search

Kong Plug In

hashtag
Prerequisites

  • An existing deployment of Kong for Linux.

hashtag
Installation

For deployment instructions follow steps in the Profile

hashtag
Step 1 - Enforce Policy if not done already.

hashtag
Step 2 - Run these commands from a Linux server shell:

  1. Install the dependencies

sudo apt-get update
sudo apt-get install -y libbrotli1 libbrotli-dev zlib1g-dev build-essential git curl ca-certificates

  1. Run the command to install the Lua Plug In

luarocks install --server=https://luarocks.org/manifests/cluadguard-waf cloudguard-waf-kong-plugin
export KONG_PLUGINS="bundled,cloudguard-waf-kong-plugin"
kong restart
curl -i -X POST http://localhost:8001/plugins --data "name=cloudguard-waf-kong-plugin"
circle-info

If kong restart fails with: undefined symbol: BrotliDecoderSetParameter

Ensure Brotli runtime libraries are installed and accessible:

sudo apt-get install -y libbrotli1
ldconfig -p | grep libbrotli

If the error persists, preload the detected Brotli libraries before restarting Kong.

export LD_PRELOAD="$(ldconfig -p | awk '/libbrotlidec.so.1/{print $4}')":"$(ldconfig -p | awk '/libbrotlicommon.so.1/{print $4}')"
kong restart

hashtag
3: Install the Agent

Run the following commands from the linux server shell, from the same location as previous step:

chmod +x nanoegg

./nanoegg --install --token <token>

circle-info

Make sure you obtain the <token> from the Enforcement Profile page, Authentication section. you will need it during agent deployment.

The installer creates an initial registration with the CloudGuard WAF cloud and downloads the latest version of the agent installation.

hashtag
Step 4: Verify installation

The agent will automatically install, connect and should display a successful connection message within the CloudGuard WAF web portal:

To check agent status after the installation from the Linux server shell, you can run:

cpnano -s

PreviousNGINXNextMonitor Events

Last updated

Was this helpful?