LogoLogo
  • Welcome to Firefly Documentation
  • Introduction
    • What is Firefly?
    • Who is Firefly for?
    • Why use Firefly?
    • Terminology (Glossary)
  • Key Features
    • Infrastructure-as-Code Automation
    • Cloud Asset Inventory
    • Drift Detection & Remediation
    • Policy-as-Code for Compliance & Governance
    • Cost Visibility & Optimization
    • AI Assistant
    • ChatOps Integration
  • Getting Started
    • Account Setup & Onboarding
    • Connecting Cloud Accounts
    • UI Walkthrough & Navigation
    • First Steps in Firefly
  • Detailed Guides
    • Dashboard Overview
    • Cloud Asset Inventory
      • Remediating Drifts
      • Deleting Assets
      • Creating IaC-Ignore Rules
      • Creating Exclude-Drift Rules
    • Policy & Governance
      • Creating Policy-as-Code Governance Rules
      • Remediating Policy Violations
    • Workflows & Guardrails
      • Creating Workflows
      • Creating Guardrail Rules
    • Codification
    • Self-Service
    • IaC Explorer
    • Event Center
    • Backup and Disaster Recovery
    • Notifications
    • User Management
    • SSO Configuration
  • Integrations
    • Integrations Overview
    • Integrating Data Sources
      • AWS
      • Azure
      • Google Cloud
      • Kubernetes
      • Akamai
      • Datadog
      • New Relic
      • Okta
      • GitHub
      • Cloudflare
      • NS1
      • PagerDuty
      • MongoDB Atlas
      • HashiCorp Vault
    • Integrating IaC Remote State
      • Terraform Cloud
      • Google Cloud Storage
      • env0
      • HashiCorp Consul
    • Integrating Version Control
      • GitHub
      • GitLab
      • Azure DevOps
      • CodeCommit
      • Bitbucket
    • Integrating Notifications
      • Slack
      • Microsoft Teams
      • PagerDuty
      • Opsgenie
      • Torq
      • Webex
      • Google Chat
      • Webhook
    • Integrating Project Management
      • Jira
      • ServiceNow
    • Integrating Workflows with CI/CD
    • Integrating Backstage
    • Integrating MCP
  • Use Cases & Best Practices
    • Cloud Governance & Visibility
    • Cost Optimization Strategies
    • Compliance and Security Best Practices
    • Infrastructure Automation & Self-Service
    • Best Practices and Implementation Tips
  • Analytics & Reporting
    • Analytics Dashboard Overview
    • Using Analytics for Improvement
    • Exporting and Sharing Reports
    • Analytics Security and Privacy
  • Code Snippets & Examples
    • Terraform Snippet for an AWS EC2 Instance (Codified via Firefly)
    • Example Rego Policy (OPA) for a Custom Rule
    • GitHub Actions Workflow YAML for Firefly Integration
    • JSON Output Example: Exporting Inventory
  • Troubleshooting & FAQs
    • Common Issues and Solutions
    • FAQs
  • General Information
    • Firefly API
      • Authentication
      • Inventory
      • Codification
      • Workflows
      • Self-Service
      • Policy & Governance
      • IaC Explorer
      • Event Center
      • Backup and Disaster Recovery
      • User Management
      • Notifications
      • Integrations
    • Security & Compliance
    • Pricing Tiers & Add-ons
    • Contacting Support
Powered by GitBook
On this page
  • Overview
  • Prerequisites
  • Setup Procedure
  • Argo CD Integration (Optional)
  • Configuration Details
  • Best Practices
  • Troubleshooting

Was this helpful?

  1. Integrations
  2. Integrating Data Sources

Kubernetes

Overview

Integrating a Kubernetes cluster involves deploying a Firefly agent (container) in your cluster that reports resource info. In Firefly, select Add New > Kubernetes. You'll be prompted for a Cluster ID (an alias or name to identify the cluster) and whether to mark it as production. You can also choose to integrate Argo CD if you use it for GitOps (Firefly will then fetch additional data about the cluster's apps).

On the next step, Firefly will provide a command – typically a Helm install or a kubectl command that includes a manifest URL and an API token – which you run in your K8s cluster's context. This command installs Firefly's agent (often in the firefly namespace). The agent will collect cluster resources (Pods, Deployments, Services, etc.) and send them to Firefly.

If Argo CD integration was enabled, you'll also input your Argo CD domain and an API token for Argo in the Firefly setup, which allows Firefly to correlate Argo applications with cluster objects. Once done, Firefly will list your cluster in Inventory (under Kubernetes provider) and you'll see Kubernetes objects as part of your asset inventory.

For K8s, Firefly's drift and codification features can track the cluster's manifests similarly to cloud resources. The integration will continuously monitor the cluster (the agent watches for changes) and Firefly also periodically pulls. If you destroy the cluster or uninstall the agent, Firefly will mark those resources as deleted after a while.

Prerequisites

  • Access to a Kubernetes cluster with administrative privileges

  • kubectl or Helm installed and configured

  • Cluster context properly configured

  • (Optional) Argo CD installed if using GitOps

  • (Optional) AWS S3 bucket for Argo CD configuration (if using Argo CD)

Setup Procedure

  1. Select Settings > Integrations

  2. Select Add New > Kubernetes

  3. Enter the Cluster ID (a unique alias)

  4. (Optional) Select the Mark as Production checkbox

  5. (Optional) To display the Kubernetes object status from Argo CD in the Inventory, select the Integrate Argo CD checkbox (Currently supported by AWS only)

  6. Select Next

Argo CD Integration (Optional)

If you are integrating with Argo CD, fill in the following fields:

  • Argo CD Domain: The Argo CD server domain in your cluster

  • Argo CD API Token: We recommend creating a dedicated Argo CD user with read-only permissions, without admin permissions, and then create a token for the new user. See Create New User and Generate Token in the Argo CD documentation.

  • AWS S3 Bucket: Create a dedicated bucket in an AWS account integrated with Firefly for the Argo CD configuration output

  • AWS S3 Bucket Region: Select the region of the S3 account

  1. Select Next

  2. Copy the command, and run it in the terminal (this installs Firefly's agent in the firefly namespace)

  3. Select Done

Configuration Details

  • Supports monitoring of:

    • Pods

    • Deployments

    • Services

    • ConfigMaps

    • Secrets (metadata only)

    • Other Kubernetes resources

  • Continuous monitoring through agent-based architecture

  • Integration with Argo CD for GitOps workflows

  • Support for drift detection and manifest tracking

  • Regular scanning of cluster resources

  • Integration with Firefly's inventory management

Best Practices

  1. Use a dedicated namespace for the Firefly agent

  2. Regularly verify agent health and connectivity

  3. Monitor agent logs for any issues

  4. Keep track of which cluster resources are being monitored

  5. Review and update policies as needed

  6. Maintain proper RBAC controls for the agent

  7. Consider using Argo CD integration for better GitOps visibility

Troubleshooting

  1. For agent deployment issues:

    • Verify cluster access and permissions

    • Check if the agent pod is running

    • Review agent logs for errors

    • Ensure proper network connectivity

  2. For resource discovery issues:

    • Verify the integration is active in Firefly

    • Check if the agent has proper RBAC permissions

    • Review Firefly integration logs

    • Verify cluster connectivity

  3. For Argo CD integration issues:

    • Verify Argo CD credentials

    • Check S3 bucket permissions

    • Review Argo CD server connectivity

    • Ensure proper token permissions

PreviousGoogle CloudNextAkamai

Last updated 9 days ago

Was this helpful?