GKE with COS and Ubuntu
Overview¶
This user journey guides you to install and verify the compatibility of Cilium on GKE with COS and Ubuntu by applying policies on kubernetes workloads.
Step 1: Install Daemonsets & Services¶
curl -s https://raw.githubusercontent.com/accuknox/tools/main/install.sh | bash
Note: This will Install all the components.
Step 2: Verify the Installation¶
Kubectl get pods -A
Step 3: Install sample K8's Application¶
kubectl apply -f https://raw.githubusercontent.com/kubearmor/KubeArmor/main/examples/wordpress-mysql/wordpress-mysql-deployment.yaml
Step 4: Verify the Installation¶
kubectl get pods -n wordpress-mysql
Step 5: Get Auto discovered policies¶
curl -s https://raw.githubusercontent.com/accuknox/tools/main/get_discovered_yamls.sh | bash
Step 6: Applying Auto discovered policies on Cluster¶
These policies can then be applied on the k8s cluster running Cilium.
Auto-discovery-policy service will audit the process and network and will give policies to allow only those processes and network.
Apply Cilium policy:
kubectl apply -f cilium_policies.yaml
To list applied policies,
kubectl get ksp,cnp -A

To uninstall all the services Installed:
curl -s https://raw.githubusercontent.com/accuknox/tools/main/uninstall.sh | bash
kubectl delete -f https://raw.githubusercontent.com/kubearmor/KubeArmor/main/examples/wordpress-mysql/wordpress-mysql-deployment.yaml