Configuring and deploying the Kubernetes Anjuna Webhook

In the previous section, you uploaded the Anjuna Nitro Kubernetes containers to AWS ECR. In this section, you will configure the Anjuna Webhook (which requires one of the containers that we just uploaded to ECR).

Run the following commands to configure and deploy the Anjuna Webhook:

$ ./anjuna-k8s.sh --deploy-webhook

This command creates the configuration (configmap/secrets) to deploy the Anjuna Webhook, and starts a Pod/service associated with the Anjuna Webhook. When this command completes, the Anjuna Webhook should be running as a Pod in your cluster, waiting for requests to create Pods that will run in a Nitro Enclave.

To confirm that the Anjuna Webhook is running, execute the following command:

$ kubectl get pods

The output will be similar to the following, depending on the number of nodes in the cluster. There will be one anjuna-nitro-device-manager-xxx Pod for each node in the cluster.

NAME                                READY   STATUS              RESTARTS   AGE
anjuna-nitro-device-manager-7wvkp   1/1     Running             0          2s
anjuna-nitro-device-manager-bq6fw   0/1     ContainerCreating   0          2s
anjuna-nitro-device-manager-kx5bv   0/1     ContainerCreating   0          2s
anjuna-nitro-webhook-app            1/1     Running             0          7s

Congratulations, the Anjuna Webhook is installed in your cluster, and it is ready to intercept Pod creation events and automatically create Nitro Enclaves.