Quick Start Guide for Using KubeArmor on Oracle Marketplace
This guide will help you get started with KubeArmor from the Oracle Marketplace. Follow these steps to find, install, and start using our product. If you have any questions feel free to connect with KubeArmor community on slack.
KubeArmor support OKE, bringing it’s functionality and integration capabilities. For a more detailed explanation of this support, check out this post.
- Go to Oracle Marketplace Applications.
- In the search bar, type “kubearmor” and press Enter.
- Find KubeArmor in the search results and click on it to view the product details.
- Click the "Export Package" button on the product details page.
- Export the package to an existing or new reposirtory.
- After exporting, you'll need to configure the Helm chart to reference the images from the target repository where the package was exported.
- lets take a look at helm configurations of the KubeArmor helm chart to understand how the images are referenced.
oci_meta:
# oci registry "<host/namespace>"
repo: <ocir host/ tenant namespace>
# repositories
images:
#after rendering the image will be parsed as "repo/image:tag"
kubearmor:
image: kubearmor
tag: v1.3.2
kubearmorInit:
image: kubearmor-init
tag: v1.3.2
kubearmorRelay:
image: kubearmor-relay-server
tag: v1.2.1
kubearmorController:
image: kubearmor-controller
tag: v1.3.2
kubearmorSnitch:
image: kubearmor-snitch
tag: v1.3.2
kubearmorOperator:
image: kubearmor-operator
tag: v1.3.2
kubeRbacProxy:
image: kube-rbac-proxy
tag: v0.15.0
- To ensure you're referencing the correct image from the target repository, use the appropriate tag. For instance, if you imported the package into the “test-kubearmor” repository, the exported images will have a unique tag with a - suffix.
test-kubearmor (Private)
test-kubearmor:1.3.2
test-kubearmor:F47G5-pe2pq1ent5hi-xxx-kubearmor-operator-v1.3.2
test-kubearmor:IZZva-pe2pq1ent5hi-xxx-kubearmor-init-v1.3.2
test-kubearmor:JdCvI-pe2pq1ent5hi-xxx-kubearmor-controller-v1.3.2
test-kubearmor:RCpw8-pe2pq1ent5hi-xxx-kubearmor-v1.3.2
test-kubearmor:TrZxK-pe2pq1ent5hi-xxx-kubearmor-snitch-v1.3.2
test-kubearmor:WzucV-pe2pq1ent5hi-xxx-kubearmor-relay-server-v1.2.1
test-kubearmor:uXcpz-pe2pq1ent5hi-xxx-kube-rbac-proxy-v0.15.0
To reference the correct image for an application or microservice, match the tag with the suffix containing the application name and its tag. For example, to reference the image:
For example to reference the image:
kubearmorInit:
image: kubearmor-init
tag: v1.3.2
the complete image reference would be test-kubearmor:IZZva-pe2pq1ent5hi-xxx-kubearmor-init-v1.3.2.
Thus, the final Helm installation command will look like this:
helm install kubearmor oci://<ocir host>/test-kubearmor --version 1.3.2 \
--set oci_meta.repo="<ocir host>/<
--set oci_meta.images.kubearmor.
--set oci_meta.images.kubearmor.tag=
--set oci_meta.images.kubearmorInit.
--set oci_meta.images.kubearmorInit.
....
After Installing KubeArmor using helm, ensure all the applications and containers are up and running.
Kubectl get pods -n <release-namespace>
NAME READY STATUS RESTARTS AGE
kubearmor-operator-6b458f9779-764p6 1/1 Running 3 (46h ago) 12d
kubearmor-relay-5b5458dfd8-jvpq6 1/1 Running 3 (46h ago) 12d
kubearmor-controller-647bd659d4-rh594 2/2 Running 4 (46h ago) 2d
kubearmor-bpf-containerd-98c2c-glrff 1/1 Running 3 (46h ago) 12d
- After Installing KubeArmor.
- Explore the KubeArmor security policies and familiarize yourself with the features. Check out the sample policies provided here with getting started guide
- If you encounter issues or have questions, reach out to KubeArmor community at slack.
- Review our FAQs and Documentation for common questions and solutions.
