Cilium

To use Airlock Microgateway in your Kubernetes cluster with Cilium, follow this guide to deploy the Airlock Microgateway Operator and its resources.

Deploy Airlock Microgateway

  1. Install Cilium according to the documentation (Cilium) Documentation.
  2.  
    Notice

    The Helm value cni.exclusive must be false for the Microgateway CNI plugin to work correctly.

  3.  
    Notice

    Currently we do not support the kube-proxy replacement.

  4. Depending on which Kubernetes distribution you are using, complete the instructions in the corresponding installation guide:
  6. Test Cilium. Use the Cilium CLI tool to verify connectivity.
  7.  
    Terminal box
    cilium connectivity test
  8. Cilium CNI forwards the traffic and is visible using Hubble, and Airlock Microgateway should be up and running.

Prerequisites

  • To use Airlock Microgateway, a valid license is required. Airlock Microgateway is available in a Premium and a free Community edition. To request and configure/change a license, see the article Configuring and monitoring licenses.
  • Cilium has been deployed as described in their documentation (Cilium) Documentation.

What's next

After deploying the Airlock Microgateway Operator in your Kubernetes Cluster, finalizing steps are required.

  1. Configure/change the Airlock Microgateway license. See article Configuring and monitoring licenses.
  2. Annotate the web application Pods to protect as explained in Labels and annotations for Airlock Microgateway.
  3. Create the CustomResources to configure the Airlock Microgateway as outlined in Configuration.