Skip to main content
New to Monokle? Streamline your Kubernetes deployments with Monokle. Get Started >

Cluster Checks

Cluster Checks safeguards your Kubernetes API server against misconfigurations.

Overview

The Monokle Admission Controller is a Kubernetes admission controller which enforces policies when Kubernetes resources are applied to the Kubernetes API server. This enforcement point is the last in line and most important. Once past this point, misconfigurations can start to cause problems.

Basics

Configure

The cluster integration requires you to install an admission controller within your cluster. Install the tool by going to Workspace > Clusters in Monokle Cloud. Adding a cluster to your workspace will generate a Helm install command for you. In case you are unfamiliar with Helm, you can learn more about its usage in their official documentation.

helm install monokle-admission-controller oci://registry-1.docker.io/kubeshop/monokle-admission-controller --set automationToken=your_automation_token -n monokle --create-namespace

You can see that the command includes an automation token. The admission controller will use it to automatically synchronise with Monokle Cloud.

note

Monokle ❤️OSS. The admission controller is fully open-sourced. You can also use it without connecting to Monokle Cloud.

Assign policy

You can assign policies to namespaces. Select your cluster under Workspace > Clusters and you can see all the namespaces in your cluster. Use the checkbox at the top to apply a policy to all namespaces, or select your desired namespaced and apply a policy there instead. The admission controller will periodically synchronise the latest updates.

FAQ

Can I disable forwarding namespaces to Monokle Cloud?

Not yet, but if privacy of your cluster is important to you then reach out to us and we'll gladly add this.