Deploy External S-TAP window

If your site uses Kubernetes to manage clusters, you can install and configure an External S-TAP from the Deploy External S-TAP window.

Deploy External S-TAP window

In the Deploy External S-TAP window, enter the required information in the tabs to deploy a new External S-TAP.
Note: For more information about creating the Master URL, Token, and Registry key, see Deploying External S-TAP from the Guardium UI.

When you are done, click Apply to save your changes or Create templates to generate yaml templates that you can use to manage External S-TAPs from Kubernetes.

When you select Create templates, Guardium generates two files, service.yaml and deployment.yaml. When you call these files from the Kubernetes command line, Kubernetes can manage persistent storage, load balancing, and other External S-TAP requirements.
Note: To use persistent storage with Kubernetes, make the following changes to Kubernetes and to the deployment.yaml file:
  1. In Kubernetes, create a persistent volume and a persistent volume claim. For PersistentVolumClaim, make sure that accessModes is set to ReadWriteMany to allow the volume to access all of the parallel containers in the deployment.
  2. In the deployment.yaml file, add the following information under spec:
    • containers includes volumeMounts and the following mountPath:
        containers:
            volumeMounts:
            - mountPath: "/persistent"
              name: mypd
    • volumes includes the name of the persistent volume and persistent volume claim. For example:
       volumes:
          - name: mypd
            persistentVolumeClaim:
              claimName: myclaim
  3. When you are done, apply the changes from kubectl:
    kubectl apply -f deployment.yaml
  4. Finally, make sure that persistent storage is deployed:
    kubectl get deployment

For more information, see the Kubernetes documentation.

The Deploy External S-TAP window displays the following tabs: