Deploy

Deploy your constraints

2 minute read

Fury Kubernetes modules are deployed via the furyctl command-line tool.

Packages are then customized with kustomize. It lets you create customized Kubernetes resources based on other Kubernetes resource files, leaving the original YAML untouched. To learn how to create your customization layer with it, please see the kustomize repository.

Requirements

To deploy the Fury Kubernetes OPA module, you need the following

To deploy OPA gatekeeper you will need to allocate the following minimum resources:

  • Resource limits: 1000m for CPU and 512Mi for memory

Compatibility

Module Version / Kubernetes Version 1.14.X 1.15.X 1.16.X 1.17.X 1.18.X 1.19.X 1.20.X 1.21.X 1.22.X
v1.0.0
v1.0.1
v1.0.2
v1.1.0
v1.2.0
v1.2.1
v1.3.0
v1.4.0
v1.5.0
  • Compatible
  • Has issues
  • Tech preview
  • Incompatible

Deployment

To start using Fury Kubernetes OPA, you need to use the furyctl and create a Furyfile.yml with the list of all the packages that you want to download.

You can download the packages for a full OPA stack including the engine and constraints templates using the following Furyfile.yml:

bases:
  - name: opa/gatekeeper
    version: "v1.5.0"

and execute

$ furyctl vendor -H

to download the packages under ./vendor/katalog/opa.

See furyctl documentation for details about Furyfile.yml format.

To deploy the packages to your cluster, define a kustomization.yaml with the following content:

bases:
- ./vendor/katalog/opa/gatekeeper/core
- ./vendor/katalog/opa/gatekeeper/rules/templates
- ./vendor/katalog/opa/gatekeeper/gpm

Then, execute the following command:

$ kustomize build . | kubectl apply -f -

See kustomize documentation for details about kustomization.yaml format.

Available packages

Packages:

For further details please refer to the single package directories in our repository.


Last modified 22.09.2021: Preparing v1.12.0 release (299995b)