NodeAgent is a component of Kubescape that enables node-level security scanning and monitoring. It uses eBPF technology to monitor the system and provides real-time security insights.
This is the recommended way to run the Node Agent. You can run the Node Agent in a Kubernetes cluster as part of Kubescape by using helm. Please refer to the docs for more information.
Make sure to set the NODE_NAME environment variable to the name of the node you want to scan.
Also make sure you have the KUBECONFIG environment variable set to the path of your kubeconfig file.
You can then build the binary by running:
go build .
Then run the binarty with root privileges:
sudo ./node-agent
- The node agent uses eBPF, so make sure your system supports it.
- It uses
CO-RE, so make sure your kernel version is 5.4 or higher.
{
"version": "0.2.0",
"configurations": [
{
"name": "Launch Package",
"type": "go",
"request": "launch",
"mode": "auto",
"program": "${workspaceFolder}/main.go",
"env": {
"NODE_NAME": "<node name>",
"KUBECONFIG": "<path_to_kubeconfig>",
},
"console": "integratedTerminal",
"asRoot": true,
}
]
}
Kubescape Node-agent changes are tracked on the release page