Add support to monitoring agent to enable eBPF (Extended Berkeley Packet Filter) #132
Description
When attempting to deploy the agents to cluster nodes on RH CoreOS that have no public gateways enabled (and/or have outbound traffic disabled), the pods fail to come up with the error:
Download of sysdigcloud-probe for version 13.9.2 failed.
curl: (28) Failed to connect to download.sysdig.com port 443: Connection timed out
Cannot load the probe
This happens because the agent tries to connect to the kernel and for that it needs a kernel module (default behaviour):
- If not available in the machine already, it tries to build it with the kernel headers
- if kernel headers not available, it tries to download it
To fix this, we need the ability to set the helm values agent.ebpf.enabled and agent.ebpf.kind by exposing a new terraform boolean input variable called universal_ebpf (same way we did here).
It is important that the variable description mentions it requires kernel version 5.8+
We should also now ensure that there is at least 1 test that tests using RHCOS on nodes with no public access in this repo.
Ensure to expose in DA too.