Container Security – How to Quickly Install NeuVector 5 on OpenShift 4
NeuVector is a container security platform that provides comprehensive security for containerized applications allowing you to not only prevent attacks but also to actively protect your applications from unknown vulnerabilities by implementing behavioral-based Zero-Trust security policies.
In this blog post, we will walk through the steps of installing NeuVector on OpenShift 4 using the NeuVector Operator.
Step 1: Create a Namespace
- The first step is to create a namespace for NeuVector, which we are going to call “neuvector.” You can do this by running the following command:
oc new-project neuvector
Step 2: Install the NeuVector Operator
Next, we need to install the NeuVector-certified Operator from the OperatorHub. To do this, follow these steps:
- From the OpenShift Console, navigate to the OperatorHub
- Search for “neuvector” in the search bar
- Select the NeuVector Certified Operator, and a page will appear on the right; in there, click “Install”.
Please note the Community Operator can be used as well, regarding the Marketplace Operator, it is no longer maintained
- We only need to select “A specific namespace on the cluster” for it to be installed in the just created “neuvector” namespace and begin the installation.
- Click Install to start the installation process; this may take a few minutes.
Step 3: Create a NeuVector Instance
Once the NeuVector Operator is installed, we can create a new instance of NeuVector. Follow these steps:
- On the “Installed Operators” page
- Click on the “NeuVector Operator” to open the details page
- Click “Create Instance.”
- The default values should work fine for a dev/test environment but feel free to review the YAML if you wish to change any.
- Click “Create” to start the installation process
- Wait for the Installation to Complete
The installation process for NeuVector should not take as long as the operator. Wait for all the resources to be in status “Created” or “Running” before moving on to the next step.
Step 4: Access the Web UI
Now NeuVector is up and running, to access the NeuVector Web UI, follow these steps:
- From the OpenShift Console, navigate to “Networking” and then “Routes”
- If you are on the “neuvector” project, you will find a link in the location column; click on it.
- The NeuVector Login will appear, and you will use your existing Openshift admin credentials and agree to the End User License Agreement; this step is only required the first time we access NeuVector.
Step 5: Start Protecting Your Applications!
Congratulations! You have successfully installed NeuVector on OpenShift. You can now start protecting your containerized applications.
If you’re short on time, you can watch this 1-minute video with the steps described in this blog post:
If you want to automate the installation, you can find here a template YAML file you can use in your pipeline, to install it you may run the following command as clusteradmin.
oc apply -f https://raw.github.com/rmahique/TMM/main/neuvector/install_nv_on_ocp.yml
In this blog post, we have walked through the steps of installing NeuVector 5.1.1 on OpenShift 4.12.15 using the NeuVector Operator 1.3.8.
With NeuVector, you can protect your containerized applications from known and unknown threats by securing the software supply chain and implementing behavioral-based Zero-Trust security policies.
If you want to learn more about NeuVector and Zero-Trust, please feel free to download our free Zero Trust Container Security for Dummies ebook, join one of the NeuVector Rodeos or request a demo of NeuVector.
For more information about our products and services, please don’t hesitate to contact us.