Self-Managed Kubernetes

Deploy the Internal Scanner to any Kubernetes cluster using our Helm chart. This option is for organizations running their own Kubernetes infrastructure, whether on-premises or on cloud providers without a dedicated Terraform module.

Helm Resources: Helm Charts | GitHub

When to Use This Option

On-premises Kubernetes clusters
Self-managed Kubernetes on any cloud provider
Managed Kubernetes services not yet supported by our Terraform modules (e.g., DigitalOcean, Oracle Cloud)

Getting Started

Prepare Your Cluster

Ensure your cluster meets the prerequisites. Key items to verify:


# Check Kubernetes version
kubectl version
 
# Verify cluster connectivity
kubectl get nodes
 
# Create namespace
kubectl create namespace scanner

Subsequent steps assumes the namespace is called scanner.

Add Detectify Helm Chart Repository


helm repo add detectify https://detectify.github.io/helm-charts
helm repo update detectify

Deploy with Helm

Install the Helm chart on the cluster:


helm install detectify-scanner detectify/internal-scanning-agent \
  --namespace scanner \
  --set registry.username='your-registry-username' \
  --set registry.password='your-registry-password' \
  --set config.licenseKey='your-license-key' \
  --set config.connectorApiKey='your-connector-api-key'

For more configuration options, see Configuration.

Verify Deployment


# Check pods are running
kubectl get pods -n scanner
 
# Check scanner logs
kubectl logs -n scanner -l app=scan-scheduler

Next Steps

After deployment:

Configure - Set up scan targets
Scaling - Capacity planning
Troubleshooting - Common issues