Getting started

Installing Edera Protect

Caveats During Install

These need to be considered when installing Edera Protect

AWS VPC CNI is currently unsupported on Amazon Linux 2023 as it causes undefined behavior. You need to install a different CNI on EKS on Amazon Linux 2023.

AMI Install (AWS)

Create a new nodegroup for your cluster running the Edera Protect AMI. Attach the nodes in the nodegroup to the cluster and apply the edera runtime class

apiVersion: node.k8s.io/v1
kind: RuntimeClass
metadata:
  name: edera
handler: edera

Manually Installing on Nodes

First we need a service account key to pull the installer image. Drop the key into a tmp file

vi /tmp/protect.json

Use the key to log into the registry, then clean up the key

nerdctl login us-central1-docker.pkg.dev -u _json_key --password-stdin </tmp/protect.json
rm /tmp/protect.json -f

Find the version/commit you’d like to install, two options include:

Via RELEASE.md
Via crane:

crane ls us-central1-docker.pkg.dev/edera-protect/staging/protect-installer
crane digest us-central1-docker.pkg.dev/edera-protect/staging/protect-installer:latest

From here run the installer at the version/commit you’d like to install.

TAG=<see RELEASE.md for your desired tag>
DIGEST=<digest associated with your tag>
nerdctl run \
  --privileged \
  --env 'TARGET_DIR=/host' \
  --volume '/:/host' \
  --volume '/root/.docker/config.json:/root/.docker/config.json' \
  --pid host \
  us-central1-docker.pkg.dev/edera-protect/staging/protect-installer:${TAG}@${DIGEST}

Apply the edera runtime class

apiVersion: node.k8s.io/v1
kind: RuntimeClass
metadata:
  name: edera
handler: edera

Technical guide Get support

Last updated on 2025-02-04