Cloud Experts Documentation

Deploying Red Hat Advanced Cluster Security in ARO/ROSA

Last edited
Published
Authors
Roberto Carratalá, 
Connor Wooley
Tags: ACS ARO ROSA

This content is authored by Red Hat experts, but has not yet been tested on every supported configuration.

This document is based in the RHACS workshopexternal link (opens in new tab) and in the RHACS official documentation .

Prerequisites

  1. An ARO cluster or a ROSA cluster .

Set up the OpenShift CLI (oc)

  1. Download the OS specific OpenShift CLI from Red Hat

  2. Unzip the downloaded file on your local machine

  3. Place the extracted oc executable in your OS path or local directory

Login to ARO / ROSA

  • Login to your ARO / ROSA clusters with user with cluster-admin privileges.

Installing Red Hat Advanced Cluster Security in ARO/ROSA

For install RHACS in ARO/ROSA you have two options:

  • Option 1 - Manual Installation
  • Option 2 - Automated Installation using Ansible

Option 1 - Manual Installation

For install RHACS using the Option 1 - Manual installation:

  1. Follow the steps within the RHACS Operator Installation Workshopexternal link (opens in new tab) to install the RHACS Operator.

  2. Follow the steps within the RHACS Central Cluster Installation Workshopexternal link (opens in new tab) to install the RHACS Central Cluster.

  3. Follow the steps within the RHACS Secured Cluster Configurationexternal link (opens in new tab) , to import the ARO/ROSA cluster into RHACS.

Option 2 - Automated Installation using Ansible

For install the RHACS in ROSA/ARO you can use the rhacs-demo repositoryexternal link (opens in new tab) that will install RH-ACS using Ansible playbooks:

  1. Clone the rhacm-demo repo and install the galaxy collection:
ansible-galaxy collection install kubernetes.core
pip3 install kubernetes jmespath
git clone https://github.com/rh-mobb/rhacs-demo
cd rhacs-demo
  1. Deploy the RHACS with the ansible-playbook command:
ansible-playbook rhacs-install.yaml

This will install RHACS and also a couple of example Apps to demo. If you want just the plain RHACS installation, use the rhacs-only-install.yaml playbook.

Deploying Example Apps for demo RHACS

  1. Deploy some example apps for demo RHACS policies and violations:
oc new-project test

oc run shell --labels=app=shellshock,team=test-team \
--image=vulnerables/cve-2014-6271 -n test

oc run samba --labels=app=rce \
--image=vulnerables/cve-2017-7494 -n test

Interested in contributing to these docs?

Collaboration drives progress. Help improve our documentation The Red Hat Way.

GitHub Edit this page
Red Hat logo LinkedIn YouTube Facebook Twitter

Products

Tools

Try, buy & sell

Communicate

About Red Hat

We’re the world’s leading provider of enterprise open source solutions—including Linux, cloud, container, and Kubernetes. We deliver hardened solutions that make it easier for enterprises to work across platforms and environments, from the core datacenter to the network edge.

Subscribe to our newsletter, Red Hat Shares

Sign up now © 2023 Red Hat, Inc.