Skip to content

Commit 0f8db3c

Browse files
prmerger-automator[bot]prmerger-automator[bot]
authored
Merge pull request #224025 from nawolfin/patch-1
Update Defender profile resource limits
2 parents 4405e67 + c1c7c86 commit 0f8db3c

File tree

1 file changed

+2
-2
lines changed

1 file changed

+2
-2
lines changed

articles/defender-for-cloud/defender-for-containers-architecture.md

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -49,11 +49,11 @@ The **Azure Policy add-on for Kubernetes** collects cluster and workload configu
4949

5050
| Pod Name | Namespace | Kind | Short Description | Capabilities | Resource limits | Egress Required |
5151
|--|--|--|--|--|--|--|
52-
| microsoft-defender-collector-ds-* | kube-system | [DaemonSet](https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/) | A set of containers that focus on collecting inventory and security events from the Kubernetes environment. | SYS_ADMIN, <br>SYS_RESOURCE, <br>SYS_PTRACE | memory: 64Mi<br> <br> cpu: 60m | No |
52+
| microsoft-defender-collector-ds-* | kube-system | [DaemonSet](https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/) | A set of containers that focus on collecting inventory and security events from the Kubernetes environment. | SYS_ADMIN, <br>SYS_RESOURCE, <br>SYS_PTRACE | memory: 296Mi<br> <br> cpu: 360m | No |
5353
| microsoft-defender-collector-misc-* | kube-system | [Deployment](https://kubernetes.io/docs/concepts/workloads/controllers/deployment/) | A set of containers that focus on collecting inventory and security events from the Kubernetes environment that aren't bounded to a specific node. | N/A | memory: 64Mi <br> <br>cpu: 60m | No |
5454
| microsoft-defender-publisher-ds-* | kube-system | [DaemonSet](https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/) | Publish the collected data to Microsoft Defender for Containers backend service where the data will be processed for and analyzed. | N/A | memory: 200Mi  <br> <br> cpu: 60m | Https 443 <br> <br> Learn more about the [outbound access prerequisites](../aks/limit-egress-traffic.md#microsoft-defender-for-containers) |
5555

56-
\* resource limits aren't configurable
56+
\* Resource limits aren't configurable; Learn more about [Kubernetes resources limits](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/#resource-units-in-kubernetes)
5757

5858
## [**On-premises / IaaS (Arc)**](#tab/defender-for-container-arch-arc)
5959

0 commit comments

Comments
 (0)