Skip to main content

Installing the Console on Kubernetes

  • Updated

Requirements

  • kubectl v1.18 or higher
  • eksctl (optional)
  • Google Cloud Platform service account key file which will be provided to you by Capsule8
    • Save the key file provided to you by Capsule8 file locally to ~/.capsule8/service-account.json 
    • Make a note of the email address in that file. 
  • Additional requirement can be found here 

The Kubernetes manifest yaml file will install the Capsule8 Console, Capsule8 Sensor, and a Postgres database for evaluation purposes.

Steps to Installing the Console on Kubernetes

Please perform the following steps as shown below:

1. Initial Setup Verification

Before starting, verify that kubectl is configured to point to your target installation cluster

# Verify the correct cluster is selected
$ kubectl config current-context

2. Create Kubernetes Secret

Set an environment variable in the terminal that you plan on using:

$ export CAPSULE8_SERVICE_ACCOUNT_EMAIL=${SERVICE_ACCOUNT_EMAIL}

Replace ${SERVICE_ACCOUNT_EMAIL} with the email from your service account key file before running the following kubectl command to create a new Kubernetes Secret. This secret will be used to authenticate your kubelet so that it can pull from our private container registry.

$ kubectl create secret docker-registry capsule8-registry-secret  \
  --docker-username=_json_key                                     \
  --docker-server=https://us.gcr.io                               \
  --docker-email=$CAPSULE8_SERVICE_ACCOUNT_EMAIL                  \
  --docker-password="$(cat ~/.capsule8/service-account.json)"

Now run the below command to see your new Secret:

$ kubectl get secrets

You should now see your new Secret. This secret will be used to authenticate your kubelet so that it can pull from our private container registry although other registries can be used.

Note: Please note that access is granted specifically for our manifests which references the K8s docker-registry capsule8-registry-secret

3. Apply the Manifest

Download a copy of the manifest provided by Capsule8 and apply it:

# Apply the manifest to create the initial resources
$ kubectl apply -f https://capsule8-assets.s3.amazonaws.com/latest/sensor-console-manifest.yaml
# Wait for the pods to come online
$ kubectl get pods -w
# Port forward the Capsule8 Console
$ kubectl port-forward service/capsule8-console 8080:3030

Open http://localhost:8080 in a browser to access the Console.

Notes:

  • It is recommended that all production deployments use a managed service for the database (e.g. AWS RDS) instead.
  • If you do not already have a test cluster, Capsule8 recommends using eksctl to spin up an EKS cluster which can be as simple as running $ eksctl create cluster. For more information on eksctl, see the official AWS documentation
Was this article helpful?
0 out of 0 found this helpful
Return to top

Related articles

Comments

0 comments

Please sign in to leave a comment.