Skip to content

Ubuntu 20.04

Overview

This user journey guides you to install and verify the compatibility of Kuberarmor on Ubuntu 20.04 with 5.13 Kernel Version by applying policies on VM workloads.

Step 1: Install Kubearmor on VM

Install pre-requisites:

sudo apt update && sudo apt upgrade
sudo apt install make llvm clang libelf-dev linux-headers-generic
sudo apt install bpfcc-tools linux-headers-$(uname -r)

For bpftool install any of the packages for system environment:

 sudo apt install linux-intel-iotg-5.15-tools-common
 sudo apt install linux-oem-5.6-tools-common
 sudo apt install linux-tools-common
 sudo apt install linux-iot-tools-common
 sudo apt install linux-tools-gcp
 sudo apt install linux-cloud-tools-gcp

To install KubeArmor:

Note: Copy this whole below command and run it in your terminal.

curl -s https://api.github.com/repos/kubearmor/KubeArmor/releases/latest \
| grep "browser_download_url.*deb" \
| cut -d : -f 2,3 \
| tr -d \" \
| wget -qi -
sudo dpkg -i kubearmor_*_linux-amd64.deb

Alt

If above error occurs, Run:

sudo apt --fix-broken install

Alt

Start and Check the status of Kubearmor:

sudo systemctl start kubearmor
sudo systemctl enable kubearmor
sudo systemctl status kubearmor

Alt

Step 2: Apply and Verify Kubearmor system policy

cat khp-example-vmname.yaml
apiVersion: security.kubearmor.com/v1
kind: KubeArmorHostPolicy
metadata:
  name: khp-02
spec:
  severity: 5
  file:
    matchPaths:
    - path: /proc/cpuinfo
  action:
    Block

karmor vm --kvms policy add khp-example-vmname.yaml
Output:

success

Note: With the above mentioned policy enforced in the VM, if a user tries to access /proc/cpuinfo file, user will see permission denied error and karmor log will show the alert log for blocking the file access.

Step 3: Violating the policy

cat /proc/cpuinfo

Alt

Verifying policy Violation logs:

curl -sfL https://raw.githubusercontent.com/kubearmor/kubearmor-client/main/install.sh | sudo sh -s -- -b /usr/local/bin
karmor log

Alt

Back to top