Namespaces
|
|
group: "Falcon Container settings"
|
|
|
|
- variable: container.image.pullSecrets.registryConfigJSON
|
|
description: "Value must be base64. The base64 encoded string of the docker config json for the pull secret can be gotten through `$ cat ~/.docker/config.json | base64 -`"
|
|
required: false
|
|
type: string
|
|
show_if: "container.image.pullSecrets.enable=true"
|
|
label: Pull Secret as a base64 string
|
|
group: "Falcon Container settings"
|
|
|
|
- variable: container.autoCertificateUpdate
|
|
description: "Auto-update the certificates every time there is an update"
|
|
required: false
|
|
type: boolean
|
|
default: true
|
|
label: Auto-update certificates
|
|
group: "Falcon Container settings"
|
|
|
|
- variable: container.autoDeploymentUpdate
|
|
description: "Update Webhook and roll out new Deployment on upgrade"
|
|
required: false
|
|
type: boolean
|
|
default: true
|
|
label: Update the webhook on upgrade
|
|
group: "Falcon Container settings"
|
|
|
|
- variable: container.azure.enabled
|
|
description: "Enable for AKS without the pulltoken option"
|
|
required: false
|
|
type: boolean
|
|
default: false
|
|
label: Configure AKS registry configuration
|
|
group: "Falcon Container settings"
|
|
|
|
- variable: container.azure.AzureConfig
|
|
description: "Path to the Kubernetes Azure config file on worker nodes"
|
|
required: false
|
|
type: string
|
|
default: "/etc/kubernetes/azure.json"
|
|
show_if: "container.azure.enabled=true"
|
|
label: Deploy sidecar sensor to pods
|
|
group: "Falcon Container settings"
|
|
|
|
- variable: container.disableNSInjection
|
|
description: "Disable injection for all Namespaces"
|
|
required: false
|
|
type: boolean
|
|
default: false
|
|
label: Disable Namespace injection
|
|
group: "Falcon Container settings"
|
|
|
|
- variable: container.disablePodInjection
|
|
description: "Disable injection for all Pods"
|
|
required: false
|
|
type: boolean
|
|
default: false
|
|
label: Disable Pod injection
|
|
group: "Falcon Container settings"
|
|
|
|
- variable: container.certExpiration
|
|
description: "Certificate validity duration in number of days"
|
|
required: false
|
|
type: int
|
|
default: 3650
|
|
label: Certificate validity
|
|
group: "Falcon Container settings"
|
|
|
|
- variable: container.injectorPort
|
|
description: "Configure the Injector Port"
|
|
required: false
|
|
type: int
|
|
default: 4433
|
|
label: Injector Port
|
|
group: "Falcon Container settings"
|
|
|
|
- variable: container.domainName
|
|
description: "For custom DNS configurations when .svc requires a domain for services"
|
|
required: false
|
|
type: string
|
|
label: Custom DNS domain name for webhook
|
|
group: "Falcon Container settings"
|
|
|
|
- variable: falcon.cid
|
|
description: "Configure your CrowdStrike Customer ID (CID)"
|
|
required: true
|
|
type: string
|
|
label: CrowdStrike Customer ID (CID)
|
|
group: "Falcon Sensor Settings"
|
|
|
|
- variable: falcon.apd
|
|
description: "App Proxy Disable (APD). Disables the Falcon sensor from using a proxy."
|
|
required: false
|
|
type: boolean
|
|
default: true
|
|
label: Enable using a proxy
|
|
group: "Falcon Sensor Settings"
|
|
|
|
- variable: falcon.aph
|
|
description: "App Proxy Hostname (APH). Uncommon in container-based deployments."
|
|
required: false
|
|
type: string
|
|
show_if: "falcon.apd=false"
|
|
label: Configure Proxy Host
|
|
group: "Falcon Sensor Settings"
|
|
|
|
- variable: falcon.app
|
|
description: "App Proxy Port (APP). Uncommon in container-based deployments."
|
|
required: false
|
|
type: string
|
|
show_if: "falcon.apd=false"
|
|
label: Configure Proxy Port
|
|
group: "Falcon Sensor Settings"
|
|
|
|
- variable: falcon.trace
|
|
description: "Options are [none|err|warn|info|debug]."
|
|
required: false
|
|
type: enum
|
|
options:
|
|
- none
|
|
- err
|
|
- warn
|
|
- info
|
|
- debug
|
|
label: Set logging trace level
|
|
default: none
|
|
group: "Falcon Sensor Settings"
|
|
|
|
- variable: falcon.feature
|
|
description: "Options to pass to the \"--feature\" flag. Options are [none,[enableLog[,disableLogBuffer[,disableOsfm[,emulateUpdate]]]]]"
|
|
required: false
|
|
type: string
|
|
label: Enable or disable certain sensor features
|
|
group: "Falcon Sensor Settings"
|
|
|
|
- variable: falcon.message_log
|
|
description: "Enable message log (true/false)"
|
|
required: false
|
|
type: boolean
|
|
default: false
|
|
label: Enable logging
|
|
group: "Falcon Sensor Settings"
|
|
|
|
- variable: falcon.billing
|
|
description: "Utilize default or metered billing. Should only be configured when needing to switch between the two."
|
|
required: false
|
|
type: enum
|
|
options:
|
|
- default
|
|
- metered
|
|
default: default
|
|
label: Configure Billing
|
|
group: "Falcon Sensor Settings"
|
|
|
|
- variable: falcon.tags
|
|
description: "Comma separated list of tags for sensor grouping. Allowed characters: all alphanumerics, '/', '-', '_', and ','."
|
|
required: false
|
|
type: string
|
|
label: Configure tags for sensor grouping
|
|
group: "Falcon Sensor Settings"
|
|
|
|
- variable: falcon.provisioning_token
|
|
description: "Used to protect the CID. Provisioning token value."
|
|
required: false
|
|
type: string
|
|
label: Set a provisioning installation token
|
|
group: "Falcon Sensor Settings"
|