Updated on

Get hands-on with VMwares solution to securing Kubernetes clusters with CBC Container Security. Upon login you will have access to create a Tanzu Kubernetes Cluster with instructions on how to secure it with CBC Container Security.

Throughout this walkthrough you will be exposed to VMwares solution to securing Kubernetes clusters with CBC Container Security. Upon login, instructions provided will detail how to deploy and secure a new cluster with vSphere with Tanzu and CBC Container Security.

1. What is CBC Container Security?

CBC Container Security helps organizations reduce risk, obtain  compliance and achieve simple, secure cloud-native Kubernetes  environments at scale. With a simple, no-friction deployment process,  this solution provides the visibility and control that Development and  Security teams need to secure Kubernetes clusters and the applications  deployed on them. Harness the power of Carbon Black Cloud Container for  your build and deploy pipelines, with instant visibility into all your  Kubernetes workloads, and the ability to enforce compliance, security,  and governance from a single dashboard.

2. What is vSphere with Tanzu?

You can use vSphere with Tanzu to transform vSphere to a platform for  running native Kubernetes workloads. When enabled on a vSphere cluster,  vSphere with Tanzu integrates Kubernetes clusters with vSphere storage,  networking, and compute resources via standard Kubernetes mechanisms.  This allows developers to deploy Kubernetes workloads with no knowledge  of the underlying infrastructure while IT continues to provide trusted  services from vSphere. Additionally, Kubernetes workloads can be run  directly on the ESXi hosts to ensure maximum performance and meet  security requirements.

3. What is Tanzu Mission Control (TMC)?

VMware Tanzu Mission Control  is a centralized management platform for consistently operating and  securing your Kubernetes infrastructure and modern applications across  multiple teams and clouds. 

Available through VMware Cloud services, Tanzu Mission Control  provides operators with a single control point to give developers the  independence they need to drive business forward, while ensuring  consistent management and operations across environments for increased  security and governance.

4. Pre-requisites

When using the walkthrough, please do NOT create more than 1 Tanzu Kubernetes Cluster.

Also, we encourage everyone to use the My Documents  folder located on the VMware Tanzu Horizon Desktop to store yaml files  and container images. This folder is persistent which means that users  can retrieve their stored application data across multiple sessions.

5. Accessing CBC Container Security Demo

Your environment is currently being setup, watch the video to take a  tour of the Carbon Black Container Security experience. Once the login button is  highlighted in blue, click GO! to start the experience.

As part of this experience, we will provision your TMC and TestDrive accounts that are valid for 48 hours in a single session. Once the time expires, you can re-enable access by following the same method.

6. Login to Workspace ONE Access

Use the Testdrive Credentials provided in the Login Credentials menu on the top right corner to sign-in to VMware Horizon.

  1. Click the copy icon next to the username to copy
  2. Paste it on the Horizon username field by clicking on it, followed by pressing CTRL+v (Windows) or Command (⌘) + v (macOS) on your keyboard
  3. Next, click the copy icon next to the password to copy
  4. Paste it on the Horizon password field by clicking on it, followed by pressing CTRL+v (Windows) or Command (⌘) + v (macOS) on your keyboard
  5. Click Login to access

Other pasting options:

  • Windows: use right-click on your mouse/ trackpad and select Paste
  • macOS: press and hold the control key while you click the Horizon username/password field and select Paste

7. Launch CBC Container Security Desktop

Once logged in, search for 'CBC Container Security' on the Apps Tab and click on  the Horizon  Desktop to launch it on your Browser.

At this point you can begin the walkthrough steps listed next.