Installing Gatekeeper

Gatekeeper is a controller embedded between the Kubernetes API and the Open Policy Agent (OPA) policy engine to check that Kubernetes resources created, modified and deleted are compliant with policies. For more information about Gatekeeper, see Kubernetes reference and official Gatekeeper documentation.

1. Install Helm if the utility is not already installed.

2. Run the commands

   Windows (PowerShell)

   Linux (bash)/macOS (zsh)

   Copy
   helm repo add gatekeeper https://open-policy-agent.github.io/gatekeeper/charts; `helm install gatekeeper/gatekeeper --name-template=gatekeeper --namespace opa-gatekeeper --create-namespace

Check that the Gatekeeper pods have been created and are working by running the command:

Copy
kubectl -n opa-gatekeeper get pods

The output of the command should contain gatekeeper-audit-... and gatekeeper-controller-manager-... pods in Running status.

Example of the output:

Copy
NAME                                             READY   STATUS    RESTARTS   AGEgatekeeper-audit-...                             1/1     Running   0          ...gatekeeper-controller-manager-...                1/1     Running   0          ...

1. To delete Gatekeeper, run the command:

   Copy
   helm delete gatekeeper --namespace opa-gatekeeper

2. To delete the CRD objects created for Gatekeeper, run the command:

   Copy
   kubectl delete crd -l gatekeeper.sh/system=yes