Question 1

How do I set up clusterlint to run automatically in my Kubernetes cluster?

Accepted Answer

You can run clusterlint in a CronJob by building a Docker image and configuring RBAC. The README provides a sample CronJob YAML definition for periodic execution, ensuring regular audits without manual intervention.

Question 2

Clusterlint vs kube-score: which is better for Kubernetes security audits?

Accepted Answer

Clusterlint excels at live cluster analysis with platform-specific checks, making it ideal for auditing running clusters on services like DOKS. Kube-score is better for static manifest validation before deployment, so choose based on whether you need pre-deployment or runtime analysis.

Question 3

Can clusterlint fix the configuration issues it finds?

Accepted Answer

No, clusterlint is a non-invasive tool that only reports problems without altering configurations. Operators must manually apply fixes based on the actionable feedback provided, as stated in the project description.

Question 4

How to ignore certain pods or namespaces in clusterlint checks?

Accepted Answer

Use the annotation 'clusterlint.digitalocean.com/disabled-checks' on resources to exclude them from specific checks. This helps reduce noise, such as for system pods in the kube-system namespace, as detailed in the README.

Question 5

Does clusterlint work with AWS EKS or other managed Kubernetes services?

Accepted Answer

Yes, clusterlint includes platform-specific checks for AWS and other environments, but coverage may vary. You can run relevant check groups or use plugins to extend functionality for specific managed services.

Question 6

What permissions does clusterlint need to run in-cluster with RBAC?

Accepted Answer

Clusterlint requires read access to cluster resources. The docs/RBAC.md file provides role definitions and examples for setting up appropriate permissions based on your security requirements.

clusterlint

What is clusterlint?

Overview

Use Cases

Best For

Related Projects

Found a gem we're missing?

Not Ideal For

Pros & Cons

Pros

Cons

Frequently Asked Questions