Follow the Getting started with Amazon EKS guide
Install eksctl on your local system
curl --silent --location "https://github.com/weaveworks/eksctl/releases/latest/download/eksctl_$(uname -s)_amd64.tar.gz" | tar xz -C /tmp
sudo mv /tmp/eksctl /usr/local/bin
eksctl version
KubeArmor needs kernel headers installed on each node, so we create an EKS cluster the following configuration
apiVersion: eksctl.io/v1alpha5
kind: ClusterConfig
metadata:
name: kubearmor-ub20
region: us-east-2
nodeGroups:
- name: ng-1
amiFamily: "Ubuntu2004"
desiredCapacity: 1
ssh:
allow: true
preBootstrapCommands:
- "sudo apt install linux-headers-$(uname -r)"Create it using eksctl
eksctl create cluster -f ./eks-config.yaml
Deploy KubeArmor using the following yaml file
kubectl apply -f https://raw.githubusercontent.com/kubearmor/KubeArmor/master/deployments/EKS/kubearmor.yaml
KubeArmor on RedHat based Linux distributions currently supports the audit mode only, which means that you are not able to enforce security policies while the events related to the policies can be audited.
KubeArmor needs kernel headers installed on each node, so we create an EKS cluster the following configuration
apiVersion: eksctl.io/v1alpha5
kind: ClusterConfig
metadata:
name: kubearmor-cluster
region: us-east-2
nodeGroups:
- name: ng-1
desiredCapacity: 2
ssh:
allow: true
preBootstrapCommands:
- "sudo yum install -y kernel-devel-$(uname --kernel-release)"Create it using eksctl:
eksctl create cluster -f ./eks-config.yaml
Deploy KubeArmor using the following yaml file
kubectl apply -f https://raw.githubusercontent.com/kubearmor/KubeArmor/master/deployments/EKS/kubearmor.yaml