Install CloudDefense Helm on a Kubernetes Cluster
Last updated
Last updated
A kubernetes cluster whose nodes have to linux/amd64 architecture
Helm (v3 or above)
Kubernetes Cluster (kubectl)
Minimum Requirement - 1 Node (2 vCPU 8 GB RAM)
Recommended Requirements - 2 Nodes (2 vCPUs 16 GB RAM)
Helm (v3 or above)
Managed Postgres Instance for ex. AWS RDS (db.r5.large)
Kubernetes Cluster (kubectl) On Demand Nodes in Node Groups with Labels
Node Groups Node Type
Node Groups Node Type
Download the kafka helm repo (bitnami)
Install kafka helm
clone https://github.com/CloudDefenseAI/charts create roles, role binding and service accounts
2. create secrets
3. add helm repo
4. Install cdefense
4. update/upgrade
In order to sign in with different identity providers (for ex. github), create ID and secrets
Create a New OAuth App
Homepage URL is the base_url
Authorization callback URL is https://{base_url}/auth/realms/cdefense/broker/github/endpoint
Create secrets on kubernetes cluster
Create a secret for authservice or use a yaml file
2. Restart authservice pod
Debugging and Troubleshooting
Pod Description Steps
| Node Groups | Node Type | Level | Min Nodes | Max Nodes |
|---|---|---|---|---|
external
t3.medium (2vCPU 4GB)
on-demand
1
4
auth
t3.medium (2vCPUs 4GB)
on-demand
1
4
api
c5.large (2vCPUs 4GB)
on-demand
1
4
web
t3.medium (2vCPUs 2GB)
on-demand
1
4
job
C6i.large (2vCPUs 4GB)
spot
1
4
