Hi, everyone!
I'm joining DigitalOcean Kubernetes Challenge. The topic that I pick about "Deploy a security and compliance system". It's great!
Prerequisite tools:
- kubectl. Documentation about installation is here.
- doctl. Documentation about installation is here.
- helm. Documentation about installation is here.
Main step
- Make sure you are already installed
kubectl
,doctl
andhelm
. - Setup and create the DigitalOcean Managed Kubernetes cluster, if you didn't create if before. Want to know more? Visit the documentation here.
- Install Falco to kubernetes cluster. This is unusual step, since usually we install Falco in different machine to avoid interruption when the kubernetes cluster is compromised. To install to a machine, you can see here. To install within kubernetes cluster, we can see this document, this is the step that we will use and we will use helm.
Setup and Create DigitalOcean Managed Kubernetes cluster
I have video about setup and create DigitalOcean Managed Kubernetes cluster. After that, we setup kubectl to connect with the cluster.
Step by step summary:
- Install kubectl
- Install doctl
- Create DigitalOcean Managed Kubernetes cluster through the web interface
- Connectl kubectl to the created cluster using doctl
Setup Falco to kubernetes cluster
Step summary:
- Install falco using helm
- Check the cluster, should have pods with name
falco
and have running status.
Try Falco and check the logs
- I try to deploy nginx just as other pods. You can see here. The deployment file that I use and give name
deployment.yml
:
apiVersion: apps/v1
kind: Deployment
metadata:
name: nginx-deployment
labels:
app: nginx
spec:
replicas: 3
selector:
matchLabels:
app: nginx
template:
metadata:
labels:
app: nginx
spec:
containers:
- name: nginx
image: nginx:1.14.2
ports:
- containerPort: 80
Deploy the nginx,
kubectl apply -f deployment.yml
.Monitor logs the Falco pods.
Here is the video sample:
Thank you
Thank you. Hope you enjoy it! Any comments or suggestions? Feel free to comment below.
Top comments (0)