tania's technical blogs

Getting started with kubescape

Getting started with kubescape

Tania Duggal's photo
Tania Duggal
·

4 min read

I hope if you are getting started with Kubescape ,you have already your Docker Engine and minikube installed on your system.

Firstly, run these commands in cmd:

  1. minikube start - to start minikube cluster.

  2. minikube status- to check status of cluster.

Take a look:

minikube start.jpg

minikube 2.jpg

Now, single node cluster running on your system.

Now, you make your yaml file to deploy pods to your cluster. You even can do Simple deployment but I prefer Monokole tool. It saves my precious time.

By using Monokole,I create pod using available templates. By taking few steps with the help of Monokole, my created pod is deployed to minikube cluster.

Take a look:

  1. Select any template you want to create.

m1.jpg

Here , You give pod name and image name you want to create. Then click on Submit button.

m2.jpg

Now, click on Done. Your pod resource created successfully.

m3.jpg

m4.jpg

Now, simply click on Deploy button at the right top.

m5.jpg

Click on OK. Your pod successfully deployed to your cluster.

m6.jpg

This message shows at right top after deployed.

m7.jpg

"NOW, WE DROP OUR FOCUS TO LEARN OR GETTING START WITH KUBESCAPE." HOW KUBESCAPE HELPS US?

Introduction:

Kubescape is a open-source tool by Armo. It scans ours k8s clusters, YAML files and Helm charts, finding vulnerabilities and detecting misconfigurations according to some frameworks like MITRE,NSA etc. It is much easy to use.

Now, you install Kubescape according to your systems . Simply go to Github repositry of Kubescape: github.com/armosec/kubescape

Running commands on your cmd according to your system.

installation 1.jpg

After running these commands, Successfully you installed Kubescape on your system.

SCAN YOUR CLUSTERS:

Kubescape helps us in scans our clusters with few seconds. Now in our system ,before few seconds(in above) We run a minikube cluster. LET'S SCAN IT BY USING KUBESCAPE.

Simply run this command in cmd:

kubescape scan --submit --enable-host-scan

I get these results. It shows me vulnerabilties and risk scores and also checks which resources are passed or failed.

T.jpg

As it is difficult for us to deal things on cmd, We can access Kubescape Dashobard just by signing up. Click on link: portal.armo.cloud/account/sign-up

You sign up with your Google account or via Github.

installation 2.jpg

After sign up,This Dashboard seems to be appear in front of you.

installation 3 t.jpg

Just run these commands on cmd . This Dashboard appears in front of you.

Now ,If you wanna scan your cluster .Click on 'add cluster' button.

dashboardt t.jpg

After adding cluster, like this appears. Now, you select 'click here' button for ci/cd Deployment.

2 (2).jpg

3 (2).jpg

Now, You can run a scan for your cluster by running the above command on cmd and able to see the vulnerabilities in our cluster through Dashboard.

r1.jpg

This is how you scan your clusters with the help of Kubescape and checks which resources are passed or failed and also fix these vulnerabilties (solutions provides in remediation).

Scanning YAML Files:

Kubescape helps us in scannig our YAML files. Let's do it. Give path to your Yaml file where you create it and run below commands on your cmd.

scan yaml files 3 (3).jpg

scan yaml files 4.jpg

Result:

scan yaml files 5 (2).jpg

Now, Successfully your image is scanned.

You can also scan your K8s manifests from public repositry.

Image Scanning:

Kubescape helps in scanning our image.

Lets's see it how?

Make sure you installed the Helm and now simply open Kubescape Dashboard and click on 'Image Scanning'. This like Dashboard appears in front of you and then after run below command on your cmd.

image scanning 1 sahi (2).jpg

Now, you can see the severities in your image.

image scanning 2 (2).jpg

image scanning 3.jpg

Yeah, You scanned your image successfully.

RBAC Visualizer:

RBAC stands for Role Back Access Control. RBAC helps us in accessing what is in your cluster and what is user want to accessing.

To use RBAC Visualiser, just click on it . You can add your Query and you can also investigate.

rbac query 3.jpg

In this ,I investigate the user.(just shown up my example here)

rbac investigate.jpg

Customize your own Framework:

Why you need customize Framework?

If you want to add some specify set of rules and controls to your project. For this ,You can make your own framework.

  1. Simply click on new Framework.

new framework 1 sahi (3).jpg

2.Now, give name to your Framework and description of your Framework.

new framework 2 (2).jpg

(GIVEN EXAMPLE OF MY OWN FRAMEWORK HERE)

3.And also add rules and controls to your framework by just simply click on it.

nf 8 (2).jpg

Now, your own framework is ready, you can check it.

nf 10 (2).jpg

Let's scan it on cmd by using following command:

nf 9 c.jpg

Result:

nf 9c 2.jpg

This is how you create your own Framework.

This is all about main concepts of using and benefits of Kubescape and there are much more. You can explore more features of kubescape by yourself like Kubescape Vs Code Extension etc.

HOPE YOU LIKE IT! THANKS.