Skip to main content

Illumio Core 23.2 Install, Configure, Upgrade

Deploy with Helm Chart

To deploy via Helm Chart:

  1. Install Helm. Refer to https://helm.sh/docs/ for a quick start guide and other relevant information.

    According to official Helm documentation, if your version of Helm is lower than 3.8.0, the following command must be executed in the installation environment:

    $ export HELM_EXPERIMENTAL_OCI=1

  2. Prepare an illumio-values.yaml file with the following mandatory parameters set with values that describe this deployment:

    pce_url: URL_PORT # PCE URL with port, e.g. mypce.example.com:8443
cluster_id: ILO_CLUSTER_UUID # Cluster ID from PCE, e.g. cc4997c1-40...
cluster_token: ILO_CLUSTER_TOKEN # Cluster Token from PCE, e.g. 1_170b...
cluster_code: ILO_CODE # Pairing Profile key from PCE, e.g. 1391c...
containerRuntime: containerd # Container runtime engine used in cluster, allowed values are [containerd, docker, crio, k3s_containerd]
containerManager: kubernetes # Container manager used in cluster, allowed values are[kubernetes, openshift]
networkType: flat # CNI type, allowed values are [overlay, flat]

    where URL_PORT, ILO_CLUSTER_UUID, ILO_CLUSTER_TOKEN, and ILO_CODE are placeholders for customer provided variables.

    Note

    To add support for flat network CNIs in addition to the default (where pods run on an overlay network), an optional networkType parameter is now available in the Helm Chart where you can specify flat or overlay type. The default value is overlay.

  3. Optionally map existing Kubernetes labels to desired Illumio labels by adding a Kubernetes Custom Resource Definition (CRD) Label Map to your illumio-values.yaml file. For details on using a label map, see the "Map Kubernetes Labels to Illumio Labels" topic.

  4. Install the Helm Chart:

    helm install illumio -f illumio-values.yaml oci://quay.io/illumio/illumio --version <ver#> --namespace illumio-system --create-namespace

    Important

    Be sure to explicitly specify the version to install with the --version <ver#> option (for example, --version 4.3.0), after confirming that the product version you want to install is supported with your PCE version. Verify which PCE versions support the Illumio Core for Kubernetes version you want to deploy at the Kubernetes Operator OS Support and Dependencies page on the Illumio Support Portal.

    If the illumio-system namespace already exists, omit the --create-namespace flag.

Refer to the README file included with the Helm Chart for important information, such as additional deployment parameters you can specify in the Helm Chart before installing it.

Note

Kubelink version labeling has changed. Prior to version 3.3.0, Kubelink used a 6-hexit suffix for its release version, like 3.2.1.445a83. In Kubelink 3.3.0 and later, the version suffix is now changed to a numeric build number, like 3.3.0-56.