Skip to main content

Set up Agent Operator with Helm charts

Helm is a package manager for Kubernetes that helps manage Kubernetes applications. Helm uses charts to configure, install, and upgrade Kubernetes Operators. This is the recommended method of installation.

Before you begin

Make sure you have everything you need before you start:

Steps

  1. Run these Helm commands:

    helm repo add contrast https://contrastsecurity.dev/helm-charts
    helm repo update contrast
    helm show values contrast/contrast-agent-operator > contrast-agent-operator.yaml
  2. Add agent keys to the clusterDefaults section of the YAML file. You will also need to set the enabled: property to true.

    clusterDefaults:
      enabled: true
      url: YOUR_CONTRAST_URL
      apiKeyValue: YOUR_API_KEY
      serviceKeyValue: YOUR_AGENT_SERVICE_KEY
      userNameValue: YOUR_AGENT_USERNAME
      yaml: |-
        enable: true
  3. Run this Helm command:

    helm upgrade --install -f contrast-agent-operator.yaml contrast-agent-operator contrast/contrast-agent-operator

    The Helm notes include details on the labels to apply to your workloads, as shown in this example:

    Release "contrast-agent-operator" has been upgraded. Happy Helming!
    NAME: contrast-agent-operator
    LAST DEPLOYED: Tue Jul  2 12:04:40 2024
    NAMESPACE: default
    STATUS: deployed
    REVISION: 4
    TEST SUITE: None
    NOTES:
    contrast-agent-operator version 1.4.0 deployed!
    ✅ 6 injectors have been deployed to namespace: default
      To use with your workloads:
    
      contrast-java-injector (java):
        ⎈ kubectl label deployment/<your_deployment_name> contrast-agent=java
    
      contrast-dotnet-core-injector (dotnet-core):
        ⎈ kubectl label deployment/<your_deployment_name> contrast-agent=dotnet-core
    
      contrast-nodejs-injector (nodejs):
        ⎈ kubectl label deployment/<your_deployment_name> contrast-agent=nodejs
    
      contrast-nodejs-esm-injector (nodejs-esm):
        ⎈ kubectl label deployment/<your_deployment_name> contrast-agent=nodejs-esm
    
      contrast-php-injector (php):
        ⎈ kubectl label deployment/<your_deployment_name> contrast-agent=php
    
      contrast-python-injector (python):
        ⎈ kubectl label deployment/<your_deployment_name> contrast-agent=python
    
    
    ✅ Cluster agent defaults deployed
    
    👀 To watch the operator logs:
        ⎈ kubectl logs -f -l app.kubernetes.io/part-of=contrast-agent-operator --namespace contrast-agent-operator
    
    📄 More documentation: https://docs.contrastsecurity.com/en/agent-operator.html
    
    🙋 Get support: https://support.contrastsecurity.com / support@contrastsecurity.com
  4. Label your deployments by using the values from the table.

    Tip

    Run the kubectl get deployments command to also find the deployment names.

    Example commands for labeling a deployment:

    Run:

    kubectl get deployments

    Get an output (for example):

    NAME                READY   UP-TO-DATE   AVAILABLE   AGE
    app1-deployment     0/3     0            0           1s

    Then run the following command:

    kubectl label deployment app1-deployment contrast-agent=java