Qualys Cloud Agent on Red Hat CoreOS
Overview
Red Hat CoreOS is a minimal, immutable operating system designed to securely and efficiently run containers at scale, primarily within Kubernetes platforms such as OpenShift. The Qualys Cloud Agent is deployed as a containerized service that continuously monitors host-level posture and relays real-time data to the Qualys Cloud Platform.
This guide helps you integrate Qualys into your container host security strategy by enabling:
- Vulnerability Management (VMDR)
- Configuration Compliance Monitoring
- Asset Inventory for Immutable Hosts
Who Should Use This Guide?
- Platform Engineers deploying Red Hat OpenShift
- Kubernetes and OpenShift Administrators
- DevSecOps Engineers
- Cloud Security and Compliance Teams
Before You Begin
- A running Red Hat CoreOS instance (typically managed via OpenShift)
- Access to
machine-configand the ability to modify ignition configs or use DaemonSets - A valid Qualys Activation Key
- Outbound network access to the Qualys Cloud Platform (HTTPS/443)
- Optional: Access to internal registries for hosting container images
What You’ll Learn
- Preparing Red Hat CoreOS to run the Cloud Agent container securely
- Deploying the agent as a privileged container or through OpenShift constructs
- Passing configuration using Ignition, MachineConfig, or Kubernetes Secrets
- Validating agent registration and connectivity to Qualys
- Automating rollout across multiple nodes via DaemonSets
Deployment Highlights
- Compatible with the OpenShift-native container security model
- Deploys using declarative infrastructure (no manual changes post-boot)
- Maintains persistent telemetry without requiring direct shell access
- Ideal for securing host-level activity in managed container clusters
Related Resources
Need Help?
For custom deployment scenarios, troubleshooting, or cluster-wide rollout strategies, contact your Qualys Technical Account Manager or join discussions on the Qualys Community. You can also reach out to Qualys Support for personalized assistance.