Skip to content

Ubuntu 20.04

Overview

This user journey guides you to install and verify the compatibility of Kuberarmor on Ubuntu 20.04 with 5.13 Kernel Version by applying policies on kubernetes workloads.

Step 1: Install Kubearmor on VM

Install pre-requisites:

apt install bpfcc-tools linux-headers-$(uname -r)
wget https://github.com/kubearmor/KubeArmor/releases/download/v0.2.1/kubearmor_0.2.1_linux-amd64.deb && dpkg -i kubearmor_0.2.1_linux-amd64.deb

Alt

If above error occurs, Run:

apt --fix-broken install

Alt

Start and Check the status of Kubearmor:

sudo systemctl start kubearmor
sudo systemctl enable kubearmor
sudo systemctl status kubearmor

Alt

Step 2: Apply and Verify Kubearmor system policy

cat khp-example-vmname.yaml
apiVersion: security.kubearmor.com/v1
kind: KubeArmorHostPolicy
metadata:
  name: khp-02
spec:
  severity: 5
  file:
    matchPaths:
    - path: /proc/cpuinfo
  action:
    Block

karmor vm --kvms policy add khp-example-vmname.yaml
Output:

success

Note: With the above mentioned policy enforced in the VM, if a user tries to access /proc/cpuinfo file, user will see permission denied error and karmor log will show the alert log for blocking the file access.

Step 3: Violating the policy

cat /proc/cpuinfo

Alt

Verifying policy Violation logs:

curl -sfL https://raw.githubusercontent.com/kubearmor/kubearmor-client/main/install.sh | sudo sh -s -- -b /usr/local/bin
karmor log

Alt

Back to top