search logo search cross
Schedule a demo

Struggling to find cloud security expertise?

Our dashboards correlate events across the multi cloud and on-premise, Reduce resolution time time by 95% AccuKnox Dashboards turn hours into minutes

FREE Risk Assessment Read Reviews Here

eBook

ebook

Get eBook worth $199 for Free

DOWNLOAD NOW
1/3

Blog

mssp

MSSP Ready CNAPP - AccuKnox

LEARN MORE
2/3

Comparison

Comparison

Searching for Alternative CNAPP?

COMPARE NOW
3/3

KubeArmor Deployment Modes

KubeArmor Deployment Modes offer flexible and comprehensive runtime security for applications across a variety of environments. Whether you’re deploying in Kubernetes, directly on a host machine, or using self-managed virtual machines, KubeArmor provides a robust enforcement layer to secure workloads without requiring modifications to application code.

1. Native Kubernetes Integration

The most common and recommended KubeArmor deployment mode is its native integration with Kubernetes. KubeArmor seamlessly hooks into Kubernetes APIs, enabling real-time enforcement of security policies directly within pods and containers. By monitoring system calls and file/process activity, it ensures compliance and protection at the runtime layer.

To deploy KubeArmor in this mode, the karmor CLI can be used. Running karmor install auto-detects the Kubernetes environment and configures all necessary components, including the policy manager, relay service, and telemetry tools. After deployment, administrators can apply custom security policies using Kubernetes-native YAML files to enforce restrictions—such as blocking specific commands like sleep.

This mode supports various environments like Cilium-based clusters and multi-node deployments, making it ideal for production workloads managed via Kubernetes.

2. Host-Based Deployment (Systemd)

For environments where Kubernetes is not in use—such as legacy infrastructure or minimal server setups—KubeArmor can be deployed directly on the host as a systemd service. This host-based KubeArmor deployment mode provides the same powerful runtime enforcement by integrating with the Linux kernel via eBPF or other system hooks.

The installation process involves downloading the KubeArmor Debian package (e.g., version 0.2), installing it using sudo apt install, and starting the service via systemd. After setup, users can apply policies to the host system just like in Kubernetes. For instance, applying a hostpolicy.yaml can instantly block unsafe processes like sleep.

This mode is especially useful for securing traditional VM-based workloads or bare-metal servers, making KubeArmor highly versatile across hybrid cloud setups.

3. Helm-Based Installation

For Kubernetes users who prefer using Helm for package management, KubeArmor supports Helm-based deployments. This allows for customized deployments based on specific environment needs (e.g., Docker, minikube, or cloud-managed clusters). Helm charts are available in the official repository, and deploying KubeArmor is as simple as:

helm install kubearmor ./charts –namespace kube-system

This method provides greater control over values and configurations, particularly in CI/CD pipelines or infrastructure-as-code environments.

4. Manual YAML-Based Deployment

Another alternative for Kubernetes users is to install KubeArmor manually using pre-configured YAML manifests. These manifests define the core components such as DaemonSets, ConfigMaps, and Services. This manual deployment mode is ideal for users who prefer full visibility into their resource definitions or need to fine-tune deployments to fit highly specific infrastructure requirements.

Using kubectl apply -f <manifest>, administrators can deploy KubeArmor with tailored configurations. Policies can then be managed with kubectl or the karmor CLI.

5. Virtual Machine (VM) Support

Although not covered in detail in the same session, VM-based KubeArmor deployment modes were mentioned as a viable path, especially for self-managed virtual machines outside Kubernetes. This typically mirrors the host-based approach, allowing organizations to extend runtime security to cloud VMs, edge servers, or isolated workloads that don’t rely on Kubernetes orchestration.

Conclusion

Understanding the different KubeArmor Deployment Modes is essential for implementing runtime security tailored to your environment. Whether you’re operating within a Kubernetes cluster, on a bare-metal host, or in a hybrid infrastructure with VMs, KubeArmor offers flexible and effective deployment options. Native Kubernetes integration remains the most streamlined approach, but the availability of host-based, Helm-based, YAML-based, and VM-support modes ensures that organizations can adopt KubeArmor regardless of their infrastructure maturity.

By selecting the right deployment mode, teams can enhance application security, enforce compliance policies, and gain visibility into runtime behaviors—all without altering existing codebases.

Now you can protect your workloads in minutes using AccuKnox, it is available to protect your Kubernetes and other cloud workloads using Kernel Native Primitives such as AppArmor, SELinux, and eBPF.

Let us know if you are seeking additional guidance in planning your cloud security program.

💻 Learn more about AccuKnox
Contact: https://accuknox.com/contact-us
❓Get help with queries
Slack: https://kubearmor.slack.com/
💬 Follow AccuKnox on social media
LinkedIn: https://www.linkedin.com/company/accuknox/
X: https://x.com/Accuknox
✅ Subscribe to Accuknox’s YouTube channel https://www.youtube.com/channel/UCLqK