📄️ Linux Agent Installation Prerequisites
Complete the following steps before you install the agent.
📄️ Create Agent Access Tokens and Download Linux Agent Installers
You create agent access tokens and download the agent installers from the Lacework Console.
📄️ Install GPG and RSA keys
Lacework uses a combination of GPG and RSA keys to sign installation materials.
📄️ Use the Lacework Installation Script [install.sh]
[START]:#
📄️ Install with Chef
[START]:#
📄️ Install from Agent Multiple Version Repositories
Overview
📄️ Install using a .deb or .rpm Package
For single host installations, you can install the Lacework agent using a .deb or .rpm package.
📄️ Install with Ansible
Because Ansible is a flexible and extensible automation tool, you can use multiple strategies to install the Lacework agents. Use the following skeleton Debian and RPM playbooks as building blocks to create more advanced, environment-specific playbooks.
📄️ Install with Ansible to Dockerized Host
Follow these steps to deploy the Lacework agent as a container to a Dockerized host using an Ansible playbook.
📄️ Install on a Dockerized Host
When using Docker, you can install the Lacework agent in a privileged container to provide security for all containers provisioned on the host. For the agent to work with Docker containers, Linux host machines must use systemd. You can pull the agent container from DockerHub or you can build and install your own container using a customizable Lacework Dockerfile.
📄️ Install Using Docker Compose
You can deploy the Lacework agent using a container orchestrator such as Docker Compose.
📄️ Deploy Linux Agent on Kubernetes
You can use the following methods to deploy the Lacework Linux agent on Kubernetes:
📄️ Set up gVisor on a Kubernetes Cluster
gVisor is an application kernel written in Go that implements a substantial portion of the Linux system call interface. It provides an additional layer of isolation between running applications and the host operating system.
📄️ AWS ECS Fargate
Overview
📄️ Install with AWS Elastic Beanstalk
AWS Elastic Beanstalk allows users to easily deploy and scale their web applications. It supports multiple programming languages such as Python, Java, Node.js, and Go, and runs applications natively on an EC2 instance or as Docker containers.
📄️ AWS ECS with Lacework Agent as a Daemon Service (EC2 Launch Type)
Overview
📄️ AWS EKS Fargate
Overview
📄️ Install on Alpine Linux
This topic describes functionality that is currently in beta.
📄️ Install on CoreOS
CoreOS does not have a package manager. Hence, you can install the Lacework agent using the installation script or by manually installing a Docker image.
📄️ Use Packer to Create a Machine Image with an Installed Agent
You can use HashiCorp Packer to create a machine image with the Lacework agent pre-installed and configured. To learn more about HashiCorp Packer, see the Packer documentation.
📄️ Install Agent with the Lacework CLI
To analyze application, host, and user behavior, Lacework uses a lightweight agent that securely forwards collected metadata to the Lacework platform for analysis. The agent requires minimal system resources and runs on most Linux distributions.
📄️ Install Agent on AWS EC2 Instances Using Terraform and AWS Systems Manager
This article covers using Terraform to configure AWS Systems Manager to deploy the Lacework Agent to supported EC2 instances.
📄️ Install on a GCE Host
You can install the Lacework agent on a Google Compute Engine (GCE) host instance to monitor workloads. The workload portion provides process-aware threat and intrusion detection for your GCE environment and notifies you of any events through your chosen method.
📄️ Uninstall the Linux Agent
Uninstall the Linux Agent from a Host Machine