Support Matrix
KubeArmor supports following types of workloads:
- 1.K8s orchestrated: Workloads deployed as k8s orchestrated containers. In this case, Kubearmor is deployed as a k8s daemonset. Note, KubeArmor supports policy enforcement on both k8s-pods (KubeArmorPolicy) as well as k8s-nodes (KubeArmorHostPolicy).
- 2.Containerized: Workloads that are containerized but not k8s orchestrated are supported. KubeArmor installed in systemd mode can be used to protect such workloads.
- 3.VM/Bare-Metals: Workloads deployed on Virtual Machines or Bare Metal i.e. workloads directly operating as host/system processes. In this case, Kubearmor is deployed in systemd mode.
Provider | K8s engine | OS Image | Arch | Audit Rules | Blocking Rules | LSM Enforcer | Remarks | ||
Onprem | x86_64, ARM | ✔ | ✔ | ✔ | ✔ | | |||
Google | x86_64 | ✔ | ✔ | |