Skip to main content
Deploy the Garnet runtime agent on your Kubernetes cluster to profile network connections, process execution, and file access across all workloads — with the same runtime assertions as GitHub Actions.
1

Add Helm repo

helm repo add garnet https://helm.garnet.ai
helm repo update
2

Install

helm install garnet garnet/garnet \
  --namespace security \
  --create-namespace \
  --set garnet.token=YOUR_API_TOKEN
Replace YOUR_API_TOKEN with the token from app.garnet.aiSettingsAPI Tokens.
Jibril uses eBPF for kernel-level visibility. Your nodes must run Linux with kernel 5.8+.
3

Verify

kubectl get pods -n security
One runtime agent pod per node. Agents and runs appear at app.garnet.ai within seconds.

Configuration

ParameterDescriptionDefault
garnet.tokenGarnet API token for authentication""
cluster.nameDisplay name for this cluster in the dashboardgarnet-cluster
For deeper customization (init containers, heartbeat intervals, and full config overrides), see the chart’s values.yaml.

Troubleshooting

Confirm your garnet.token value is correct. Check that pods are running:
kubectl get pods -n security
kubectl logs -n security -l app=garnet
Jibril requires Linux kernel 5.8+ for eBPF. Verify your nodes:
kubectl get nodes -o wide

helm upgrade --install garnet ./helm/garnet \
  --namespace security \
  --create-namespace \
  --set garnet.token=YOUR_API_TOKEN

helm upgrade --install garnet garnet/garnet \
  --namespace security \
  --set garnet.token=YOUR_API_TOKEN \
  --set cluster.name=my-cluster