VMware Tanzu installation

  Last updated 2024-02-20

IMPORTANT

This guide only applies to Next-Gen WAF customers with access to the Next-Gen WAF control panel. If you have access to the Next-Gen WAF product in the Fastly control panel, you can only deploy the Next-Gen WAF with the Edge WAF deployment method.

You can deploy the Next-Gen WAF product within your VMware Tanzu Application Service by installing the Signal Sciences Service Broker service tile and then enabling the Next-Gen WAF agent.

NOTE

Fastly services interoperate with non-Fastly services only when you configure them that way. We do not provide direct support for non-Fastly services. Software or services that enable integration with non-Fastly services (such as plug-ins, extensions, and add-ons) are available under their own terms. Read Fastly's Terms of Service for more information.

Prerequisites

Prior to installing the Signal Sciences Service Broker for VMware Tanzu, you must:

Installing the Signal Sciences Service Broker

To install and configure the Signal Sciences Service Broker for VMware Tanzu, complete the following steps:

  1. Download the product file from Pivotal Network.
  2. In Tanzu Operations Manager, install and configure the Signal Sciences Service Broker tile. Be sure to set the sigsci_buildpack_decorator Buildpack Order to zero. This setting is located in the Buildpack Settings tab.

Enabling the Next-Gen WAF agent

After installing the Signal Sciences Service Broker tile, embed the Next-Gen WAF agent in your app code and bind the service to your Tanzu app via the Cloud Foundry Command Line Interface (cf CLI):

  1. Run the cf set-env command in the cf CLI to set the SIGSCI_ACCESSKEYID environment variable:

    cf set-env tanzu-app-name "SIGSCI_ACCESSKEYID" "environment-variable-value"

    Be sure to replace tanzu-app-name with the name of your Tanzu app and environment-variable-value with your site's (also known as workspace's) Agent Access Key (accesskeyid).

  2. Run the cf set-env command again to set the SIGSCI_SECRETACCESSKEY environment variable, being sure to update tanzu-app-name and to replace environment-variable-value with your site's (workspace's) Agent Secret Key (secret-access-key):

    cf set-env tanzu-app-name "SIGSCI_SECRETACCESSKEY" "environment-variable-value"

  3. (Optional) Run the cf set-env command again to set additional environment variables, being sure to replace tanzu-app-name, environment-variable-name, and environment-variable-value with the appropriate information:

    cf set-env tanzu-app-name "environment-variable-name" "environment-variable-value"

    The environment variables that you can configure are as follows:

    • SIGSCI_SERVER_HOSTNAME: the hostname for each agent. This is what gets displayed in the Signal Sciences web interface. The hostname must be a unique name per instance.
    • SIGSCI_AGENT_VERSION: the version of the Next-Gen WAF agent. By default, the latest version of the Next-Gen WAF agent is installed. To specify a specific version, set the variable to the desired version number.
    • SIGSCI_REQUIRED: whether or not the app will start when the Next-Gen WAF agent fails to start. By default, the app can start when the Next-Gen WAF agent fails to start (e.g. invalid agent keys). To ensure your app doesn't start without the agent, set the variable to true.

  4. Ensure your app process obtains its listening port from the $PORT environment variable.

  5. Run the following command in the cf CLI to push the Signal Sciences buildpack and the final buildpack:

    cf push tanzu-app-name -b sigsci_cloudfoundry_buildpack -b final_buildpack

    Be sure to replace tanzu-app-name with the name of your app and final_buildpack with the name of your final buildpack.

    IMPORTANT

    In the command, the Signal Sciences buildpack must come before the final buildpack.

Was this guide helpful?

Do not use this form to send sensitive information. If you need assistance, contact support. This form is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Fastly
© Fastly 2024