From a794cc6469b2e89cd9da08bf30a8e4b54fa5681c Mon Sep 17 00:00:00 2001 From: kikiodazie Date: Thu, 17 Nov 2022 13:06:33 +0100 Subject: [PATCH] Update Cilium installation steps This commit removes the `cilium install` output and adds a proper explanation of the Cilium installation. Signed-off-by: Divine Odazie --- .../cilium-network-policy.md | 56 +++++++++---------- 1 file changed, 26 insertions(+), 30 deletions(-) diff --git a/content/en/docs/tasks/administer-cluster/network-policy-provider/cilium-network-policy.md b/content/en/docs/tasks/administer-cluster/network-policy-provider/cilium-network-policy.md index 74b8d2182e675..9a496d39a644a 100644 --- a/content/en/docs/tasks/administer-cluster/network-policy-provider/cilium-network-policy.md +++ b/content/en/docs/tasks/administer-cluster/network-policy-provider/cilium-network-policy.md @@ -41,44 +41,40 @@ minikube version: v1.5.2 minikube start --network-plugin=cni ``` -For minikube you can install Cilium using its CLI tool. Cilium will -automatically detect the cluster configuration and will install the appropriate -components for a successful installation: +For minikube you can install Cilium using its CLI tool. To do so, first download the latest +version of the CLI with the following command: ```shell curl -LO https://github.com/cilium/cilium-cli/releases/latest/download/cilium-linux-amd64.tar.gz +``` + +Then extract the downloaded file to your `/usr/local/bin` directory with the following command: + +```shell sudo tar xzvfC cilium-linux-amd64.tar.gz /usr/local/bin rm cilium-linux-amd64.tar.gz -cilium install -``` ``` -🔮 Auto-detected Kubernetes kind: minikube -✨ Running "minikube" validation checks -✅ Detected minikube version "1.20.0" -ℹī¸ Cilium version not set, using default version "v1.10.0" -🔮 Auto-detected cluster name: minikube -🔮 Auto-detected IPAM mode: cluster-pool -🔮 Auto-detected datapath mode: tunnel -🔑 Generating CA... -2021/05/27 02:54:44 [INFO] generate received request -2021/05/27 02:54:44 [INFO] received CSR -2021/05/27 02:54:44 [INFO] generating key: ecdsa-256 -2021/05/27 02:54:44 [INFO] encoded CSR -2021/05/27 02:54:44 [INFO] signed certificate with serial number 48713764918856674401136471229482703021230538642 -🔑 Generating certificates for Hubble... -2021/05/27 02:54:44 [INFO] generate received request -2021/05/27 02:54:44 [INFO] received CSR -2021/05/27 02:54:44 [INFO] generating key: ecdsa-256 -2021/05/27 02:54:44 [INFO] encoded CSR -2021/05/27 02:54:44 [INFO] signed certificate with serial number 3514109734025784310086389188421560613333279574 -🚀 Creating Service accounts... -🚀 Creating Cluster roles... -🚀 Creating ConfigMap... -🚀 Creating Agent DaemonSet... -🚀 Creating Operator Deployment... -⌛ Waiting for Cilium to be installed... + +After running the above commands, you can now install Cilium with the following command: + +```shell +cilium install ``` +Cilium will then automatically detect the cluster configuration and create and +install the appropriate components for a successful installation. +The components are: + +- Certificate Authority (CA) in Secret `cilium-ca` and certificates for Hubble (Cilium's observability layer). +- Service accounts. +- Cluster roles. +- ConfigMap. +- Agent DaemonSet and an Operator Deployment. + +After the installation, you can view the overall status of the Cilium deployment with the `cilium status` command. +See the expected output of the `status` command +[here](https://docs.cilium.io/en/stable/gettingstarted/k8s-install-default/#validate-the-installation). + The remainder of the Getting Started Guide explains how to enforce both L3/L4 (i.e., IP address + port) security policies, as well as L7 (e.g., HTTP) security policies using an example application.