Skip to content

Latest commit

 

History

History
90 lines (74 loc) · 3.39 KB

kubernetes.md

File metadata and controls

90 lines (74 loc) · 3.39 KB

Kubernetes

Requirements

Setup

Create a Kubernetes Cluster to deploy Anchore Enterprise. In this example I use Kind, but feel free to use your own.

cat <<EOF | kind create cluster --config=-
kind: Cluster
apiVersion: kind.x-k8s.io/v1alpha4
name: anchore
nodes:
- role: control-plane
  image: kindest/node:v1.29.4@sha256:3abb816a5b1061fb15c6e9e60856ec40d56b7b52bcea5f5f1350bc6e2320b6f8
  extraPortMappings:
  - containerPort: 80
    hostPort: 80
    protocol: TCP
  - containerPort: 443
    hostPort: 443
    protocol: TCP
- role: worker
  image: kindest/node:v1.29.4@sha256:3abb816a5b1061fb15c6e9e60856ec40d56b7b52bcea5f5f1350bc6e2320b6f8
EOF

Ensure kubectl is installed and pointing to your cluster.

kubectl cluster-info
Kubernetes control plane is running at https://127.0.0.1:51735
CoreDNS is running at https://127.0.0.1:51735/api/v1/namespaces/kube-system/services/kube-dns:dns/proxy

Create a K8s namespace, which will be used to deploy Anchore Enterprise.

kubectl create namespace anchore

Store your License, DockerHub and Anchore Credentials as Kubernetes Secrets. These will be used by your Anchore Deployment. Be sure to change and to those you were supplied.

cd ./labs/Deployment

kubectl create secret generic anchore-enterprise-license \
--from-file=license.yaml=./license.yaml -n anchore

kubectl create secret docker-registry anchore-enterprise-pullcreds \
--docker-server=docker.io --docker-username=<your-docker-username> --docker-password=<your-docker-password> -n anchore

kubectl create secret generic anchore-enterprise-env \
--from-literal=ANCHORE_DB_HOST=anchore-postgresql --from-literal=ANCHORE_DB_NAME=anchore \
--from-literal=ANCHORE_DB_USER=anchore --from-literal=ANCHORE_DB_PORT=5432 \
--from-literal=ANCHORE_DB_PASSWORD=anchore-postgres,123 --from-literal=ANCHORE_ADMIN_PASSWORD=anchore12345 -n anchore

kubectl create secret generic anchore-enterprise-ui-env \
--from-literal=ANCHORE_APPDB_URI=postgres://anchore:anchore-postgres,123@anchore-postgresql:5432/anchore \
--from-literal=ANCHORE_REDIS_URI=redis://:anchore-redis,123@anchore-ui-redis-master:6379 -n anchore

Run Helm install to spin up Anchore Enterprise.

helm repo add anchore https://charts.anchore.io
helm install -n anchore anchore anchore/enterprise -f values.yaml --version 3.2.0 # 5.12.0

Run port forwarding to get access to the Anchore Enterprise Web UI.

kubectl port-forward svc/anchore-enterprise-ui -n anchore 3000:80

Run port forwarding to get access to the Anchore Enterprise API.

kubectl port-forward svc/anchore-enterprise-api -n anchore 8228:8228

Keep these port-forward commands running as you use Anchore Enterprise and AnchoreCTL/APIs

Access the Anchore Enterprise Web UI by visiting http://localhost:3000/ and use the following credentials to login:

  • username: admin
  • password: anchore12345

Next Step

Now that you have Anchore Enterprise operational, proceed to the next step of the lab.