The following article describes what is needed to deploy the Cequence UAP Platform in a Kubernetes environment. Before this point, you must have followed the steps provided in the following articles. 

• Cequence UAP Prerequisites
• UAP 3rd Party Component Dependency

Step 1: Prepare your Cluster

Create a namespace for your platform deployment

You should have created this namespace in the Cequence UAP Prerequisites article. If you follow that article, you can skip this step. 

Create a namespace to deploy the Cequence Unified API Protection Platform

kubectl create namespace <platform-namespace>

Set the new namespace as the <platform-namespace>.  

kubectl config set-context --current --namespace=<platform-namespace>

Platform Secrets

If you are using the Cequence repositories, you Must have GitLab credentials with the proper authorization. You can use one of the following options.

kubectl create secret docker-registry regcred --docker-server=registry.gitlab.com --docker-username=<your-username> --docker-password=<your-password> -n <platform-namespace>

Or via docker file. You must already have your docker-config.json file for this to work.

kubectl create secret generic regcred --from-file=.dockerconfigjson=./docker-config.json --type=kubernetes.io/dockerconfigjson -n <platform-namespace>

If you do not have credentials, please contact your Cequence Account manager for further direction.  Otherwise, we will provide you with the images for your company repository.

Step 2: Install Cequence UAP 

Create a values file with the values file example below. Then, launch the chart in the namespace you just created by running the following helm command. Follow the Pre-Requisites document before installing the Cequence UAP Platform to ensure all dependencies are installed. 

helm upgrade --install  cequence-asp cequence/cequence-asp --version 6.7.1 --skip-crds --namespace <platform-namespace> --values yourvaluesfile.yaml

This values file is configured for Platform version 6.7.1 and has the following optional modules enabled: 

• API Testing 
• API Spartan Fraud Detection
• API Spartan Bot Protection
• API Sentinel Runtime Inventory

The installation can take time and show pod errors initially because certain pods need to launch successfully before pods that depend on them will succeed. Be Patient.

Step 3: DNS Access

You will now need to add DNS entries within your DNS server for all the ingress URLs created when you deploy the platform. We recommend creating CNAME entries for all ingress URLS and pointing the URL to the ingress load balancer listed in this command. You can also use K8s external DNS if you prefer. 

You can find this information by navigating to the Cequence namespace and running the following command.  "kubectl get ingress"

Helm Values file

A sample values file is attached to this article.