The Lacework agent can be deployed across a Kubernetes cluster as a daemonset. Lacework supports the following release combinations:
| Kubernetes Release |
| v1.17.x |
| v1.16.x |
| v1.15.x |
| v1.14.x |
| v1.13.x |
| v1.12.x |
| v1.11.x |
| v1.10.x |
| v1.9.x |
Support for Kubernetes releases v1.8.x and v1.7.11 have been deprecated.
If you are using a different combination of releases, please contact Lacework for assistance.
Deploy on Kubernetes
-
In the Lacework Console, download the two Kubernetes YAML files. Select Settings > Agents. Either use an existing agent access token or create a new agent token by clicking + Create New. Click Install Options. Click each of the Kubernetes download icons.
-
Using the kubectl command line interface, add the Lacework configuration file into the cluster.
$ kubectl create -f lacework-cfg-k8s.yaml -
Instruct the Kubernetes orchestrator to deploy an agent on all nodes in the cluster, including the master.
$ kubectl create -f lacework-k8s.yaml -
Repeat the above steps for each Kubernetes cluster.
The config.json file is embedded in the lacework-cfg-k8s.yaml file. To customize FIM or add tags in a Kubernetes environment, edit the configuration section of the YAML file and push the revised lacework-cfg-k8s.yaml file to the cluster using the following command.
$ kubectl replace -f lw-k8s-cfg.yaml
Kubernetes Cluster Name
For information about how Lacework collects the cluster name from tags, see How Lacework Derives the Kubernetes Cluster Name.