Deploy Snyk
You can scan Kubernetes workloads by deploying the snyk-monitor into your cluster. This is published as an official helm chart and we will be basing these steps on that deployment option. To learn more about Snyk's Kubernetes integration, visit our documentation pages. For convenience, we will cover the steps at a high level here.

Step 1

Create the namespace:
kubectl create namespace snyk-monitor

Step 2

Create the secret:
kubectl create secret generic snyk-monitor -n snyk-monitor --from-literal=dockercfg.json={} --from-literal=integrationId=abcd1234-abcd-1234-abcd-1234abcd1234
Locate your Integration ID from the Snyk Integrations page and copy it.

Step 3

Add the Helm repo:
helm repo add snyk-charts --force-update

Step 4

Replace "my-cluster" with the name of your cluster. Also note that we are passing a few settings for compatibility with GKE Autopilot.
Install the chart:
helm upgrade --install snyk-monitor snyk-charts/snyk-monitor \
--namespace snyk-monitor \
--set pvc.enabled=true \
--set pvc.create=true \
--set"snyk-monitor-pvc" \
--set clusterName="my-cluster" \
--set nodeAffinity.disableBetaArchNodeSelector=true \
--set requests.memory="512Mi" \
--set requests."ephemeral-storage"="50Gi" \
--set limits."ephemeral-storage"="50Gi"
Now, we wait for the app to be ready and can check the status by running the following command:
kubectl get pods -n snyk-monitor
Like the previous example, we want a ready status to be displayed.
Export as PDF
Copy link
Edit on GitHub