Skip to main content

Kubernetes Setup

Overview

The RAD Plugins Helm chart is a vital component of the RAD security platform, designed to enhance Kubernetes security through a suite of specialized plugins. RAD Security provides a streamlined management process for security plugins. You can perform a variety of actions to maintain and update your security posture within Kubernetes:
  • Install: Initialize your security infrastructure with custom configurations specific to your cluster needs
  • Upgrade: Keep security measures up-to-date with straightforward upgrade paths
  • Delete (Uninstall): Remove RAD plugins cleanly without leaving residual configurations
  • Verify: Ensure plugins are running correctly after any action

Prerequisites

Before installing RAD Security on your Kubernetes cluster, ensure you meet the following requirements:

System Requirements

  • Kubernetes Version: 1.20 or higher
  • Helm Version: v3.0 or higher
  • kubectl: Admin access to the cluster
  • Cert-manager: Must be installed for secure plugin communication

Cluster Access

  • RBAC Permissions: Cluster admin or equivalent permissions
  • Network Access: Outbound HTTPS access to RAD API servers
  • Storage: Persistent volume support for data storage

Resource Requirements

  • CPU: Minimum 2 cores per node for runtime monitoring
  • Memory: Minimum 4GB RAM per node
  • Storage: 10GB persistent storage for logs and data

Compatibility Matrix

Kubernetes VersionSupportedNotes
1.20.xFull support
1.21.xFull support
1.22.xFull support
1.23.xFull support
1.24.xFull support
1.25.xFull support
1.26.xFull support
1.27.xFull support
1.28.xFull support

Network Requirements

Outbound Connections

RAD Security requires outbound HTTPS connections to:
  • api.rad.security - Main API endpoint
  • telemetry.rad.security - Telemetry data
  • registry.rad.security - Container images

Firewall Rules

Ensure the following ports are accessible:
  • 443/tcp - HTTPS to RAD API
  • 80/tcp - HTTP for health checks (optional)

Installation

Installation is straightforward with Helm, including setting up a values.yaml file with your specific configuration and verifying the installation with kubectl commands. For detailed installation steps, refer to the RAD artifact.io plugins page.
RAD Plugins: The RAD pods require outbound access to RAD API server, and the Helm chart should be kept up-to-date to ensure the latest security features and fixes are applied.

Security Considerations

  • RBAC: RAD Security creates minimal RBAC permissions
  • Network Policies: Compatible with Kubernetes Network Policies
  • Pod Security Standards: Follows restricted pod security standards
  • Image Security: All images are signed and scanned

Troubleshooting

Common Issues

  1. Cert-manager Missing: Install cert-manager before RAD Security
  2. Insufficient Permissions: Ensure cluster admin access
  3. Network Connectivity: Verify outbound HTTPS access
  4. Resource Constraints: Check CPU and memory limits

Support

For additional help with installation requirements, contact RAD Security support or refer to the troubleshooting guide.