Skip to content

A Kubernetes tool leveraging eBPF for advanced Kubernetes security, auto-generating Network Policies, Seccomp Profiles, and more.

License

Notifications You must be signed in to change notification settings

xentra-ai/kube-guardian

Repository files navigation

Xentra: Advisor for Kubernetes

Xentra is a powerful kubectl plugin designed to enhance the security of your Kubernetes clusters. The Advisor component allows users to automatically generate crucial security resources like Network Policies, Seccomp Profiles, and more for Kubernetes pods or services.

Table of Contents

🌟 Features

WIP

🛠️ Prequisites

  • Linux Kernel 6.2+
  • Kubernetes 1.19+
  • kubectl v1.18+
  • Kube Guardian MUST be running in-cluster

📦 Installation

There are several options to install the advisor client.

To use the quick install use the following command:

sh -c "$(curl -fsSL https://raw.githubusercontent.com/xentra-ai/kube-guardian/main/scripts/quick-install.sh)"

You can also install Xentra via Krew, the plugin manager for kubectl:

kubectl krew install xentra

Or manually download the release and place it in your PATH:

Example:

# Download the release and set it as executable
wget -O advisor https://github.com/xentra-ai/kube-guardian/releases/download/v0.0.4/advisor-linux-amd64
chmod +x advisor
mv advisor /usr/local/bin/kubectl-advisor

🔨 Usage

🔒 Generate Network Policies

Create a network policy for a single pod in a namespace

kubectl advisor gen networkpolicy [pod-name] --namespace [namespace-name]

Create a network policy for a all pod(s) in a namespace

kubectl advisor gen networkpolicy --namespace [namespace-name] --all

Create a network policy for a all pod(s) in all namespace(s)

kubectl advisor gen networkpolicy -A

For more details on the commands:

kubectl advisor --help

🤝 Contributing

Contributions are welcome! Please read the contributing guide to get started.

📄 License

This project is licensed under the Apache 2.0 License - see the LICENSE file for details.

🙏 Acknowledgments

Thanks to the Kubernetes community for the excellent tools and libraries.