Crowdsec helm chart is an open-source, lightweight agent to detect and respond to bad behaviours. ## Get Repo Info helm repo add crowdsec https://crowdsecurity.github.io/helm-charts helm repo update
## Installing the Chart Before installing the chart, you need to understand some concepts of Crowdsec. So you can configure well the chart and being able to parse logs and detect attacks inside your Kubernetes cluster. Here is a blog post about crowdsec in kubernetes. # Create namespace for crowdsec kubectl create ns crowdsec # Install helm chart with proper values.yaml config helm install crowdsec crowdsec/crowdsec -f crowdsec-values.yaml -n crowdsec
## Uninstalling the Chart helm delete crowdsec -n crowdsec
## Setup for High Availability Below a basic configuration for High availability # your-values.yaml # Configure external DB (https://docs.crowdsec.net/docs/configuration/crowdsec_configuration/#configuration-example) config: config.yaml.local: | db_config: type: postgresql user: crowdsec password: ${DB_PASSWORD} db_name: crowdsec host: 192.168.0.2 port: 5432 sslmode: require lapi: # 2 or more replicas for HA replicas: 2 # You can specify your own CS_LAPI_SECRET, or let the chart generate one. Length must be >= 64 secrets: csLapiSecret: <anyRandomSecret> # Specify your external DB password here extraSecrets: dbPassword: <externalDbPassword> persistentVolume: # When replicas for LAPI is greater than 1, two options, persistent volumes must be disabled, or in ReadWriteMany mode config: enabled: false # data volume is not required, since SQLite isn't used data: enabled: false # DB Password passed through environment variable env: - name: DB_PASSWORD valueFrom: secretKeyRef: name: crowdsec-lapi-secrets key: dbPassword