Use the Kubernetes Plugin for Panorama to propagate labels
to Panorama device groups
Where Can I Use
This? | What Do I Need? |
|
- CN-Series 10.1.x or above Container Images
- Panorama running PAN-OS 10.1.x or above
version
|
Use the Kubernetes Plugin for Panorama to propagate labels to Panorama
device groups.
You can use the Kubernetes plugin to complete the integration of Panorama
and the Kubernetes API. The plugin learns new labels and propagates them to Panorama
device groups. These labels can include Kubernetes labels, services, namespaces, and
other metadata from which Dynamic Address Group match criteria can be defined.
If the cluster credential file size is greater than 32KB, you will
get an error message when importing the credentials file on the Panorama
Kubernetes plugin. The error message displays the size of the file as the
cause of the error.
If the cluster has many CA certificates in ca.crt
bundle, the Kubernetes plugin only requires the top CA certificate. You must
ensure to retain only the top CA certificate and remove all other CA
certificates and service.crt from the credential file. You
can then use this updated credential file.