Deploy Snyk Monitor
Please review the prerequisites section of product documentation page before proceeding.

Enable the integration

From the Snyk web console, navigate to Integrations. Search and select Kubernetes. Click Connect and copy the Integration ID to your clipboard. The Integration ID will be a UUID with a format similar to abcd1234-abcd-1234-abcd-1234abcd1234.

Install the Snyk controller

Helm chart

From the terminal, ensure that you have helm installed then, add the Snyk Charts repository to Helm with the following command:
1
helm repo add snyk-charts https://snyk.github.io/kubernetes-monitor/
Copied!
If successful, you will see output similar to the following:
1
"snyk-charts" has been added to your repositories
Copied!

Namespace

Once added, we will need to create a unique namespace for the Snyk controller. Run the following command:
1
kubectl create namespace snyk-monitor
Copied!
If successful, you will see output similar to the following:
1
namespace/snyk-monitor created
Copied!

Secret

The Snyk monitor runs by using your Snyk Integration ID, and using a dockercfg file. If you are not using any private registries, create a Kubernetes secret called snyk-monitor containing the Snyk Integration ID from the previous step and run the following command:
1
kubectl create secret generic snyk-monitor -n snyk-monitor \
2
--from-literal=dockercfg.json={} \
3
--from-literal=integrationId=$IntegrationId
Copied!
If successful, you will see output similar to the following:
1
secret/snyk-monitor created
Copied!

Deploy

Now, install the Snyk Helm chart to your AKS cluster:
1
helm upgrade --install snyk-monitor snyk-charts/snyk-monitor \
2
--namespace snyk-monitor \
3
--set clusterName="myK8sCluster"
Copied!
If successful, you will see output similar to the following:
1
Release "snyk-monitor" does not exist. Installing it now.
2
NAME: snyk-monitor
3
NAMESPACE: snyk-monitor
4
STATUS: deployed
5
REVISION: 1
6
TEST SUITE: None
Copied!

Test

We can also validate our pod is running with the following command:
1
kubectl get pods --namespace snyk-monitor
Copied!
You will want to see the STATUS display Running as in the following example output:
1
NAME READY STATUS RESTARTS AGE
2
snyk-monitor-544ff7ccd9-qkwj8 1/1 Running 0 4m47s
Copied!
Note that Snyk Monitor will require outbound internet access.

Import Projects

From the Kubernetes integration menu, select the Add your Kubernetes workloads to Snyk button.
Then select the desired workloads and click Add selected workloads.
Your project will be scanned and results available in the Projects menu.