Securing Your Kubernetes Deployment with Anchore

Anchore ensures that only the right images are deployed and run in your Kubernetes environment

How Anchore Fits into a Kubernetes Deployment

Anchore provides the ability to inspect, query, and apply policies to container images prior to deployment in your private container registry, ensuring that only images that meet your organization’s policies are deployed in your Kubernetes environment.

Anchore can be integrated with Kubernetes using admission controllers to ensure that images are validated before being launched. This ensures that images that fall out of compliance, for example due to new security vulnerabilities discovered, can be blocked from running within your environment. Anchore can be deployed standalone or as a service running within your Kubernetes environment.


Securing the pipeline into Kubernetes

Anchore is deployed as part of the CI/CD pipeline to scan container images as they are built, validating these images against user defined policies. These policies can include checks on security vulnerabilities, package whitelists, blacklists, configuration file contents, presence of credentials in image, manifest changes, exposed ports or other user defined checks. Only if the images pass these policy checks are they allowed to continue to the next stage of the build pipeline and then into the container registry used by Kubernetes.

Ensure that only certified images are launched by Kubernetes

Anchore can be integrated with Kubernetes using an admission controller that communicates with the Anchore Engine before running a container to ensure that the container image is compliant with the organization’s policies. Anchore uses native Kubernetes APIs and does not require any configuration changes or software installed on the host – no Docker plugins or privileged containers are required.


How To Get Started

Get started by heading over to the Jenkins Plugin page and downloading the plugin or read more in our technical docs.

Deploy Anchore Engine

Install Anchore Engine and secure the pipeline into Kubernetes 

Read Our Technical Documentation

Read our technical guide for deploying a highly scalable Anchore environment on Kubernetes

Ready to get started?

Read the getting started guide or contact us for assistance