This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
JaydenAung
Employee Alumnus
Employee Alumnus
‎2021-03-21 11:32 PM

How to Automate Onboarding an Openshift cluster to Check Point CloudGuard Native

 

(I'll be only maintaining this Original GitHub repo: https://github.com/jaydenaung/cloudguard-onboard-openshift)

This tutorial is details how to onboard Openshift cluster to CloudGuard native using automation scripts.

(Manual onboarding guide is here. The original repo is forked from Dean Houari's Repo.

Prerequisites

Run the following command:

git clone https://github.com/jaydenaung/cloudguard-onboard-openshift

Using automation scripts to automate the onboarding process

Bash Shell

  1. Make sure that uid1000.json and cp-cloudguard-openshift.yaml are in the same directory as onboard-1.sh.
  2. Edit variables and run onboard-1.sh to onboard the cluster.
    ./onboard-1.sh

Alternatively, you can follow the instructions below and execute command lines manually.

Python Script (Work in Progress))

You can use the python script onboard_oc_1.py to onboard or remove an OpenShift cluster to and from CloudGuard.

# Install requirements
pip3 install -r requirements.txt
# Execute script
python3 onboard_oc_1.py onboard

For cluster onboarding you will need to provide:

  1. Your Cluster Name (e.g. my_cluster)
  2. Namespace (e.g. checkpoint)
  3. CloudGuard API Key (you can export environment variable CHKP_CLOUDGUARD_ID and script will detect it)
  4. CloudGUard API Secret (you can export environment variable CHKP_CLOUDGUARD_SECRET and script will detect it)

For cluster removal you will need to provide:

  1. The path to the yaml file that was generated during onboarding. The script will try to find a yaml file in the current directory.
  2. CloudGuard API Key (Alternatively, can export environment variable CHKP_CLOUDGUARD_ID and the script will detect it)
  3. CloudGUard API Secret (you can also export environment. variable CHKP_CLOUDGUARD_SECRET and the script will detect it.)

Verififcation

Log onto CloudGuard native and wait for the initial sync process to be completed.

1 Reply
This widget could not be displayed.
Upcoming Events

    Sort by:
    In-Person

    Tue 20 May 2025 @ 11:30 AM (PDT)

    Las Vegas: Check Point Hybrid Mesh
    In-Person

    Wed 21 May 2025 @ 11:30 AM (MST)

    Tempe, AZ: Check Point Hybrid Mesh
    In-Person

    Tue 03 Jun 2025 @ 09:00 AM (CEST)

    CheckMates LIve France - Workshop Check Point Quantum
    In-Person

    Tue 03 Jun 2025 @ 06:00 PM (EDT)

    Montreal: CPX Recap
    In-Person

    Tue 10 Jun 2025 @ 06:00 PM (EDT)

    Quebec City: CPX Recap
    CheckMates Events