type
status
date
slug
summary
tags
category
password
1:Eraser 介绍
2:Eraser 安装
3:Eraser 架构
4:Eraser 实战
Option | Description | Default |
manager.runtime | The runtime to use for the manager's containers. Must be one of containerd, crio, or dockershim. It is assumed that your nodes are all using the same runtime, and there is currently no way to configure multiple runtimes. | containerd |
manager.otlpEndpoint | The endpoint to send OpenTelemetry data to. If empty, data will not be sent. | "" |
manager.logLevel | The log level for the manager's containers. Must be one of debug, info, warn, error, dpanic, panic, or fatal. | info |
manager.scheduling.repeatInterval | Use only when collector ando/or scanner are enabled. This is like a cron job, and will spawn an ImageJob at the interval provided. | 24h |
manager.scheduling.beginImmediately | If set to true, the fist ImageJob will run immediately. If false, the job will not be spawned until after the interval (above) has elapsed. | true |
manager.profile.enabled | Whether to enable profiling for the manager's containers. This is for debugging with go tool pprof. | false |
manager.profile.port | The port on which to expose the profiling endpoint. | 6060 |
manager.imageJob.successRatio | The ratio of successful image jobs required before a cleanup is performed. | 1.0 |
manager.imageJob.cleanup.delayOnSuccess | The amount of time to wait after a successful image job before performing cleanup. | 0s |
manager.imageJob.cleanup.delayOnFailure | The amount of time to wait after a failed image job before performing cleanup. | 24h |
manager.pullSecrets | The image pull secrets to use for collector, scanner, and remover containers. | [] |
manager.priorityClassName | The priority class to use for collector, scanner, and remover containers. | "" |
manager.nodeFilter.type | The type of node filter to use. Must be either "exclude" or "include". | exclude |
manager.nodeFilter.selectors | A list of selectors used to filter nodes. | [] |
components.collector.enabled | Whether to enable the collector component. | true |
components.collector.image.repo | The repository containing the collector image. | ghcr.io/eraser-dev/collector |
components.collector.image.tag | The tag of the collector image. | v1.0.0 |
components.collector.request.mem | The amount of memory to request for the collector container. | 25Mi |
components.collector.request.cpu | The amount of CPU to request for the collector container. | 7m |
components.collector.limit.mem | The maximum amount of memory the collector container is allowed to use. | 500Mi |
components.collector.limit.cpu | The maximum amount of CPU the collector container is allowed to use. | 0 |
components.scanner.enabled | Whether to enable the scanner component. | true |
components.scanner.image.repo | The repository containing the scanner image. | ghcr.io/eraser-dev/eraser-trivy-scanner |
components.scanner.image.tag | The tag of the scanner image. | v1.0.0 |
components.scanner.request.mem | The amount of memory to request for the scanner container. | 500Mi |
components.scanner.request.cpu | The amount of CPU to request for the scanner container. | 1000m |
components.scanner.limit.mem | The maximum amount of memory the scanner container is allowed to use. | 2Gi |
components.scanner.limit.cpu | The maximum amount of CPU the scanner container is allowed to use. | 0 |
components.scanner.config | The configuration to pass to the scanner container, as a YAML string. | See YAML below |
components.remover.image.repo | The repository containing the remover image. | ghcr.io/eraser-dev/remover |
components.remover.image.tag | The tag of the remover image. | v1.0.0 |
components.remover.request.mem | The amount of memory to request for the remover container. | 25Mi |
components.remover.request.cpu | The amount of CPU to request for the remover container. | 0 |
- 作者:Gitlayzer
- 链接:https://www.devops-engineer.com.cn/article/eraser_notes
- 声明:本文采用 CC BY-NC-SA 4.0 许可协议,转载请注明出处。
