k3d dev script: add volumes to support twistlock defenders

General MR

Summary

Changes:

• Splits up the default args for k3d to improve readability + add comments on each option.
• Adds/modifies volumes to support Twistlock defenders - volumes will always be mounted to the k3d nodes but only used if defenders are deployed.
• Adds new SSH arg -o IdentitiesOnly=yes to ensure that only the identity passed in is used, preventing potential SSH errors

docs/assets/scripts/developer/k3d-dev.sh

@@ -115,7 +115,7 @@ while [ -n "$1" ]; do # while loop starts
       echo " -b   use BIG M5 instance. Default is t3.2xlarge"
       echo " -p   use private IP for security group and k3d cluster"
       echo " -m   create k3d cluster with metalLB"
-	  echo " -d   destroy related AWS resources"
+      echo " -d   destroy related AWS resources"
       echo " -h   output help"
       exit 0
   ;;
@@ -384,8 +384,15 @@ echo
 
 echo "creating k3d cluster"
 
-# Shared settings across all options
-k3d_command="k3d cluster create --servers 1  --agents 3 --volume /etc/machine-id:/etc/machine-id@server:*\;agent:* --k3s-arg \"--disable=traefik@server:0\"  --k3s-arg \"--disable=metrics-server@server:0\" --port 80:80@loadbalancer --port 443:443@loadbalancer --api-port 6443"
+# Shared k3d settings across all options
+# 1 server, 3 agents
+k3d_command="k3d cluster create --servers 1  --agents 3"
+# Volumes to support Twistlock defenders
+k3d_command+=" -v /etc:/etc@server:*\;agent:* -v /dev/log:/dev/log@server:*\;agent:* -v /run/systemd/private:/run/systemd/private@server:*\;agent:*"
+# Disable traefik and metrics-server
+k3d_command+=" --k3s-arg \"--disable=traefik@server:0\"  --k3s-arg \"--disable=metrics-server@server:0\""
+# Port mappings to support Istio ingress + API access
+k3d_command+=" --port 80:80@loadbalancer --port 443:443@loadbalancer --api-port 6443"
 
 # Add MetalLB specific k3d config
 if [[ "$METAL_LB" == true ]]; then