From 4d4ecb13d6048f68728958caab7ec2b7d6a2b198 Mon Sep 17 00:00:00 2001
From: Mayne0213 <bluemayne0213@icloud.com>
Date: Fri, 2 Jan 2026 19:17:53 +0900
Subject: [PATCH] FIX(falco): add NoExecute tolerations

- and enable Redis persistence
- Add NoExecute tolerations for master/control-plane nodes to run Falco
  DaemonSet on all nodes
- Enable Redis storage to persist index data across pod restarts
---
 falco/helm-values.yaml | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/falco/helm-values.yaml b/falco/helm-values.yaml
index 7035ed5..e9ed2e8 100644
--- a/falco/helm-values.yaml
+++ b/falco/helm-values.yaml
@@ -142,7 +142,7 @@ falcosidekick:
         memory: 512Mi
 
     redis:
-      storageEnabled: false
+      storageEnabled: true
       resources:
         requests:
           cpu: 10m
@@ -172,8 +172,12 @@ nodeSelector: {}
 tolerations:
   - effect: NoSchedule
     key: node-role.kubernetes.io/master
+  - effect: NoExecute
+    key: node-role.kubernetes.io/master
   - effect: NoSchedule
     key: node-role.kubernetes.io/control-plane
+  - effect: NoExecute
+    key: node-role.kubernetes.io/control-plane
 
 # Run as DaemonSet on all nodes
 daemonset: