1
0
mirror of https://github.com/aquasecurity/kube-bench.git synced 2024-12-24 07:28:06 +00:00
kube-bench/docs/installation.md
Yoav Rotem 0d1bd2bbd9
mkdocs support and update docs (#884)
* Delete README.md

* Edit readme and separate into different files

* Update README.md

* Update Running.md

* Update CONTRIBUTING.md

* Create Contributing.md

* Add files via upload

* Update Index.md

* Rename Flags and Commands.md to Flags_and_commands.md

* Rename Index.md to index.md

* Create mkdocs.yml

* Delete images directory

* Update README.md

* Update README.md

* Update README.md

* Update README.md

* Update README.md

* Update README.md

* Create mkdocs-dev.yaml

* Create mkdocs-latest.yaml

* Update mkdocs.yml

* Update mkdocs.yml

* Update mkdocs.yml

Add yamllint ---

* Make it yamllint comply

* Make Yamllint comply

* Make Yamllint comply

* Change description

Co-authored-by: Itay Shakury <itay@itaysk.com>

* Fix syntax

Co-authored-by: Itay Shakury <itay@itaysk.com>

* Update docs/Architecture.md

Co-authored-by: Itay Shakury <itay@itaysk.com>

* Update docs/Architecture.md

Co-authored-by: Itay Shakury <itay@itaysk.com>

* Update example for test files

* Update contributing

* Delete Contributing.md

* Update Flags_and_commands.md

* Change syntax and add source

* Update Platforms.md

* lower case file names

* lower case file names

* Lower case file names

* Lower case file names

* Lower case file names

* Lower case file names

* Add note about inspect master in some platforms

* Add quick start

* Lower case files names

* Lower case files names

* Fixing typo

* Remove section about old ocp

* Fix typos

Co-authored-by: Itay Shakury <itay@itaysk.com>
2021-06-09 11:17:16 +03:00

3.2 KiB
Raw Blame History

Installation

You can choose to

Download and Install binaries

It is possible to manually install and run kube-bench release binaries. In order to do that, you must have access to your Kubernetes cluster nodes. Note that if you're using one of the managed Kubernetes services (e.g. EKS, AKS, GKE, ACK, OCP), you will not have access to the master nodes of your cluster and you cant perform any tests on the master nodes.

First, log into one of the nodes using SSH.

Install kube-bench binary for your platform using the commands below. Note that there may be newer releases available. See releases page.

Ubuntu/Debian:

curl -L https://github.com/aquasecurity/kube-bench/releases/download/v0.6.2/kube-bench_0.6.2_linux_amd64.deb -o kube-bench_0.6.2_linux_amd64.deb

sudo apt install ./kube-bench_0.6.2_linux_amd64.deb -f

RHEL:

curl -L https://github.com/aquasecurity/kube-bench/releases/download/v0.6.2/kube-bench_0.6.2_linux_amd64.rpm -o kube-bench_0.6.2_linux_amd64.rpm

sudo yum install kube-bench_0.6.2_linux_amd64.rpm -y

Alternatively, you can manually download and extract the kube-bench binary:

curl -L https://github.com/aquasecurity/kube-bench/releases/download/v0.6.2/kube-bench_0.6.2_linux_amd64.tar.gz -o kube-bench_0.6.2_linux_amd64.tar.gz

tar -xvf kube-bench_0.6.2_linux_amd64.tar.gz

You can then run kube-bench directly:

kube-bench

If you manually downloaded the kube-bench binary (using curl command above), you have to specify the location of configuration directory and file. For example:

./kube-bench --config-dir `pwd`/cfg --config `pwd`/cfg/config.yaml 

See previous section on Running kube-bench for further details on using the kube-bench binary.

Installing from sources

If Go is installed on the target machines, you can simply clone this repository and run as follows (assuming your GOPATH is set):

go get github.com/aquasecurity/kube-bench
cd $GOPATH/src/github.com/aquasecurity/kube-bench
go build -o kube-bench .

# See all supported options
./kube-bench --help

# Run all checks
./kube-bench

Installing from a container

This command copies the kube-bench binary and configuration files to your host from the Docker container: binaries compiled for linux-x86-64 only (so they won't run on macOS or Windows)

docker run --rm -v `pwd`:/host aquasec/kube-bench:latest install

You can then run ./kube-bench.