Requirements:
- helm
- kubectl
- curl
- Open the
0-config.envfile and configure each parameters - Open and edit
target_k8s_clusters.txtto list all your k8s cluster (to generate configs) - Open and edit
target_openshift_clusters.txtto list all your OpenShift clusters
To generate all files from the configuration defined in 0-config.env, run the command :
make
Once all of your templates/overlays/configs are ready, you can generate the manifest with Kustomize for a specific cluster.
For cluster : k8s-us-cluster-1:
kustomize build config/overlays/k8s-us-cluster-1/falcon-kubernetes-protection-agent
kustomize build config/overlays/k8s-us-cluster-1/falcon-sensorFor cluster : openshift-us-cluster-1:
kustomize build config/overlays/openshift-us-cluster-1/falcon-kubernetes-protection-agent
kustomize build config/overlays/openshift-us-cluster-1/falcon-sensorOpen the 0-config.env file and configure each parameters
Once your 0-config.env file is ready, you can run this command to generate everything.
makeDone via the script 1-generate_base_template.sh
This script is generating manifests from the Helm charts with some parameters :
- without hooking (
--no-hooks) - for Openshift manifest (
--api-versions "security.openshift.io/v1")
Done via the script 2-generate_overlays.sh
This script is reading file target_openshift_clusters.txt and target_k8s_clusters.txt to create all directories for each cluster listed in these files.
Done via the script 3-generate_configs.sh
This script is generating the default/base config files:
config/base/falcon-sensor/daemonset/config/falcon.env:- Default CID
- Default Tags
- Default Proxy
config/base/falcon-kubernetes-protection/secrets/.dockerconfigjson- Secret to pull Kubernetes Protection Agent from CrowdStrike Registry
config/base/falcon-kubernetes-protection/secrets/api-secret.env- API Client Secret for the Kubernetes Protection Agent to send data to CS Cloud
config/base/falcon-kubernetes-protection/config/api-client-id.env- API Client ID for the Kubernetes Protection Agent to send data to CS Cloud