Skip to content

GKE with COS and Ubuntu

Overview

This user journey guides you to install and verify the compatibility of Cilium on GKE with COS and Ubuntu by applying policies on kubernetes workloads.

Step 1: Install Daemonsets & Services

curl -s https://raw.githubusercontent.com/accuknox/tools/main/install.sh | bash

Note: This will Install all the components.

Step 2: Verify the Installation

Kubectl get pods -A

Alt

Step 3: Install sample K8's Application

kubectl apply -f https://raw.githubusercontent.com/kubearmor/KubeArmor/main/examples/wordpress-mysql/wordpress-mysql-deployment.yaml

Step 4: Verify the Installation

kubectl get pods -n wordpress-mysql

Alt

Step 5: Get Auto discovered policies

curl -s https://raw.githubusercontent.com/accuknox/tools/main/get_discovered_yamls.sh | bash

Alt

Step 6: Applying Auto discovered policies on Cluster

These policies can then be applied on the k8s cluster running Cilium.

Auto-discovery-policy service will audit the process and network and will give policies to allow only those processes and network.

Apply Cilium policy:

kubectl apply -f cilium_policies.yaml

To list applied policies,

kubectl get ksp,cnp -A
Alt

To uninstall all the services Installed:

curl -s https://raw.githubusercontent.com/accuknox/tools/main/uninstall.sh | bash

kubectl delete -f https://raw.githubusercontent.com/kubearmor/KubeArmor/main/examples/wordpress-mysql/wordpress-mysql-deployment.yaml
Back to top