Getting Started

Getting Started Guide
Preview Feature: The Remediator Agent is currently available for preview. Contact us to get early access and provide feedback. Contact Us

Getting Started with Remediator Agent

The Remediator Agent automatically identifies and fixes policy violations in your Kubernetes clusters and Git repositories using AI-powered remediation. This guide will get you up and running quickly.

Prerequisites

Before installing the Remediator Agent, ensure you have:

Required Components

  • Kubernetes Cluster: Running Kubernetes 1.20+
  • Helm: Helm 3.x installed and configured
  • kubectl: Configured to access your cluster
  • ArgoCD (optional): ArgoCD installed (for hub-spoke setups)

Authentication Requirements

  • Nirmata API Token: Your personal NCH token. If you don’t have an account, sign up for a 15-day free trial to get your API token.

Quick Installation

Create Namespace and Secrets

# Create namespace
kubectl create namespace nirmata

# Create Nirmata API token secret
kubectl create secret generic nirmata-api-token \
  --from-literal=api-token=YOUR_NIRMATA_API_TOKEN \
  --namespace nirmata

Install the Remediator Agent

Add and update Helm repo:

helm repo add nirmata https://nirmata.github.io/kyverno-charts
helm repo update nirmata

Install the Helm chart:

helm install remediator nirmata/remediator-agent --devel \
  --namespace nirmata \
  --create-namespace \
  --set nirmata.apiTokenSecret="nirmata-api-token"

Install CRs

NOTE: The following CRs are required for the proper functioning of the Agent. Do not skip this step.

  1. Setup ToolConfig
  2. Setup LLMConfig
  3. Setup Remediator

Verify Installation

# Check if pods are running
kubectl get pods -n nirmata -l app.kubernetes.io/name=remediator-agent

# Check custom resources
kubectl get llmconfigs,toolconfigs,remediators -n nirmata

# Check logs
kubectl logs -n nirmata -l app.kubernetes.io/name=remediator-agent --tail=50

Audit Logging

To enable audit logging for compliance and troubleshooting:

# Enable audit logging only
helm upgrade remediator nirmata/remediator-agent --devel \
  --set logging.enableAudit=true

Uninstallation

helm uninstall remediator -n nirmata

Note: This removes the deployment and CRDs but preserves any secrets that you have created. They need to be cleaned up manually.

Support Matrix

  • All CNCF compliant K8s distributions (including vanilla K8s and on-prem).
  • K8s Versions: All versions supported by the cloud providers (including extended support versions).
  • AI Provider: AWS Bedrock
  • GitOps: ArgoCD
  • VCS: GitHub, GitLab (Enterprise & SaaS)
    • Auth: Personal Access Token (PAT), GitHub app
  • K8s manifests: YAML files, simple Helm charts

Common Use Cases

  • Policy Compliance Automation: Automatically fix security policy violations across your clusters.
  • GitOps Integration: Generate pull requests with fixes that integrate with your GitOps workflows.
  • Multi-Cluster Management: Manage policy compliance across multiple clusters from a central hub.