The Data Theorem API Protect Gloo Edge agent can be deployed to one or several kubernetes clusters in order to monitor and collect data about incoming API requests. The data is then sent to Data Theorem’s platform for further analysis, in order to automatically discover APIs and detect attacks.
Deploying the agent requires a configured Gloo Edge installation and the zip archive you should receive during oboarding.
If you haven’t received the zip archive yet, please contact support@datatheorem.com.
These instructions will enable traffic mirroring for selected incoming requests; the request will be sent to Data Theorem’s traffic analyzer services.
unzip DataTheorem-APIProtect-GLOO.zip |
kubectl config current-context
Find existing upstream configurations
glooctl get upstream
Add mirroring to the chosen endpoint. This step must be repeated for each endpoint.
KUBE_UPSTREAM_NAMESPACE=default
KUBE_UPSTREAM_NAME=petstore
KUBE_UPSTREAM_PORT=8080
printf -v UPSTREAM_ID "%05d" $(helm -n datatheorem list --filter 'gloo-vtap-endpoint' | wc -l)
helm install "gloo-vtap-endpoint-${UPSTREAM_ID}" \
./gloo_vtap_endpoint \\
--create-namespace \\
--namespace datatheorem \\
--set kubeUpstreamNamespace=${KUBE_UPSTREAM_NAMESPACE} \\
--set kubeUpstreamName=${KUBE_UPSTREAM_NAME} \\
--set kubeUpstreamPort=${KUBE_UPSTREAM_PORT} |
It should look something like this
helm list -n datatheorem NAME NAMESPACE REVISION UPDATED STATUS CHART APP VERSION gloo-vtap-endpoint-00001 datatheorem 1 2023-06-20 11:56:08.223009524 +0100 CET deployed apiprotect_gloo_vtap-1.0.0 1.0.5 |
Test the deployment
helm test -n datatheorem gloo-vtap-endpoint-00001 |
Finished.