Wallarm

Wallarm Advaced Cloud-Native Web Applicaton Firewall

Wallarm

Wallarm is a DevOps-friendly Web Application Firewall (WAF) uniquely suited to protect your cloud applications and APIs. Wallarm installs natively in a Kubernetes environment.

Quick Start

Prerequisites

  1. Sign up for a Wallarm account.

  2. Add the Wallarm helm chart repository.

    helm repo add wallarm https://repo.wallarm.com/charts/stable
    helm repo update
    

Install the Wallarm Ingress Controller (nginx + Wallarm WAF)

  1. In the Wallarm cloud console create a new node of type cloud.

  2. Copy the nodes token, since you will need that in the next step.

  3. Install the ingress controller.

    helm install wallarm/wallarm-ingress -n ingress-controller --set controller.wallarm.token=<CLOUD NODE TOKEN> --set controller.wallarm.enabled=true
    

Wallarm can be configured through helm values; you can find the options here.

Create an Ingress Route

  1. Create an ingress rule that exposes the http-echo-service.

    cat <<EOF | kubectl apply -f -
    apiVersion: extensions/v1beta1
    kind: Ingress
    metadata:
      name: nginx-ingress
      annotations:
        kubernetes.io/ingress.class: nginx  
    spec:
      rules:
        - http:
            paths:
              - path: /
                backend:
                  serviceName: http-echo-service
                  servicePort: 80
    
    ---
    apiVersion: v1
    kind: Service
    metadata:
      name: http-echo-service
    spec:
      ports:
        - port: 80
          targetPort: 5678
          name: web
      selector:
        app: http-echo
    
    ---
    apiVersion: v1
    kind: Pod
    metadata:
      name: http-echo
      labels:
        app: http-echo
    spec:
      containers:
        - name: http-echo
          image: hashicorp/http-echo
          args: ['-text="hello world"']
          ports:
            - containerPort: 5678
              name: web
    EOF
    
  2. Enable traffic analysis for the ingress.

    kubectl annotate ingress nginx-ingress nginx.ingress.kubernetes.io/wallarm-mode=monitoring
    kubectl annotate ingress nginx-ingress nginx.ingress.kubernetes.io/wallarm-instance=1
    

Delete the Ingress Controller

Delete the ingress controller.

helm delete --purge ingress-controller

Documentation

Release Notes

Licensing

Maintenance and Support