This demo repository includes a sample of all the kubernetes configuration files to stand up your own instane of the Security Goals application.
Links to various components:
You can stand up your own version of this application using minikube. All you need to do is run yarn minikube to apply the required configuration.
To run this demo on GKE you will need to complete a couple or preperatory steps.
-
Ensure your Google Account user has access to the cluster. Add your username in this file and run
kubectl apply -f manifests/overlays/gke/gke-cluster-admin.yaml). -
Compliance checks are run across multiple nodes in Kubernetes, but they need to be able to access the same mounted drive to write their results. Unfortunatly
You can't attach Persistent Disks in write mode on multiple nodes at the same timein GCP. You can, however, use an NFS mount to access an outside disk in GCP.To do that you need to create the disk first:gcloud compute disks create --size=10GB --zone=northamerica-northeast1-a checks. Ensure that your disk is in the same--zoneas your cluster. You can also change the name of the disk, but you will need to adjust the name in the corresponding YAML file.
After that just run yarn gke and you should be good to go.
To clean up run yarn delete-minikube and yarn delete-gke respectively.