From 738896b356c4c246f307aa2e1fdfdf2838f494f8 Mon Sep 17 00:00:00 2001
From: Adrien Reslinger <adrien@reslinger.net>
Date: Sat, 5 Jun 2021 10:51:19 +0200
Subject: [PATCH] Update for falco

---
 tasks/cluster_kubeadm.yml                            | 1 +
 templates/etc/kubernetes/audit-webhook-kubeconfig.j2 | 6 +++---
 templates/kubeadm-config.yaml.j2                     | 2 +-
 3 files changed, 5 insertions(+), 4 deletions(-)

diff --git a/tasks/cluster_kubeadm.yml b/tasks/cluster_kubeadm.yml
index 74f6ec2..a6fbc51 100644
--- a/tasks/cluster_kubeadm.yml
+++ b/tasks/cluster_kubeadm.yml
@@ -136,6 +136,7 @@
     mode: 0644
   with_items:
     - "systemd/system/kubelet.service.d/0-kubelet-extra-args.conf"
+    - "systemd/system/kubelet.service.d/11-cgroups.conf"
     - "sysconfig/kubelet"
   when:
     - ansible_service_mgr == "systemd"
diff --git a/templates/etc/kubernetes/audit-webhook-kubeconfig.j2 b/templates/etc/kubernetes/audit-webhook-kubeconfig.j2
index 7cc1cb4..781d08c 100644
--- a/templates/etc/kubernetes/audit-webhook-kubeconfig.j2
+++ b/templates/etc/kubernetes/audit-webhook-kubeconfig.j2
@@ -1,9 +1,9 @@
 apiVersion: v1
 kind: Config
 clusters:
-- cluster:
-    server: http://<ip_of_falco>:8765/k8s_audit
-  name: falco
+- name: falco
+  cluster:
+    server: http://$FALCO_SERVICE_CLUSTERIP:8765/k8s-audit
 contexts:
 - context:
     cluster: falco
diff --git a/templates/kubeadm-config.yaml.j2 b/templates/kubeadm-config.yaml.j2
index 8395875..905d188 100644
--- a/templates/kubeadm-config.yaml.j2
+++ b/templates/kubeadm-config.yaml.j2
@@ -69,8 +69,8 @@ apiServer:
     audit-log-maxsize: "100"
 {% if false %}
 # Falco
-    audit-policy-file: "/etc/kubernetes/policies/k8s_audit_rules.yaml"
     audit-webhook-config-file: "/etc/kubernetes/policies/audit-webhook-kubeconfig"
+    audit-webhook-batch-max-wait: "5s"
 {% endif %}
   extraVolumes:
   - name: "audit-log"