Skip to content

Installing Agents

The following agents to get started:

Shared Informer Agent

Installation Guide

This agent authenticates with your cluster and collects information regarding entities like nodes,pods,namespaces

Command to create a namespace

kubectl create namespace <namespace-name>

Commands to create cluster role

kubectl create clusterrole <cluster-role-name> 

YAML to create service account

Note: Service Account Name and Namespace should be the same while creating role binding.

apiVersion: v1
kind: ServiceAccount
  name: accuknox-agents
  namespace: accuknox-agents
- name: accuknox-agent-secrets

Apply Yaml

kubectl apply -f <yaml-file-name> -n <namespace>

Create cluster role binding

kubectl create clusterrolebinding <cluster-rolebinding-name> 

Command for installing shared-informer-agent

kubectl apply -f -n <namespace-name>

Apply yaml file

kubectl apply -f <name-of-yaml-file>


Installation Guide

This agent is used to apply network policies

For managed environment (GKE):

Command to Extract the Cluster CIDR to enable native-routing

NATIVE_CIDR=$(gcloud container clusters describe $CLUSTER_NAME --zone $CLUSTER_ZONE --format 'value(clusterIpv4Cidr)')
Setup Helm repository

helm repo add cilium

Deploy Cilium release via Helm

helm install cilium cilium/cilium --version 1.9.8 \ 
--namespace kube-system \ 
--set nodeinit.enabled=true \ 
--set nodeinit.reconfigureKubelet=true \ 
--set nodeinit.removeCbrBridge=true \ 
--set cni.binPath=/home/kubernetes/bin \ 
--set gke.enabled=true \ 
--set ipam.mode=kubernetes \ 
--set nativeRoutingCIDR=$NATIVE_CIDR


Installation Guide

Trains a model based on container workload type. It constantly monitors the syscalls happening inside the container. After training, if the vae sees syscalls happening in a way not seen in training phase, it will send high reconstruction error with detailed forensics information.

Deploy KubeArmor for GKE

kubectl apply -f```

Deploy KubeArmor Host Policy

kubectl apply -f

Deploy KubeArmor Policy

kubectl apply -f ```

Feeder Service

Installation Guide

Feeder service deployment that collects feeds from Kubearmor and Cilium

Download the YAML file


Copy paste the values into the above YAML File

Append the following code at the end of the YAML file

Note: Note: kindly maintain the indentation of the code.

        value: ""
      - name: KAFKA_PORT
        value: "9095"
      - name: HUBBLE_URL
        value: "hubble-relay.kube-system.svc.cluster.local"
      - name: HUBBLE_PORT
        value: "80"
      - name: KUBEARMOR_URL
        value: "kubearmor.kube-system.svc.cluster.local
      - name: KUBEARMOR_PORT
        value: "32767"
        value: "/home/feeder-service/ca.pem"
        value: "/home/feeder-service/user.p12"
        value: "REhtSHdOWXkyMkF0"

Apply the YAML file

kubectl apply -f <yaml file name> -n <namespace>

Set the env of Feeder Service

kubectl set env deploy/feeder -n feeder-service tenant_id=51 cluster_id=345
Back to top