K8s security policy (air-gapped)

Install the NMC Kyverno policies and network policies in air-gapped mode using direct Helm install. If a local registry is configured, you can pull bundle artifacts from it; otherwise use the bundle from the current directory.

For full details, refer to the K8s security policy installation guide.

tar -xzvf bundle/helm/nmc-kyverno-policies-2.0.12.tgz
helm install kyverno ./bundle/helm/kyverno-3.5.2.tgz --namespace kyverno --create-namespace --version 3.5.2 --values ./nmc-k8s-security/values-kyverno.yaml --wait --timeout 2m

helm install k8s-security-policy ./bundle/helm/nmc-kyverno-policies-2.0.12.tgz \
   --namespace kyverno -f values-kyverno-admin.yaml -n kyverno --wait

helm install nmc-network-policies ./bundle/helm/nmc-network-policies-2.0.12.tgz -f values-admin.yaml --wait

Values files are available in the component documentation. Once installed, proceed with the rest of the K8s security configuration as needed.