Provides steps to verify that RHACS is properly installed.

Verifying installation

After you complete the installation, run a few vulnerable applications and navigate to the RHACS portal to evaluate the results of security assessments and policy violations.

The sample applications listed in the following section contain critical vulnerabilities and they are specifically designed to verify the build and deploy-time assessment features of Red Hat Advanced Cluster Security for Kubernetes.

To verify installation:

  1. Find the address of the RHACS portal based on your exposure method:

    1. For a route:

      $ oc get route central -n stackrox
    2. For a load balancer:

      $ oc get service central-loadbalancer -n stackrox
    3. For port forward:

      1. Run the following command:

        $ oc port-forward svc/central 18443:443 -n stackrox
      2. Navigate to https://localhost:18443/.

  2. Using the Red Hat OpenShift CLI, create a new project:

    $ oc new-project test
  3. Start some applications with critical vulnerabilities:

    $ oc run shell --labels=app=shellshock,team=test-team \
      --image=vulnerables/cve-2014-6271 -n test
    $ oc run samba --labels=app=rce \
      --image=vulnerables/cve-2017-7494 -n test

Red Hat Advanced Cluster Security for Kubernetes automatically scans these deployments for security risks and policy violations as soon as they are submitted to the cluster. Navigate to the RHACS portal to view the violations. You can log in to the RHACS portal by using the default username admin and the generated password.