Configure the Kubernetes integration

Enable the integration

From the Snyk web console, navigate to Integrations. Search and select Kubernetes. Click Connect and copy the Integration ID to your clipboard. The Integration ID will be a UUID with a format similar to abcd1234-abcd-1234-abcd-1234abcd1234.
Let's create an environment variable for our Integration ID:
1
IntegrationId=<value>
Copied!

Install the Snyk controller

Helm chart

From the terminal, ensure that you have helm installed by running the following command:
1
brew update && brew install helm
Copied!
Then, add the Snyk Charts repository to Helm with the following command:
1
helm repo add snyk-charts https://snyk.github.io/kubernetes-monitor/
Copied!
If successful, you will see output similar to the following:
1
"snyk-charts" has been added to your repositories
Copied!

Namespace

Once added, we will need to create a unique namespace for the Snyk controller. Run the following command:
1
kubectl create namespace snyk-monitor
Copied!
If successful, you will see output similar to the following:
1
namespace/snyk-monitor created
Copied!

Secret

The Snyk monitor runs by using your Snyk Integration ID, and using a dockercfg file. If you are not using any private registries, create a Kubernetes secret called snyk-monitor containing the Snyk Integration ID from the previous step and run the following command:
1
kubectl create secret generic snyk-monitor -n snyk-monitor \
2
--from-literal=dockercfg.json={} \
3
--from-literal=integrationId=$IntegrationId
Copied!
If successful, you will see output similar to the following:
1
secret/snyk-monitor created
Copied!

Deploy

Now, install the Snyk Helm chart to your AKS cluster:
1
helm upgrade --install snyk-monitor snyk-charts/snyk-monitor \
2
--namespace snyk-monitor \
3
--set clusterName="mySnykAKSCluster"
Copied!
If successful, you will see output similar to the following:
1
Release "snyk-monitor" does not exist. Installing it now.
2
NAME: snyk-monitor
3
LAST DEPLOYED: Tue Apr 28 16:34:04 2020
4
NAMESPACE: snyk-monitor
5
STATUS: deployed
6
REVISION: 1
7
TEST SUITE: None
Copied!

Test

We can also validate our pod is running with the following command:
1
kubectl get pods --namespace snyk-monitor
Copied!
You will want to see the STATUS display Running as in the following example output:
1
NAME READY STATUS RESTARTS AGE
2
snyk-monitor-544ff7ccd9-qkwj8 1/1 Running 0 4m47s
Copied!
Note that Snyk Monitor will require outbound internet access.
Last modified 7d ago