Addon: KubeArmor

kjackal · July 21, 2023, 7:40am

Compatibility:
Source: See KubeArmor website for details.

KubeArmor is a cloud-native runtime security enforcement system that restricts the behavior (such as process execution, file access, and networking operations) of pods, containers, and nodes at the system level. It makes use of eBPF and Linux security modules (LSMs) such as AppArmor, SELinux, or BPF-LSM to enforce the user-specified policies. KubeArmor generates rich alerts/telemetry events with container/pod/namespace identities for ease of use.

Usage

To enable the addon:

microk8s enable kubearmor

Afterwards the KubeArmor CLI is available under MicroK8s:

microk8s karmor

The addon can be disabled at any time with:

microk8s disable kubearmor

Links

To learn more about KubeArmor visit:

the KubeArmor official website

Topic		Replies	Views
Addon: Trivy microk8s docs	0	2561	April 11, 2023
Add on: Portainer microk8s docs	17	9973	February 4, 2024
Observability add-on won't run, does it actually work? microk8s	0	1000	May 1, 2023
CIS hardening and assesment microk8s docs	0	3802	June 12, 2023
Securing Static Pod Manifest (For edge devices w/o a control plane) General Discussions security	1	881	December 24, 2020

Addon: KubeArmor

Usage

Links

Related Topics