<< PREVIOUS NEXT >> 

 

CD PHASE

  1. Create a secret for Virsec Container Registry using the below command:

    1. kubectl create secret docker-registry regcred --docker-server="vartifacts.jfrog.io" --docker-username="<Virsec_Artifactory_username>" --docker-password="<Virsec_Artifactory_password>" -n <Target_Namepace>

       

  2. Create a secret for Application Container Registry using the below command (if  required):

    1. kubectl create secret docker-registry regcred-app --docker-server="<Docker_Server>" --docker-username="<Docker_username>" --docker-password="<Docker_password>" -n <Target_Namepace>

       

  3. Create Configuration for VSP-Host only

    1. Config Map for Debian Buster Slim containers:

      1. mkdir deb_buster_slim

         

         

      2. cd deb_buster_slim

         

         

      3. wget http://<LFR_IPAddress>/vsp/ld.so.preload

         

      4. wget http://<LFR_IPAddress>/vsp/entrypoint_virsec_host.sh

         

      5. wget http://<LFR_IPAddress>/vsp/debian/10/libvsp-hmm-agent.so

         

      6. kubectl create configmap vsp-hmm-deb-buster-slim --from-file ld.so.preload --from-file entrypoint_virsec_host.sh --from-file libvsp-hmm-agent.so

         

  4. Patch the yaml file

    1. Log in to the Artifactory site using Virsec-provided credentials from the local machine

    2. Navigate to the directory vsp > ReleaseNumber > Helm and download the below files

      1. vsp_vdt_cd_kustom.sh

      2. vsp_vdt_cd_kustom_wrapper.sh

      3. VSP_Kustomization_Template.csv

    3. Modify the file VSP_Kustomization_Template.csv with the below content

Picture 41

 

metadata-name

kind

container-name

container-image

configmap

host-only

alpine

yaml-file-location

gitlab-gitaly

StatefulSet

gitaly

registry.gitlab.com/gitlab-org/build/cng/gitaly:v13.12.0

vsp-hmm-deb-buster-slim

1

0

./gitlab/charts/gitlab/charts/gitaly/templates/statefulset.yml

gitlab-gitlab-exporter

Deployment

gitlab-exporter

registry.gitlab.com/gitlab-org/build/cng/gitlab-exporter:10.2.0

vsp-hmm-deb-buster-slim

1

0

./gitlab/charts/gitlab/charts/gitlab-exporter/templates/deployment.yaml

gitlab-gitlab-shell

Deployment

gitlab-shell

registry.gitlab.com/gitlab-org/build/cng/gitlab-shell:v13.18.0

vsp-hmm-deb-buster-slim

1

0

./gitlab/charts/gitlab/charts/gitlab-shell/templates/deployment.yaml

gitlab-postgresql

StatefulSet

gitlab-postgresql

docker.io/bitnami/postgresql:11.9.0

vsp-hmm-deb-buster-slim

1

0

./gitlab/charts/postgresql/templates/statefulset.yaml

gitlab-redis-master

StatefulSet

redis

docker.io/bitnami/redis:6.0.9-debian-10-r0

vsp-hmm-deb-buster-slim

1

0

./gitlab/charts/redis/templates/redis-master-statefulset.yaml

gitlab-redis-master

StatefulSet

metrics

docker.io/bitnami/redis-exporter:1.12.1-debian-10-r11

vsp-hmm-deb-buster-slim

1

0

./gitlab/charts/redis/templates/redis-master-statefulset.yaml

gitlab-registry

Deployment

registry

registry.gitlab.com/gitlab-org/build/cng/gitlab-container-registry:v3.2.1-gitlab

vsp-hmm-deb-buster-slim

1

0

./gitlab/charts/registry/templates/deployment.yaml

gitlab-sidekiq-all-in-1-v1

Deployment

sidekiq

vartifacts.jfrog.io/virsec/gitlab-sidekiq-ee:v13.12.0

none

0

0

./gitlab/charts/gitlab/charts/sidekiq/templates/deployment.yaml

gitlab-task-runner

Deployment

task-runner

registry.gitlab.com/gitlab-org/build/cng/gitlab-task-runner-ee:v13.10.2

vsp-hmm-deb-buster-slim

1

0

./gitlab/charts/gitlab/charts/task-runner/templates/deployment.yaml

gitlab-webservice-default

Deployment

webservice

vartifacts.jfrog.io/virsec/gitlab-webservice-ee:v13.10.2

none

0

0

./gitlab/charts/gitlab/charts/webservice/templates/deployment.yaml

gitlab-webservice-default

Deployment

gitlab-workhorse

registry.gitlab.com/gitlab-org/build/cng/gitlab-workhorse-ee:v13.12.0

vsp-hmm-deb-buster-slim

1

0

./gitlab/charts/gitlab/charts/webservice/templates/deployment.yaml

Table – VSP_Kustomization_Template.csv values

  1. Use either Method 1 or 2 described below

METHOD 1: USING SCRIPT

  1. cd rendered

     

     

  2. ./vsp_vdt_cd_kustom_wrapper.sh -c VSP_Kustomization_Template.csv -s regcred-app

     

METHOD 2: USING DOCKER COMMAND

  1. docker run -it --rm -v /home/ubuntu/myapp/:/kustom-base -v /home/ubuntu/myapp/VSP_Kustomization_Template.csv:/input.csv -v /home/ubuntu/myapp/vsp_sidecar_frag.yaml:/kustom-base/vsp_sidecar_frag.yaml -e IMAGE_PULL_SECRET=app-regcred vartifacts.jfrog.io/virsec/vsp-cd:2.5.0

     

<< PREVIOUS NEXT >>