GKE with COS and Ubuntu
Overview¶
This user journey guides you to install and verify the compatibility of Kuberarmor on GKE with COS and Ubuntu by applying policies on kubernetes workloads.
Step 1: Install Daemonsets & Services¶
curl -s https://raw.githubusercontent.com/accuknox/tools/main/install.sh | bash
Note: This will Install all the components.
Step 2: Verify the Installation¶
Kubectl get pods -A
Step 3: Install sample K8's Application¶
kubectl apply -f https://raw.githubusercontent.com/kubearmor/KubeArmor/main/examples/wordpress-mysql/wordpress-mysql-deployment.yaml
Step 4: Verify the Installation¶
kubectl get pods -n wordpress-mysql
Step 5: Get Auto discovered policies¶
curl -s https://raw.githubusercontent.com/accuknox/tools/main/get_discovered_yamls.sh | bash
Step 6: Applying Auto discovered policies on Cluster¶
These policies can then be applied on the k8s cluster running KubeArmor.
Auto-discovery-policy service will audit the process and network and will give policies to allow only those processes and network.
Apply Kubearmor policy:
kubectl apply -f kubearmor_policies_default_wordpress-mysql_wordpress_divgfyof.yaml
To uninstall all the services Installed:
curl -s https://raw.githubusercontent.com/accuknox/tools/main/uninstall.sh | bash
kubectl delete -f https://raw.githubusercontent.com/kubearmor/KubeArmor/main/examples/wordpress-mysql/wordpress-mysql-deployment.yaml