This demo repository includes a sample of all the kubernetes configuration files to stand up your own instane of the Security Goals application.
Links to various components:
You can stand up your own version of this application using minikube. All you need to do is run yarn minikube
to apply the required configuration.
To run this demo on GKE you will need to complete a couple or preperatory steps.
-
Ensure your Google Account user has access to the cluster. Add your username in this file and run
kubectl apply -f manifests/overlays/gke/gke-cluster-admin.yaml
). -
Compliance checks are run across multiple nodes in Kubernetes, but they need to be able to access the same mounted drive to write their results. Unfortunatly
You can't attach Persistent Disks in write mode on multiple nodes at the same time
in GCP. You can, however, use an NFS mount to access an outside disk in GCP.To do that you need to create the disk first:gcloud compute disks create --size=10GB --zone=northamerica-northeast1-a checks
. Ensure that your disk is in the same--zone
as your cluster. You can also change the name of the disk, but you will need to adjust the name in the corresponding YAML file.
After that just run yarn gke
and you should be good to go.
To clean up run yarn delete-minikube
and yarn delete-gke
respectively.