# Kubernetes (AWS, Azure, GCP and on-prem)

{% columns %}
{% column %}
Deploy Alma’s **eBPF sensor** on Kubernetes to collect runtime telemetry.

You get visibility into common protocols out of the box:

* HTTP
* PostgreSQL
* Redis
* Kafka
* and more

All traffic from your cluster to the Alma platform is **TLS encrypted**.

Alma does **not** persist sensitive data.
{% endcolumn %}

{% column %}
![Alma eBPF on Kubernetes overview](/files/5Eg1Zi87sbUFQ7JOSF2T)
{% endcolumn %}
{% endcolumns %}

### Requirements

* Any live environment with traffic.
* Sensor resources (per node): **up to 0.6 GB RAM + 0.6 CPU**.
* Kubernetes control plane resources (total): **10 GB RAM + 10 CPUs**.

### Prerequisites

* Kubernetes **v1.21+**.
* Works with **EKS (AWS)**, **AKS (Azure)**, **GKE (GCP)**, and **on-prem OpenShift** (plus VMware and more).
* Outbound connectivity from the cluster to the Alma endpoint on **port 4317**.
* Helm installed (Helm 3 recommended).

{% hint style="info" %}
Port **4317** is commonly used for OTLP/gRPC. Confirm it’s allowed in your egress rules.
{% endhint %}

### How it works

The eBPF sensor runs on your Kubernetes nodes and sends telemetry to the Alma platform.

<figure><img src="/files/P0PKOmNkdGGA8FFpUS9A" alt=""><figcaption></figcaption></figure>

### Install with Helm

The eBPF sensor is provided as a Helm chart.

{% stepper %}
{% step %}

### Install the chart

Run:

```bash
helm install alma-ebpf alma-helm/ --namespace pl --create-namespace
```

{% hint style="warning" %}
The example uses namespace `pl`. Use your internal standard if needed.
{% endhint %}
{% endstep %}
{% endstepper %}

### Validate the deployment

1. Confirm the namespace exists: `kubectl get ns pl`.
2. Confirm workloads are running: `kubectl get pods -n pl`.
3. Confirm the cluster can reach the Alma endpoint on port `4317`.

If pods aren’t ready, start by checking: `kubectl describe pod -n pl <pod>`.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.alma-security.com/integrations/kubernetes-aws-azure-gcp-and-on-prem.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.