segfault if kubearmor is not running and DE is started
nyrahul opened this issue · 0 comments
nyrahul commented
Scenario: DE is started with KubeArmor enabled but KubeArmor is not installed. In this case, the DE goes into CrashLoopBackOff.
8:05PM INF usr/src/knox/src/libs/common.go:76 > BUILD-INFO: commit:ce80984, branch: dev, date: 2023-03-29T03:25:50Z, version: 0.1
8:05PM INF usr/src/knox/src/main.go:33 > NETWORK-POLICY: {OperationMode:1 OperationTrigger:5 CronJobTimeInterval:@every 0h0m10s OneTimeJobTimeSelection: NetworkLogLimit:10000 NetworkLogFrom:
kubearmor NetworkLogFile: NetworkPolicyTo:db NetworkPolicyDir:./ NsFilter:[] NsNotFilter:[kube-system] NetPolicyTypes:3 NetPolicyRuleTypes:1023 NetPolicyCIDRBits:32 NetLogFilters:[] NetPolic
yL3Level:1 NetPolicyL4Level:1 NetPolicyL7Level:1 NetSkipCertVerification:true}
8:05PM INF usr/src/knox/src/main.go:34 > CILIUM: {HubbleURL:hubble-relay.kube-system.svc.cluster.local HubblePort:80}
8:05PM INF usr/src/knox/src/main.go:35 > SYSTEM-POLICY: {OperationMode:1 OperationTrigger:5 CronJobTimeInterval:@every 0h0m10s OneTimeJobTimeSelection: SystemLogLimit:10000 SystemLogFrom:kub
earmor SystemLogFile: SystemPolicyTo:db SystemPolicyDir:./ SysPolicyTypes:7 DeprecateOldMode:true SystemLogFilters:[] NsFilter:[] NsNotFilter:[kube-system] FromSourceFilter:[knoxAutoPolicy]
ProcessFromSource:true FileFromSource:true}
8:05PM INF usr/src/knox/src/main.go:36 > KUBEARMOR: {KubeArmorRelayURL:kubearmor.kube-system.svc.cluster.local KubeArmorRelayPort:32767}
8:05PM INF usr/src/knox/src/networkpolicy/networkPolicy.go:2362 > Auto network policy discovery cron job started
8:05PM INF usr/src/knox/src/systempolicy/systemPolicy.go:1492 > Auto system policy discovery cron job started
8:05PM INF️️️ ️usr/src/knox/src/observability/observability.go:79 > Observability cron job started
8:05PM INF usr/src/knox/src/observability/observability.go:97 > Publisher cron job started
8:05PM INF usr/src/knox/src/recommendpolicy/recommendPolicy.go:73 > Recommended policy cron job started
panic: runtime error: index out of range [0] with length 0
goroutine 34 [running]:
github.com/accuknox/auto-policy-discovery/src/cluster.GetKubearmorRelayURL()
/usr/src/knox/src/cluster/k8sClientHandler.go:497 +0x185
github.com/accuknox/auto-policy-discovery/src/systempolicy.StartSystemLogRcvr()
/usr/src/knox/src/systempolicy/systemPolicy.go:1466 +0x53
created by github.com/accuknox/auto-policy-discovery/src/systempolicy.StartSystemCronJob
/usr/src/knox/src/systempolicy/systemPolicy.go:1481 +0x25