Kyverno is a policy engine for Kubernetes that enables you to define and enforce policies for your cluster resources. It provides a flexible and scalable solution for managing your cluster configuration, allowing you to enforce best practices, prevent misconfigurations, and enforce compliance requirements.
The kyverno/policies offer all kinds of security and best practice policies that you could use.
Install with:
helm repo add kyverno oci://ghcr.io/kyverno/charts/
helm install kyverno kyverno/kyverno -f values.yaml
See examples from other people.
Name | Repo | Stars | Version | Timestamp |
---|---|---|---|---|
kyverno | budimanjojo/home-cluster | 196 | 3.4.1 | 4 days ago |
kyverno | mchestr/home-cluster | 115 | 3.4.1 | 14 days ago |
kyverno | axeII/home-ops | 46 | 3.4.1 | 14 days ago |
kyverno | haraldkoch/kochhaus-home | 139 | 3.4.1 | 15 days ago |
kyverno | tyriis/home-ops | 59 | 3.4.1 | 17 days ago |
See the most popular values for this chart:
Key | Types |
---|---|
boolean, string | |
string | |
string | |
number | |
string | |
string | |
string | |
string | |
string | |
number | |
string | |
string | |
string | |
string | |
string | |
boolean | |
string | |
string | |
string | |
string | |
string | |
string | |
string | |
boolean, string | |
string | |
string | |
string | |
string | |
reportsController.clusterRole.extraResources[].verbs[] (5) - get | string |
number | |
string | |
string | |
string | |
string | |
string | |
number | |
string | |
string | |
string | |
string | |
string | |
string | |
string | |
string | |
boolean | |
string | |
string | |
string | |
string | |
string | |
string | |
string | |
boolean, string | |
string | |
number | |
string | |
string | |
admissionController.rbac.clusterRole.extraResources[].verbs[] (20) - create | string |
string | |
string | |
number | |
admissionController.topologySpreadConstraints[].topologyKey (20) kubernetes.io/hostname | string |
string | |
string | |
string | |
string | |
number | |
number | |
string | |
string | |
string | |
admissionController.clusterRole.extraResources[].verbs[] (5) - get | string |
admissionController.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[].matchExpressions[].key (3) node-role.kubernetes.io/control-plane | string |
string | |
admissionController.tolerations[].key (3) node-role.kubernetes.io/control-plane | string |
string | |
number | |
string | |
string | |
boolean | |
string | |
string | |
string | |
string | |
string | |
boolean, string | |
string | |
string | |
string | |
string | |
backgroundController.rbac.clusterRole.extraResources[].verbs[] (20) - create | string |
string | |
string | |
string | |
string | |
string | |
string | |
backgroundController.clusterRole.extraResources[].verbs[] (5) - get | string |
number | |
string | |
string | |
number | |
string | |
string | |
string | |
boolean | |
string | |
string | |
string | |
boolean | |
string | |
string | |
string | |
boolean, string | |
grafana.annotations.grafana_folder (10) Infrastructure | string |
string | |
string | |
string | |
string | |
boolean | |
string | |
boolean | |
string | |
installCRDs (5) false | boolean |
string | |
number | |
topologySpreadConstraints[].topologyKey (5) kubernetes.io/hostname | string |
topologySpreadConstraints[].whenUnsatisfiable (5) DoNotSchedule | string |
number | |
string | |
boolean | |
boolean | |
string | |
string | |
string | |
string | |
string | |
string | |
string | |
string | |
number | |
string | |
string | |
boolean | |
number | |
boolean | |
number | |
string | |
string | |
string | |
boolean |