Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

docs(operator): update getting started guide #801

Merged
merged 1 commit into from
Nov 10, 2021
Merged

docs(operator): update getting started guide #801

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions docs/cli/getting-started.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,8 +6,8 @@ You need to have a Kubernetes cluster, and the kubectl command-line tool must be
cluster. If you do not already have a cluster, you can create one by installing [minikube] or [kind], or you can use one
of these Kubernetes playgrounds:

* [Katacoda](https://www.katacoda.com/courses/kubernetes/playground)
* [Play with Kubernetes](http://labs.play-with-k8s.com/)
* [Katacoda]
* [Play with Kubernetes]

You also need the `starboard` command to be installed, e.g. from the [binary releases](./installation/binary-releases.md).
By default, it will use the same configuration as kubectl to communicate with the cluster.
Expand Down
16 changes: 9 additions & 7 deletions docs/operator/getting-started.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,28 +6,28 @@ You need to have a Kubernetes cluster, and the kubectl command-line tool must be
cluster. If you do not already have a cluster, you can create one by installing [minikube] or [kind], or you can use one
of these Kubernetes playgrounds:

* [Katacoda](https://www.katacoda.com/courses/kubernetes/playground)
* [Play with Kubernetes](http://labs.play-with-k8s.com/)
* [Katacoda]
* [Play with Kubernetes]

You also need the Starboard Operator to be installed in the `starboard-operator` namespace, e.g. with
[static YAML manifests](./installation/kubectl.md).
You also need the Starboard Operator to be installed in the `starboard-system` namespace, e.g. with
[static YAML manifests](./installation/kubectl.md) or [Helm](./installation/helm.md).

## Workloads Scanning

Assuming that you installed the operator in the `starboard-operator` namespace, and it's configured to discover
Assuming that you installed the operator in the `starboard-system` namespace, and it's configured to discover
Kubernetes workloads in the `default` namespace, let's create the `nginx` Deployment that we know is vulnerable:

```
kubectl create deployment nginx --image nginx:1.16
```

When the first ReplicaSet controlled by the `nginx` Deployment is created, the operator immediately detects that and
creates the Kubernetes Job in the `starboard-operator` namespace to scan the `nginx:1.16` image for vulnerabilities.
creates the Kubernetes Job in the `starboard-system` namespace to scan the `nginx:1.16` image for vulnerabilities.
It also creates the Job to audit the Deployment's configuration for common pitfalls such as running the `nginx`
container as root:

```console
$ kubectl get job -n starboard-operator
$ kubectl get job -n starboard-system
NAME COMPLETIONS DURATION AGE
scan-configauditreport-c4956cb9d 0/1 1s 1s
scan-vulnerabilityreport-c4956cb9d 0/1 1s 1s
Expand Down Expand Up @@ -188,4 +188,6 @@ kube-system └─Pod/kube-scheduler-kind-control-plane True

[minikube]: https://minikube.sigs.k8s.io/docs/
[kind]: https://kind.sigs.k8s.io/docs/
[Katacoda]: https://www.katacoda.com/courses/kubernetes/playground/
[Play with Kubernetes]: http://labs.play-with-k8s.com/
[tree]: https://github.com/ahmetb/kubectl-tree