<< PREVIOUS  NEXT >>

 

VSP COMPONENT INSTALLATION IN APPLICATION CONTAINER (CI PHASE)

 

For VSP Web or VSP Memory, the application base container is transformed into a new container with “-vsp” appended to the name. This transformation is performed by Virsec Deployment Tool (VDT). 

  1. Log in to the Kubernetes node that has access to the Application image, VSP LFR and VSP CMS

  2. Execute the below commands to  transform application container to VSP-integrated application container:

    1. mkdir -p vsp/<ApplicationName>

       

       

    2. cd vsp/<ApplicationName>

       

       

    3. wget http://<LFR_IPAddress>/vsp/vsp_vdt_ci.sh && chmod +x vsp_vdt_ci.sh

       

       

    4. For Help on the script usage:

      ./vsp_vdt_ci.sh -h

       

       

    5. Method 1: Interactive

       

      ./vsp_vdt_ci.sh -b <BaseImageName>

       

       

      1. When prompted, select the appropriate VSP Controller configuration:

        Provide “1” to install VSP Controller in application container

      2. Parameter: “-m”:  Provide “1” to modify the entrypoint of the container image and start the VSP services automatically. The default method used by VSP relies on an injected library to start the VSP services

    6. Method 2: Automated

       

      ./vsp_vdt_ci.sh -b <BaseImageName> -s <VSP Controller deployment type>

       

       

      1. Parameter: “-s”: Provide the VSP Controller Deployment Type as below:

        “1” to install VSP Controller in application container

      2. Parameter: “-m”: Provide “1” to modify the entrypoint of the container image and start the VSP services automatically. The default method used by VSP relies on an injected library to start the VSP services

    7. Parameter: “-u”: Use this parameter if CMS is deployed with custom certificates. Refer Section VSP CMS Deployment for more information

  3. To execute custom configuration steps, utilize the below optional parameters:

    1. Parameter: “-C”: Provide the configuration script file path. This script will be executed before the installation. Ensure that the file contains Dockerfile compatible instructions

      1. Sample Usage: ./vsp_vdt_ci.sh -C <PreInstallationConfigScript>

    2. Parameter: “-P”: Provide the configuration script file path. This script will be executed after the installation

      1. Sample Usage: ./vsp_vdt_ci.sh -P <PostInstallationConfigScript>

    3. These parameters can be utilized to set up proxy server for installation of dependencies and later revert the changes

  4. Once the script vsp_vdt_ci.sh is executed, a new application image with “-vsp” appended to the image name is created

  5. Verification: The application on CMS has the below icons: 

    1. Lock symbol – To prevent further updates on CMS

    2. Green Checkmark – To indicate CI tool execution

 

<< PREVIOUS  NEXT >>