The Shodan Monitor Kubernetes (K8s) integration keeps track of your K8s public IPs by getting all external IPs of the K8s nodes then adding them on Shodan Monitor. If your K8s changes IPs then the ingration also removes them from Shodan Monitor automatically so you only monitor the IPs that are currently used by K8s.
To get started you need to have a working Kubernetes cluster, installed kubectl and helm. For example, below is a test cluster created in the cloud:
Once you get the kubeconfig file, export it to the environment or move it to your home directory so kubectl can connect to your K8s cluster:
$ export KUBECONFIG=/path/to/kubeconfig.yaml
$ kubectl get nodes
NAME STATUS ROLES AGE VERSION
lke101044-151554-642b8a282ad7 Ready <none> 21d v1.25.4
lke101044-151554-642b8a28c73d Ready <none> 21d v1.25.4
We will be using helm for the installation. If you are not familiar with helm, it is a tool that automates the creation, packaging, configuration, and deployment of Kubernetes application. You can read instructions to download it from here.
We already have a sample helm chart for Shodan Monitor Kubernetes from our Gitlab public. You can add the repo from our URL using helm and install it.
# Add the shodan-monitor-kubernetes helm repo
$ helm repo add shodan-monitor-kubernetes "https://shodan-public.gitlab.io/shodan-monitor-kubernetes"
$ helm repo update
# Install the shodan-monitor-k8s integration
$ helm install --set shodanApiToken=SHODAN_API_KEY shodan-monitor-k8s shodan-monitor-kubernetes/shodan-monitor-k8s
You can get the SHODAN_API_KEY from your Account page. After you've added the integration go ahead and check your Manage Assets on Shodan Monitor; you should see that your Kubernetes IPs have been added:
