» » Check your kubernetes yaml Misconfigurations using Datree

Check your kubernetes yaml Misconfigurations using Datree

Edit

Check your kubernetes yaml Misconfigurations using Datree , Architecture Flow ,How Datree  works?

  • Datree is a CLI tool and open source that supports to find out the misconfigurations in kubernetes manifests YAML files that can cause clusters to fail in production.
  • The CLI integration provides a policy enforcement solution to run automatic checks for rule violations.
  • Datree can be used on the command line to run policies against Kubernetes manifests YAML files or Helm charts.

How it Datree Works

The CLI integration provides a policy enforcement solution for Kubernetes to run automatic checks on every code change for rule violations and misconfigurations. When rule violations are found, Datree produces an alert that guides the developer to fix the issue inside the CI process or even earlier as a pre-commit hook.

Datree lets the K8s admins create policies and best practices they want every team to follow and then run these policies as automated checks as part of the CI/CD pipeline or even earlier in the development workflow as a pre-commit hook.

How datree works

This moves the misconfiguration checks to the left, preventing them from ending up in the cluster, but also letting developers fix them right away, without the need of back and forth communication from K8s admins, explaining developers why and what needs to be fixed.

How to use Datree

It's a command line tool, which you can install with a single command, which means you can install it on any machine and integrate it in any tool and trigger whenever you want, like every time developers commit changes, or create a pull request etc.
No prerequisites to get started!
We don't need access to your cluster, code or anything whatsoever for you to try it out

Datree Architecture

Datree_Architecture

Some of these Best or Bad Practices in kubernetes Yam configurations?

DO: Specify a version on every image used in the Pod, instead of the latest tag. Why? Every time that image is pulled, the version will be a different version and might break your code.

DON'T: Run a container with root privilege. Why? Containers are much more secure when their access is limited & Use deprecated K8s APIs for the components.

How to Install Datree

Install the Datree CLI : Binary releases can be downloaded from the releases page or can be installed directly Here
or
If you want to install with command line please follow the below instructions
Linux & MacOS: curl https://get.datree.io | /bin/bash
Windows: iwr -useb https://get.datree.io/windows_install.ps1 | iex

Datree Helm plugin for kubernetes yaml misconfiguration 

Datree's Helm plugin can be accessed through the helm CLI, to provide a seamless experience to Helm users. 
helm plugin install https://github.com/datreeio/helm-datree

How to test a Kubernetes manifest file using Datree

It is simple two step process.
1. Install the latest release on your CLI.
2. Pass Datree a Kubernetes manifest file to scan.

After Download the binary file just open your command prompt and type the below command you will get the result.
Datree test Path of your Yaml file
Each policy check is running a "default" policy that includes 21 built-in rules. Take a look at the final result below.
How to test a Kubernetes manifest file with Datree

To configure the policy, switch back to your terminal, and sign up by clicking on the link at the bottom of the execution output .The link from the CLI will lead to a sign-up page. To make it easier for you, so you will not need to create a new user, you can sign up with your private GitHub or Google account. 
How to test a Kubernetes manifest file with Datree

After sign-up, you'll be automatically redirected to your  Centralized policy to set it according to your needs. You can Enable/disable built-in rules.
Enable_disable built-in rules in datree

Add your custom rules

In addition to the tool's built-in rules, you can also write any rule that you wish and run it against your Kubernetes configurations to check for violations. Read how to set up custom rules at Understanding custom rules.

Integrate Datree into your CI Jenkins

Keep your repositories clean and stable by preventing misconfigurations as early as possible.
Check out  integrations and CI/CD EXAMPLES for best practices with the most popular CI/CD platforms Here 

SUBSCRIBE TO OUR NEWSLETTER

janardhan Randhi

I’m the Founder of quickdevops.com. I am a Professional Blogger, Application developer, YouTuber. I’ve been blogging since 2015.I spend a lot of time learning new techniques and actively help other people learn web development through a variety of help groups and writing web development tutorials for my website and blog about advancements in web design and development.Besides programming I love spending time with friends and family and can often be found together going out catching the latest movie or planning a trip to someplace I've never been before.

1 Response to "Check your kubernetes yaml Misconfigurations using Datree"

  1. DL Mobi ToolsMay 8, 2022 at 11:26 AM

    You have shared a very informative post, i really loved this article thanks for sharing this helpful update with us.
    I will visit this informative Blog again and again to stay updated with upcoming post, keep it up the good work you will always rock on.

    ReplyDelete

Subscribe to: Post Comments (Atom)