Deploy your constraints
Fury's OPA module is based on OPA Gatekeeper, a popular open source constraints engine with OPA as its core. It enables the capacity of writing your constraints applying them to Kubernetes cluster workloads.
SIGHUP provides some base constraints that could be used both as a starting point to apply constraints to your current workloads or to give you an idea about how easy is to implement new rules matching other requirements.
Fury Kubernetes OPA module can be deployed on the following platforms
- on-premises or unmanaged cloud clusters
- Google Kubernetes Engine (GKE)
- Azure Kubernetes Service (AKS)
- Amazon Elastic Kubernetes Service (EKS)
This module was designed to be deployed as an engine making optional the deployment of constraints. This way you can use SIGHUP suggested rules or use yours with a certified and supported constraints engine.
The following packages are included in the Fury Kubernetes OPA stack. All the
resources listed below are going to be deployed in the
gatekeeper-system namespace in your Kubernetes cluster.
|gatekeeper||Gatekeeper is a customizable admission webhook for Kubernetes that enforces policies executed by the Open Policy Agent (OPA), a policy engine for Cloud Native environments hosted by CNCF.|
|gatekeeper SIGHUP constraints templates||Gatekeeper basic constraints templates provided and supported by SIGHUP.|
SIGHUP base constraint templates
Was this page helpful?
Glad to hear it! Thanks for letting us know!
Sorry to hear that. Please tell us how we can improve.