github.com/khulnasoft-lab/kube-bench@v0.2.1-0.20240330183753-9df52345ae58/docs/installation.md (about) 1 ## Installation 2 3 You can choose to 4 * Run kube-bench from inside a container (sharing PID namespace with the host). See [Running inside a container](./running.md#running-inside-a-container) for additional details. 5 * Run a container that installs kube-bench on the host, and then run kube-bench directly on the host. See [Installing from a container](#installing-from-a-container) for additional details. 6 * install the latest binaries from the [Releases page](https://github.com/khulnasoft-lab/kube-bench/releases), though please note that you also need to download the config and test files from the `cfg` directory. See [Download and Install binaries](#download-and-install-binaries) for details. 7 * Compile it from source. See [Installing from sources](#installing-from-sources) for details. 8 9 10 ### Download and Install binaries 11 12 It is possible to manually install and run kube-bench release binaries. In order to do that, you must have access to your Kubernetes cluster nodes. Note that if you're using one of the managed Kubernetes services (e.g. EKS, AKS, GKE, ACK, OCP), you will not have access to the master nodes of your cluster and you can’t perform any tests on the master nodes. 13 14 First, log into one of the nodes using SSH. 15 16 Install kube-bench binary for your platform using the commands below. Note that there may be newer releases available. See [releases page](https://github.com/khulnasoft-lab/kube-bench/releases). 17 18 Ubuntu/Debian: 19 20 ``` 21 curl -L https://github.com/khulnasoft-lab/kube-bench/releases/download/v0.6.2/kube-bench_0.6.2_linux_amd64.deb -o kube-bench_0.6.2_linux_amd64.deb 22 23 sudo apt install ./kube-bench_0.6.2_linux_amd64.deb -f 24 ``` 25 26 RHEL: 27 28 ``` 29 curl -L https://github.com/khulnasoft-lab/kube-bench/releases/download/v0.6.2/kube-bench_0.6.2_linux_amd64.rpm -o kube-bench_0.6.2_linux_amd64.rpm 30 31 sudo yum install kube-bench_0.6.2_linux_amd64.rpm -y 32 ``` 33 34 Alternatively, you can manually download and extract the kube-bench binary: 35 36 ``` 37 curl -L https://github.com/khulnasoft-lab/kube-bench/releases/download/v0.6.2/kube-bench_0.6.2_linux_amd64.tar.gz -o kube-bench_0.6.2_linux_amd64.tar.gz 38 39 tar -xvf kube-bench_0.6.2_linux_amd64.tar.gz 40 ``` 41 42 You can then run kube-bench directly: 43 ``` 44 kube-bench 45 ``` 46 47 If you manually downloaded the kube-bench binary (using curl command above), you have to specify the location of configuration directory and file. For example: 48 ``` 49 ./kube-bench --config-dir `pwd`/cfg --config `pwd`/cfg/config.yaml 50 ``` 51 52 See previous section on [Running kube-bench](./running.md#running-kube-bench) for further details on using the kube-bench binary. 53 54 ### Installing from sources 55 56 If Go is installed on the target machines, you can simply clone this repository and run as follows (assuming your [`GOPATH` is set](https://github.com/golang/go/wiki/GOPATH)) as per this example: 57 58 ```shell 59 # Create a target directory for the clone, inside the $GOPATH 60 mkdir -p $GOPATH/src/github.com/khulnasoft-lab/kube-bench 61 62 # Clone this repository, using SSH 63 git clone git@github.com:khulnasoft-lab/kube-bench.git $GOPATH/src/github.com/khulnasoft-lab/kube-bench 64 65 # Install the pre-requisites 66 go get github.com/khulnasoft-lab/kube-bench 67 68 # Change to the kube-bench directory 69 cd $GOPATH/src/github.com/khulnasoft-lab/kube-bench 70 71 # Build the kube-bench binary 72 go build -o kube-bench . 73 74 # See all supported options 75 ./kube-bench --help 76 77 # Run all checks 78 ./kube-bench 79 ``` 80 81 82 ### Installing from a container 83 84 This command copies the kube-bench binary and configuration files to your host from the Docker container: 85 **binaries compiled for linux-x86-64 only (so they won't run on macOS or Windows)** 86 ``` 87 docker run --rm -v `pwd`:/host docker.io/khulnasoft/kube-bench:latest install 88 ``` 89 90 You can then run `./kube-bench`.