The Lacework agent can be deployed across a Kubernetes cluster as a daemonset. Lacework supports the following release combinations:
| Kubernetes Release |
| v1.7.11 |
| v1.8.x |
| v1.9.x |
| v1.10.x |
| v1.11.x |
If you are using a different combination of releases, please contact Lacework for assistance. To begin deployment, download the 2 Kubernetes YAML files from the agent tab in the Lacework Console.
- Using the kubectl command line interface, add the Lacework configuration file into the cluster:
$ kubectl create -f lacework-cfg-k8s.yaml
- Instruct the Kubernetes orchestrator to deploy an agent on all nodes in the cluster, including the master:
$ kubectl create -f lacework-k8s.yaml
Repeat the above for each Kubernetes cluster.
To customize FIM or add tags in a kubernetes environment, config.json is embedded in the lacework-cfg-k8s.yaml file. You can edit the configuration section of the YAML file and push the revised lacework-cfg-k8s.yaml file to the cluster using:
$kubectl replace -f lw-k8s-cfg.yaml