From 7a7cc58f8b6c92cde272a37b9dde0aab35dc2e3c Mon Sep 17 00:00:00 2001 From: selvamt94 Date: Thu, 20 Jul 2023 20:05:51 -0700 Subject: [PATCH] make chart --- .../neuvector-monitor-102.0.3+up2.6.0.tgz | Bin 0 -> 7805 bytes .../102.0.3+up2.6.0/Chart.yaml | 26 + .../102.0.3+up2.6.0/README.md | 22 + .../102.0.3+up2.6.0/app-readme.md | 5 + .../dashboards/nv_dashboard.json | 1828 +++++++++++++++++ .../102.0.3+up2.6.0/questions.yaml | 27 + .../102.0.3+up2.6.0/templates/_helpers.tpl | 40 + .../102.0.3+up2.6.0/templates/dashboard.yaml | 15 + .../templates/exporter-deployment.yaml | 56 + .../templates/exporter-service.yaml | 28 + .../templates/exporter-servicemonitor.yaml | 39 + .../102.0.3+up2.6.0/templates/secret.yaml | 15 + .../102.0.3+up2.6.0/values.yaml | 51 + index.yaml | 31 + 14 files changed, 2183 insertions(+) create mode 100644 assets/neuvector-monitor/neuvector-monitor-102.0.3+up2.6.0.tgz create mode 100644 charts/neuvector-monitor/102.0.3+up2.6.0/Chart.yaml create mode 100644 charts/neuvector-monitor/102.0.3+up2.6.0/README.md create mode 100644 charts/neuvector-monitor/102.0.3+up2.6.0/app-readme.md create mode 100644 charts/neuvector-monitor/102.0.3+up2.6.0/dashboards/nv_dashboard.json create mode 100644 charts/neuvector-monitor/102.0.3+up2.6.0/questions.yaml create mode 100644 charts/neuvector-monitor/102.0.3+up2.6.0/templates/_helpers.tpl create mode 100644 charts/neuvector-monitor/102.0.3+up2.6.0/templates/dashboard.yaml create mode 100644 charts/neuvector-monitor/102.0.3+up2.6.0/templates/exporter-deployment.yaml create mode 100644 charts/neuvector-monitor/102.0.3+up2.6.0/templates/exporter-service.yaml create mode 100644 charts/neuvector-monitor/102.0.3+up2.6.0/templates/exporter-servicemonitor.yaml create mode 100644 charts/neuvector-monitor/102.0.3+up2.6.0/templates/secret.yaml create mode 100644 charts/neuvector-monitor/102.0.3+up2.6.0/values.yaml diff --git a/assets/neuvector-monitor/neuvector-monitor-102.0.3+up2.6.0.tgz b/assets/neuvector-monitor/neuvector-monitor-102.0.3+up2.6.0.tgz new file mode 100644 index 0000000000000000000000000000000000000000..21c6f4e81524370e2fb9c4b38c64d2824bf23d02 GIT binary patch literal 7805 zcmV-@9)jT?iwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc zVQyr3R8em|NM&qo0PKBfbKAI2-VCZ|NlNn2L~`5Y50Al(l>s5JB0_{uDFOo@3v8 z@{JzLvaDghul`$>RsP=@cC06zet$6R?e?rr|B2P<4|fMokoBzqSoB0(VD`ki_E_b~ zJ&*?n0Toyf8t{>Ukc|cQsN1%&5FWG%-LZiQG9loM5W|5z1y) z?-f;{H=3$y+kB43(3%0`ga#w@!#{uQv^&q+R?9;FK%I71ef*)er5uHa*oG0(FIyQM z^Ensb*EXYkggg>N7qz7!FrSFll1hxuhy%Rk&e#a0qqc48@60;2O=7eaW{SG)-FT+m z_JWBr@Bnj&(OO~F+BRYyO1yXx7rOlhWhz9-M>{(O3>w6i zeI{jih6QH4+jfbVM&pPBvuPk85DMMVPUl5$xZB+w{2%^f*RuX|_G91p4D)l!96mBy zh=Uz5BIbsVNgyx@fT{Q3W8#evkHU~L@qddTAf$0U2Ac>jrog~x!ak=FvqANlz^p-4 z@TK*$PezLCj@4~j?cRS!p~m`M@qbnR&#)H(|CS11iTv;G4tGoPf6y6pHuC>Ao-K3$ z6C8O0>2+7!n{kA(g-)l0Bf=3zANJn7ZcQlju@K;(3GqNyH~`zj4A2ZSg2x_kBq$mK z3Nh#4AQA|Q#1xPKKlHEw-Zl)^qhsvF8b^2_KOv+=cMQ-mxP%KfA0g8;43>U#sQnpO zn^1#-KSDqJU`P=uju@E{4_p|b3HCS`23$z?1}6L7La!$J{WeP8qjTbUD4;?DO9C#i z=YeA&1c97}GeUwzU?4<%?8Xo>2q~9rGEddvj!zh)44j+}3K{i5Od;Z}WHi-WU^kJX z5+-|!16SfpqF7Lb5d-Ydz?&l}?9hK02<@L9zdrlrK3zu%L!`OMbyDo+_9twr{=7I}4~-gy)| zFR_OMTfS1bm#_0S1p0ER-pT33BELNbf!k8qvjF7s6S{-{iWszHf30!cVT%L;Sb)6| zG9?t|b^B@YXdHkTArprokH496+AhNr9N+`Yr(=qlQ^J9!ANeY0XP741LdRMiXYaQW znIP~(G1myfWAHQ*Bz862u?f^T$X47;v7TglSAVo!AVAlIjJp z8TQ(eJtQY^5ZkJ&qm+V?6AK7lY$Iht#KFM`DcV8lKK1^PY>CdAcL9){jr ze&E;-rMSQo$&IRe61dxF97&d(P$ma+flJ`qaiqdH}q<2V`u!%~ygy&HRUyd&*_ zodaq|J_H&!J2)h5-`QdsT3bP@hV=8ZAc4zA=(mqCFe}V0o<}mdyP5?n!Jo?is{T*K z^v>B7ybu^~i||^ez%u>c8w^VNf4954yV3u*@qGER^IvF2{E=jRrP8I~|IwFdv8OOX z|Fv^@X~__7jg_a56Q1KjyNDreL(+Cb&a0!gn;L8B#j-9_(U2(%C;dKJsr;# zHV)pN$hstO5f8zB);3;E5X-3zBy}++0gt^U^^OQ_jEq5vRD`9uC4rBjU4UF!tB7DS zN%5H!rZ`RNG*(y%=^oE|`kR`-=*QL9H3w&k3*AdQ)~~v83Txr*+5m=(1Y&~Bzw_4L zxmoH>kGl?~HGM8nU~Xw8%fw!vTvoNbF|FuYN-!^6VpY#Tps?2F;`O>~VS5jsMf%@K z?Bi<&1D5E2Yq#Gm>;J)UxY7T&@swCM@mAYq7pWaPF6i>I93lKn0%wG@5&Q;+h7STe zSm03_OABVLxW86PQ%1qN`toH35YqbSYo=}T;#?PAN+&1wmz41vcXXDHJwj&3EK9BC zabx%FQaewwnV=uA@2%eSD+);9Kp;>*Cz38NjTBF_47&CoTw?aCA(8SE@qoAg1p=9A z1-?_ME+u<10xAx%c>Ndge=@C>1EELf(#^P%Bv``#y}@p2|EJp-4mbAytvpRkkg$8J z#P2u^`A*982Pt9Has8rjSSzG8B47n(R>qL3oe*k`snkxGHMYE~y(bl>z=*(ZsYV<~ zk(HzsFGrS^6tOWMp^ggecxpfmlaGZxeVqdmNj$BFfn*k=B-)T-u^hdLUm=urrgo&T zn2yknj#KcaN>n1vd~OY&n+;WTc&8M6llTVvGmrco4mJagc@o%O;Mm0b&M`dPZX$?9pbog;J=(>;nj??i#g zGmy$98E~zbuye|)shgbqtr@%+u+D~#1BQFHO`|}()%#GG6T7xNUsf6qC7zYq@hZc= zI)0H_?FoWEQ`i&BADPLgc3}g}%wWjcCygoi#bO;=M`jMC=>V6PJGs}o=}ryAqdMb3 zb=(%%MVFUm0iM`pSO<)6GH8BvmO@exZ;if}6m!jRWP26p@^UG>%fL-3{fK(Ro{!L; zcaG;gR|A6CDEBp^H?>!>cl7G)P-X^gAH6$1Jv=^> z|LQv}NjwGQPmKCyK((+shRLYZ&&tZIrMrlmGmvJ5DB)^ltL*lkmF&M{1Llfu;IjOm z{%*f)|8)k|#{RpFC)P|jaGGtvY6+j&jTT~R9L7e}x|ZR}R-pv_oQP>Xc=`P?RlQpYc#cWHm3m8_!FOx4@Ab+S|3I)j z_;sFj8-Vh2q17mN`kVgC~Afk5trt; zWKn@Mzok}>Eo)wJsdUuFOu{zidhk_}QnHS#`6{VLvjzcF2gqn)xL{f^ve5xoo;ud|8L`2H~ybf?JC@Hg|L4XDY^gAf9+1a z3-O;3q?>i6l-xRnP^f~wqVcc~fsMYRKO-vQ;Y%sJjol*`PR$&H}1|rTpBrM(ekI$(X#!=E3 zeMJY^*(CK%SN)3KQUTm(B@gdb~d=#ifNXk~{#zM@a6Mhzs1Mv#yk zVb19}a~499?@Mxlkt&O-{KsL~lA!qTt#rUL`)}AEmd}6nI-B#qxAJUlZK2~RXq^&Y zai;)V3C~}Nn9@j~ed;t+5m$PAFQ<#aE(DP&F4IY=9GLYd!QTP30+E$@B&84!;cpyR`n zQ?z&VDizO@Sfyw-l@c~5mMB|9LCV z7Xu+P7X>v(=!3#MM0*}E!SnU>u2Ok&>L7?jg=G~crJ|R6!Q70G`V|TVb|t2N`?y_? zre$n_#2?B%{+Bom6i z%Z0HjeXF5+&(rTTEOLc<8DBymf&7O=8E@*$@a|znlO3JwQnQ z{l{;a_IyoU`tfP$mV-4eIe7MuF;g8U|9>l-0?fLmAp|Xl+PvtQWbJp74x~NH(TRuc z&(Z@70`RhKk_#*(Y`o27B?TL1_LR(k@9bN>;ZMW=ckn;Y_iOt87ZE>47D-xdl z9{e8sW5*%0f96TSr;58xAG6O6JrAnH5PFeIf;c=StG;M=+Jm$YQxKsTz|7Ep#HbV5 z0=-s*oz;wqQm&#NCmv;Ga?ZSu8gkARRwkj&m1*y}*mLYE@UqacW7+nlkgb%WOH3K? zDfJwlPkp*9$)_+Rfy;9uUO!(-8Bn!6kn2X+lK0FY^1Omrk1H_Xkyn_dX&A1*GS_p2ZvH%NvT3fuJDhD3o@A}#W)f)UrZTEB&aN&Qbzug{y?6p zO$JV6!@F9JFm3GFRnjnhz=7FFi~3Bd9IF}1BzbK%*vN7{~DZeYsaD9oX%$(vp z3e#*f^p=T2v``$P3T?xMit)3GeW%Jo#ahAaj7PqY+58NG31v30;*h4kutbSP;=>sS zMxazhMbwl+uZ)vym}w^4N0Qgk789F|?ZXGBtqfw~Yzk*gjznTky%#50Z zh$;gmozcmp*;Hx{_TQ}$VoAfO3RhoE0qi%DR|CtObE%z=QE`0c*LC9W5ZQ1e22 z$wX@sqaHyhLfSwih-k!H$Ib`uU+l(JWT#2_rQ+Ko?o_m>wsxv=T+x987d4W+Mo%DQ zc9)Jg2hXGDi^uA&G*)lvSWVh5H&pK$x?js_V?pIxwP=zlS+x`XKJ1+(=E#H0bt~rr zG*~3})galVx;+v*BuxTHUD`*zMUwN}<8-&jX_jnK03L{L+xYU=O)qHBoShdpr#i>j z{_HXu1_?12 zAZln-F;!f;0O&`hz#Fq0JmLnmQbt2m+-< z5%>qbfxM=g@}x~=Tw<&}n16tZBHTDx^ZF2LDeJrg43cf)NY*^L4XqMv04_+NnRPwX80EJ)6P2c!k>(5Q@8)t>{CUY0e^GM9%iHS1 z%9uKcz0eh}b+;#!ipna+SGF8sH^xn!chuy`YS)=n{bL^a&3-YTW*3vx8gH_~&ww4M zx`!%x?B#s1Ri_fms?$J4T4|D!it={f7>U3XhqrN4pJ#VNtu(nZW zx4VsGuU7lT?z3jeN=%{|hrT(p1 z@TQ%r1q88mXua%P*6mS1Qw%+~K(#@ORZtv6{V6$gN~bu(reC}DulFg*!Zf*rsDKYy82R@&UB%9 ztkPDNqPvpRV!lrzMg2v~(5YVoJ=kvZ0(A!U%hO%7Hob<0sY2*cw|eR*yAE);a2cOB ztl^6V3)rb5FkQY*6-lvQQ#|*Pl_?DM7A`9T*+aIjm$kO&V%AlsnqJOVfc%} z5kUD&WKLu?7+N=AQEgWMD%hh%AsG@lO;i|xd!IqS*e#VwY8JE?aRChN zzdx+plepgY=;Hm%;xffKNF~8_d(q^wjgZ^*Txc4s8FgMa8XOYPzq4$h8XrYviR>r& z9@*gL7_&-1OZ|k^YY1FX{P`yJ9_p&!m;U=@h`4BXGsEAq3&Znb(VNqC-E;-zpWgt zxxz84gv!^PTr+KK-|W&q{78C^_ZJLO8-!gV8sb__0-_17xY-KV!l5N1Lq9c_(XBRc z)BZqV*y=@ls3x9_N@Q7I>n_er-!r94Wu8?UD_+PqNCB*G-_FVfW>V}}l16z{(#@hp3l+||N-sfgbfXfNTVsx_= zmwRq`EABBI%y`gOr}-pEP8AHk!^_iZ)%h*P=x*xbm!;Pbl`n{^9sC}c#@7qLtvk#; zienx_NV(MT^PN{dc4350ado|#DSH!PTr$d17O9>xdJy*qUb*=uhSN0g?T1|Nny(*p z?)Ky3>#L`)Kd->CJbk@4 z$n@hTeI0Gm*OQV>`g)!2ET^wOl$#T7D}TM=K7~yRdogYNMc-q|QL2#pL!Be4L5E-mZR~T(9L|_F2~yIJd`R3dP*P3VnETx6=Du|M`7c?((cE?NaK+aI z6!HHTRf@v=<#az@$VAY*h3GvfS*YH}(mj}+NegdGF>@@-(o}8EQVLPB#5@Q1d?K(u z`)wMR#*_Q_1Q5;C3|l@8h@foe&j`3$oc0|1-nSUTvMg)Z@2mfoWtIPTdc)q6PQO1G z_I7(#r~kz242HYCC&>C1gD-m`E--syU3;wZ7Rt9qM_5b^gw)-4@qJ4wS0{G8%|$a1*e!rwfldP@u!|;?rL7x5gCc0B zs{3Zhwz6xnkgcraKoIN|m!Ka0{nO*uXTO{r9>3jtb6A)IcBC^?o=EN*s$V!T=|VTo zqP}i^8gc1<26F?N6_`hRCnvwYJ3d$s%p=VCIc3f&VCL#B1M{v~Zu4xO&9iy##q+-b P00960Z(eh00P+9;vGzys literal 0 HcmV?d00001 diff --git a/charts/neuvector-monitor/102.0.3+up2.6.0/Chart.yaml b/charts/neuvector-monitor/102.0.3+up2.6.0/Chart.yaml new file mode 100644 index 0000000000..8e281a938d --- /dev/null +++ b/charts/neuvector-monitor/102.0.3+up2.6.0/Chart.yaml @@ -0,0 +1,26 @@ +annotations: + catalog.cattle.io/certified: rancher + catalog.cattle.io/display-name: NeuVector Monitor + catalog.cattle.io/kube-version: '>=1.18.0-0 < 1.28.0-0' + catalog.cattle.io/namespace: cattle-neuvector-system + catalog.cattle.io/os: linux + catalog.cattle.io/permit-os: linux + catalog.cattle.io/provides-gvr: neuvector.com/v1 + catalog.cattle.io/rancher-version: '>= 2.7.0-0 < 2.8.0-0' + catalog.cattle.io/release-name: neuvector-monitor + catalog.cattle.io/type: cluster-tool + catalog.cattle.io/upstream-version: 2.6.0 +apiVersion: v1 +appVersion: 5.2.0 +description: Helm feature chart for NeuVector monitor services +home: https://neuvector.com +icon: https://avatars2.githubusercontent.com/u/19367275?s=200&v=4 +keywords: +- security +maintainers: +- email: support@neuvector.com + name: becitsthere +name: neuvector-monitor +sources: +- https://github.com/neuvector/neuvector +version: 102.0.3+up2.6.0 diff --git a/charts/neuvector-monitor/102.0.3+up2.6.0/README.md b/charts/neuvector-monitor/102.0.3+up2.6.0/README.md new file mode 100644 index 0000000000..5d3c4503e2 --- /dev/null +++ b/charts/neuvector-monitor/102.0.3+up2.6.0/README.md @@ -0,0 +1,22 @@ +# NeuVector Helm Chart + +Helm chart for NeuVector's monitoring services. + +## Configuration + +The following table lists the configurable parameters of the NeuVector chart and their default values. + +Parameter | Description | Default | Notes +--------- | ----------- | ------- | ----- +`registry` | NeuVector container registry | `registry.neuvector.com` | +`oem` | OEM release name | `nil` | +`leastPrivilege` | Assume monitor chart is always installed after the core chart, so service accounts created by the core chart will be used. Keep this value as same as in the core chart. | `false` | + +`exporter.enabled` | If true, create Prometheus exporter | `false` | +`exporter.image.repository` | exporter image name | `neuvector/prometheus-exporter` | +`exporter.image.tag` | exporter image tag | `latest` | +`exporter.CTRL_USERNAME` | Username to login to the controller. Suggest to replace the default admin user to a read-only user | `admin` | +`exporter.CTRL_PASSWORD` | Passowrd to login to the controller. | `admin` | + +--- + diff --git a/charts/neuvector-monitor/102.0.3+up2.6.0/app-readme.md b/charts/neuvector-monitor/102.0.3+up2.6.0/app-readme.md new file mode 100644 index 0000000000..e0faed5b50 --- /dev/null +++ b/charts/neuvector-monitor/102.0.3+up2.6.0/app-readme.md @@ -0,0 +1,5 @@ +### Run-Time Protection Without Compromise + +NeuVector delivers a complete run-time security solution with container process/file system protection and vulnerability scanning combined with the only true Layer 7 container firewall. Protect sensitive data with a complete container security platform. + +Helm chart for NeuVector's monitoring services. Please make sure REST API service for controller in core chart is enabled. diff --git a/charts/neuvector-monitor/102.0.3+up2.6.0/dashboards/nv_dashboard.json b/charts/neuvector-monitor/102.0.3+up2.6.0/dashboards/nv_dashboard.json new file mode 100644 index 0000000000..ad7ce631be --- /dev/null +++ b/charts/neuvector-monitor/102.0.3+up2.6.0/dashboards/nv_dashboard.json @@ -0,0 +1,1828 @@ +{ + "annotations": { + "list": [ + { + "builtIn": 1, + "datasource": { + "type": "datasource", + "uid": "grafana" + }, + "enable": true, + "hide": true, + "iconColor": "rgba(0, 211, 255, 1)", + "name": "Annotations & Alerts", + "target": { + "limit": 100, + "matchAny": false, + "tags": [], + "type": "dashboard" + }, + "type": "dashboard" + } + ] + }, + "editable": true, + "fiscalYearStartMonth": 0, + "graphTooltip": 0, + "links": [], + "liveNow": false, + "panels": [ + { + "datasource": { + "type": "datasource", + "uid": "grafana" + }, + "gridPos": { + "h": 10, + "w": 3, + "x": 0, + "y": 0 + }, + "id": 38, + "options": { + "content": "
\n \n ![NeuVector Logo](https://avatars.githubusercontent.com/u/19367275?s=200&v=4)
\n
\n [Documentation](https://open-docs.neuvector.com)
\n
\n [Users Slack Channel](https://rancher-users.slack.com/archives/C036F6JDZ8C)
\n
\n [GitHub](https://github.com/neuvector)\n\n
", + "mode": "markdown" + }, + "pluginVersion": "9.1.5", + "title": "NeuVector Product Links", + "type": "text" + }, + { + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "thresholds" + }, + "mappings": [ + { + "options": { + "match": "null", + "result": { + "text": "N/A" + } + }, + "type": "special" + } + ], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "blue", + "value": null + } + ] + }, + "unit": "none" + }, + "overrides": [] + }, + "gridPos": { + "h": 3, + "w": 3, + "x": 3, + "y": 0 + }, + "id": 25, + "links": [], + "maxDataPoints": 100, + "options": { + "colorMode": "value", + "graphMode": "none", + "justifyMode": "auto", + "orientation": "horizontal", + "reduceOptions": { + "calcs": [ + "mean" + ], + "fields": "", + "values": false + }, + "text": {}, + "textMode": "auto" + }, + "pluginVersion": "9.1.5", + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "exemplar": true, + "expr": "nv_summary_enforcers", + "format": "time_series", + "instant": true, + "interval": "", + "intervalFactor": 1, + "legendFormat": "{{target}}", + "refId": "A" + } + ], + "title": "Enforcer Replica Count", + "type": "stat" + }, + { + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "thresholds" + }, + "decimals": 3, + "mappings": [ + { + "options": { + "match": "null", + "result": { + "text": "N/A" + } + }, + "type": "special" + } + ], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "blue", + "value": null + } + ] + }, + "unit": "short" + }, + "overrides": [] + }, + "gridPos": { + "h": 3, + "w": 3, + "x": 6, + "y": 0 + }, + "id": 8, + "links": [], + "maxDataPoints": 100, + "options": { + "colorMode": "value", + "graphMode": "none", + "justifyMode": "auto", + "orientation": "horizontal", + "reduceOptions": { + "calcs": [ + "lastNotNull" + ], + "fields": "", + "values": false + }, + "text": {}, + "textMode": "auto" + }, + "pluginVersion": "9.1.5", + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "exemplar": true, + "expr": "nv_summary_cvedbVersion", + "format": "time_series", + "instant": true, + "interval": "", + "intervalFactor": 1, + "legendFormat": "{{target}}", + "refId": "A" + } + ], + "title": "CVE Database Version", + "type": "stat" + }, + { + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "thresholds" + }, + "decimals": 0, + "mappings": [ + { + "options": { + "match": "null", + "result": { + "text": "N/A" + } + }, + "type": "special" + } + ], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "blue", + "value": null + } + ] + }, + "unit": "short" + }, + "overrides": [] + }, + "gridPos": { + "h": 3, + "w": 3, + "x": 9, + "y": 0 + }, + "id": 20, + "links": [], + "maxDataPoints": 1000, + "options": { + "colorMode": "value", + "graphMode": "none", + "justifyMode": "auto", + "orientation": "horizontal", + "reduceOptions": { + "calcs": [ + "lastNotNull" + ], + "fields": "", + "values": false + }, + "text": {}, + "textMode": "auto" + }, + "pluginVersion": "9.1.5", + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "exemplar": true, + "expr": "nv_summary_pods", + "format": "time_series", + "instant": true, + "interval": "", + "intervalFactor": 1, + "legendFormat": "{{target}}", + "refId": "A" + } + ], + "title": "Discovered Pod Count", + "type": "stat" + }, + { + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "never", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "percentunit" + }, + "overrides": [] + }, + "gridPos": { + "h": 6, + "w": 12, + "x": 12, + "y": 0 + }, + "id": 34, + "links": [], + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "multi", + "sort": "desc" + } + }, + "pluginVersion": "9.1.5", + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "editorMode": "code", + "exemplar": true, + "expr": "max(nv_controller_cpu) by (display)\n", + "format": "time_series", + "interval": "", + "intervalFactor": 1, + "legendFormat": "{{display}}", + "range": true, + "refId": "A" + } + ], + "title": "Controller CPU Usage", + "type": "timeseries" + }, + { + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "thresholds" + }, + "mappings": [ + { + "options": { + "match": "null", + "result": { + "text": "N/A" + } + }, + "type": "special" + } + ], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 1 + } + ] + }, + "unit": "none" + }, + "overrides": [] + }, + "gridPos": { + "h": 3, + "w": 3, + "x": 3, + "y": 3 + }, + "id": 32, + "links": [], + "maxDataPoints": 100, + "options": { + "colorMode": "value", + "graphMode": "none", + "justifyMode": "center", + "orientation": "horizontal", + "reduceOptions": { + "calcs": [ + "lastNotNull" + ], + "fields": "", + "values": false + }, + "text": {}, + "textMode": "auto" + }, + "pluginVersion": "9.1.5", + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "exemplar": true, + "expr": "nv_admission_denied", + "format": "time_series", + "instant": true, + "interval": "", + "intervalFactor": 1, + "legendFormat": "", + "refId": "A" + } + ], + "title": "Denied Admissions", + "type": "stat" + }, + { + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "continuous-RdYlGr" + }, + "mappings": [ + { + "options": { + "1": { + "color": "light-orange", + "index": 1 + }, + "2": { + "color": "yellow", + "index": 2 + }, + "3": { + "color": "green", + "index": 3 + } + }, + "type": "value" + }, + { + "options": { + "match": "null", + "result": { + "index": 0, + "text": "N/A" + } + }, + "type": "special" + } + ], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "red", + "value": null + } + ] + }, + "unit": "none" + }, + "overrides": [] + }, + "gridPos": { + "h": 3, + "w": 3, + "x": 6, + "y": 3 + }, + "id": 2, + "links": [], + "maxDataPoints": 100, + "options": { + "colorMode": "value", + "graphMode": "none", + "justifyMode": "auto", + "orientation": "horizontal", + "reduceOptions": { + "calcs": [ + "mean" + ], + "fields": "", + "values": false + }, + "text": {}, + "textMode": "auto" + }, + "pluginVersion": "9.1.5", + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "exemplar": true, + "expr": "nv_summary_controllers", + "format": "time_series", + "instant": true, + "interval": "", + "intervalFactor": 1, + "legendFormat": "{{target}}", + "refId": "A" + } + ], + "title": "Controller Replicas", + "type": "stat" + }, + { + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "thresholds" + }, + "decimals": 0, + "mappings": [ + { + "options": { + "match": "null", + "result": { + "text": "N/A" + } + }, + "type": "special" + } + ], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 1 + } + ] + }, + "unit": "none" + }, + "overrides": [] + }, + "gridPos": { + "h": 3, + "w": 3, + "x": 9, + "y": 3 + }, + "id": 19, + "links": [], + "maxDataPoints": 100, + "options": { + "colorMode": "background", + "graphMode": "none", + "justifyMode": "center", + "orientation": "horizontal", + "reduceOptions": { + "calcs": [ + "lastNotNull" + ], + "fields": "", + "values": false + }, + "text": {}, + "textMode": "value" + }, + "pluginVersion": "9.1.5", + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "exemplar": true, + "expr": "nv_summary_disconnectedEnforcers", + "format": "time_series", + "instant": true, + "interval": "", + "intervalFactor": 1, + "legendFormat": "{{target}}", + "refId": "A" + } + ], + "title": "Disconnected Enforcers", + "type": "stat" + }, + { + "columns": [ + { + "text": "Current", + "value": "current" + } + ], + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "thresholds" + }, + "custom": { + "align": "center", + "displayMode": "auto", + "filterable": false, + "inspect": false, + "width": 300 + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + } + ] + }, + "unit": "string" + }, + "overrides": [ + { + "matcher": { + "id": "byName", + "options": "log" + }, + "properties": [ + { + "id": "custom.width", + "value": 101 + }, + { + "id": "custom.displayMode", + "value": "color-text" + }, + { + "id": "color", + "value": { + "fixedColor": "light-orange", + "mode": "fixed" + } + }, + { + "id": "displayName", + "value": "Event Type" + }, + { + "id": "custom.filterable", + "value": true + } + ] + }, + { + "matcher": { + "id": "byName", + "options": "name" + }, + "properties": [ + { + "id": "custom.filterable", + "value": true + }, + { + "id": "displayName", + "value": "Violation Type" + } + ] + }, + { + "matcher": { + "id": "byName", + "options": "Last seen" + }, + "properties": [ + { + "id": "unit", + "value": "dateTimeAsIso" + }, + { + "id": "custom.width", + "value": 200 + } + ] + }, + { + "matcher": { + "id": "byName", + "options": "fromname" + }, + "properties": [ + { + "id": "displayName", + "value": "Source Pod" + } + ] + }, + { + "matcher": { + "id": "byName", + "options": "toname" + }, + "properties": [ + { + "id": "displayName", + "value": "Destination Pod" + } + ] + } + ] + }, + "fontSize": "90%", + "gridPos": { + "h": 8, + "w": 9, + "x": 3, + "y": 6 + }, + "id": 29, + "links": [], + "options": { + "footer": { + "enablePagination": true, + "fields": "", + "reducer": [ + "sum" + ], + "show": false + }, + "showHeader": true, + "sortBy": [ + { + "desc": true, + "displayName": "Last seen" + } + ] + }, + "pluginVersion": "9.1.5", + "scroll": true, + "showHeader": true, + "sort": { + "col": 1, + "desc": true + }, + "styles": [ + { + "alias": "Event", + "colors": [ + "rgba(245, 54, 54, 0.9)", + "rgba(237, 129, 40, 0.89)", + "rgba(50, 172, 45, 0.97)" + ], + "dateFormat": "YYYY-MM-DD HH:mm", + "decimals": 2, + "link": false, + "mappingType": 1, + "pattern": "Metric", + "preserveFormat": false, + "sanitize": true, + "thresholds": [], + "type": "string", + "unit": "short" + }, + { + "alias": "Time", + "colorMode": "value", + "colors": [ + "#E0B400", + "rgba(237, 129, 40, 0.89)", + "rgba(50, 172, 45, 0.97)" + ], + "decimals": 0, + "pattern": "Current", + "thresholds": [], + "type": "number", + "unit": "dateTimeAsIso" + } + ], + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "editorMode": "code", + "exemplar": false, + "expr": "nv_log_events", + "format": "time_series", + "instant": true, + "interval": "", + "intervalFactor": 1, + "legendFormat": "", + "range": false, + "refId": "A" + } + ], + "title": "Security Event Log", + "transform": "timeseries_aggregations", + "transformations": [ + { + "id": "labelsToFields", + "options": {} + }, + { + "id": "merge", + "options": {} + }, + { + "id": "organize", + "options": { + "excludeByName": { + "Time": true, + "endpoint": true, + "fromns": true, + "id": true, + "instance": true, + "job": true, + "namespace": true, + "pod": true, + "service": true, + "target": true, + "tons": true + }, + "indexByName": { + "Time": 0, + "Value": 14, + "endpoint": 1, + "fromname": 7, + "fromns": 15, + "id": 2, + "instance": 3, + "job": 4, + "log": 5, + "name": 6, + "namespace": 8, + "pod": 9, + "service": 10, + "target": 11, + "toname": 12, + "tons": 13 + }, + "renameByName": {} + } + }, + { + "id": "groupBy", + "options": { + "fields": { + "Value": { + "aggregations": [ + "max" + ], + "operation": "aggregate" + }, + "fromname": { + "aggregations": [], + "operation": "groupby" + }, + "log": { + "aggregations": [], + "operation": "groupby" + }, + "name": { + "aggregations": [], + "operation": "groupby" + }, + "toname": { + "aggregations": [], + "operation": "groupby" + } + } + } + }, + { + "id": "organize", + "options": { + "excludeByName": {}, + "indexByName": {}, + "renameByName": { + "Value (lastNotNull)": "Last seen", + "Value (max)": "Last seen" + } + } + } + ], + "type": "table" + }, + { + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "left", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "never", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "bytes" + }, + "overrides": [] + }, + "gridPos": { + "h": 6, + "w": 12, + "x": 12, + "y": 6 + }, + "id": 12, + "links": [], + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "multi", + "sort": "desc" + } + }, + "pluginVersion": "9.1.5", + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "editorMode": "code", + "exemplar": true, + "expr": "max(nv_controller_memory) by (display)", + "format": "time_series", + "interval": "", + "intervalFactor": 1, + "legendFormat": "{{display}}", + "range": true, + "refId": "A" + } + ], + "title": "Controller Memory Usage", + "type": "timeseries" + }, + { + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + } + }, + "mappings": [], + "unit": "none" + }, + "overrides": [ + { + "matcher": { + "id": "byName", + "options": "Value #A" + }, + "properties": [ + { + "id": "displayName", + "value": "High" + }, + { + "id": "color", + "value": { + "fixedColor": "red", + "mode": "fixed" + } + } + ] + }, + { + "matcher": { + "id": "byName", + "options": "Value #B" + }, + "properties": [ + { + "id": "displayName", + "value": "Medium" + }, + { + "id": "color", + "value": { + "fixedColor": "light-orange", + "mode": "fixed" + } + } + ] + } + ] + }, + "gridPos": { + "h": 14, + "w": 3, + "x": 0, + "y": 10 + }, + "id": 24, + "links": [], + "options": { + "displayLabels": [ + "value" + ], + "legend": { + "displayMode": "list", + "placement": "bottom", + "showLegend": true, + "values": [] + }, + "pieType": "pie", + "reduceOptions": { + "calcs": [ + "lastNotNull" + ], + "fields": "", + "values": false + }, + "tooltip": { + "mode": "none", + "sort": "none" + } + }, + "pluginVersion": "9.1.5", + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "expr": "sum(nv_container_vulnerabilityHigh) by (service)", + "format": "table", + "instant": true, + "interval": "", + "intervalFactor": 2, + "legendFormat": "", + "refId": "A" + }, + { + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "expr": "sum(nv_container_vulnerabilityMedium) by (service)", + "format": "table", + "instant": true, + "interval": "", + "intervalFactor": 2, + "legendFormat": "", + "refId": "B" + } + ], + "title": "Cluster CVE Count", + "transformations": [ + { + "id": "merge", + "options": { + "reducers": [] + } + }, + { + "id": "organize", + "options": { + "excludeByName": { + "Time": true + }, + "indexByName": {}, + "renameByName": {} + } + } + ], + "type": "piechart" + }, + { + "aliasColors": {}, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "fill": 0, + "fillGradient": 0, + "gridPos": { + "h": 6, + "w": 12, + "x": 12, + "y": 12 + }, + "hiddenSeries": false, + "id": 10, + "legend": { + "avg": false, + "current": false, + "hideEmpty": true, + "hideZero": true, + "max": false, + "min": false, + "show": true, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 1, + "links": [], + "nullPointMode": "null", + "options": { + "alertThreshold": true + }, + "percentage": false, + "pluginVersion": "9.1.5", + "pointradius": 2, + "points": false, + "renderer": "flot", + "seriesOverrides": [], + "spaceLength": 10, + "stack": false, + "steppedLine": false, + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "exemplar": true, + "expr": "max(nv_enforcer_cpu) by (display)\n", + "format": "time_series", + "interval": "", + "intervalFactor": 1, + "legendFormat": "{{display}}", + "refId": "A" + } + ], + "thresholds": [], + "timeRegions": [], + "title": "Enforcer CPU Usage", + "tooltip": { + "shared": true, + "sort": 2, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "mode": "time", + "show": true, + "values": [] + }, + "yaxes": [ + { + "$$hashKey": "object:865", + "format": "percentunit", + "logBase": 1, + "show": true + }, + { + "$$hashKey": "object:866", + "format": "short", + "logBase": 1, + "show": true + } + ], + "yaxis": { + "align": false + } + }, + { + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "thresholds" + }, + "custom": { + "align": "center", + "displayMode": "auto", + "inspect": false, + "width": 101 + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + } + ] + } + }, + "overrides": [ + { + "matcher": { + "id": "byName", + "options": "exported_service" + }, + "properties": [ + { + "id": "custom.filterable", + "value": true + }, + { + "id": "displayName", + "value": "Cluster Service Name" + }, + { + "id": "custom.inspect", + "value": true + } + ] + }, + { + "matcher": { + "id": "byName", + "options": "Value #A" + }, + "properties": [ + { + "id": "displayName", + "value": "High" + }, + { + "id": "thresholds", + "value": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 1 + } + ] + } + }, + { + "id": "custom.displayMode", + "value": "color-text" + } + ] + }, + { + "matcher": { + "id": "byName", + "options": "Value #B" + }, + "properties": [ + { + "id": "custom.displayMode", + "value": "color-text" + }, + { + "id": "displayName", + "value": "Medium" + }, + { + "id": "thresholds", + "value": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "light-orange", + "value": 1 + } + ] + } + } + ] + }, + { + "matcher": { + "id": "byName", + "options": "exported_service" + }, + "properties": [ + { + "id": "custom.width", + "value": 300 + }, + { + "id": "custom.align", + "value": "right" + }, + { + "id": "displayName", + "value": "Cluster Service Name" + } + ] + } + ] + }, + "gridPos": { + "h": 10, + "w": 4, + "x": 3, + "y": 14 + }, + "id": 36, + "links": [], + "options": { + "footer": { + "enablePagination": true, + "fields": "", + "reducer": [ + "sum" + ], + "show": false + }, + "showHeader": true, + "sortBy": [] + }, + "pluginVersion": "9.1.5", + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "editorMode": "code", + "expr": "sum(nv_container_vulnerabilityHigh) by (exported_service)", + "format": "table", + "instant": true, + "interval": "", + "intervalFactor": 1, + "legendFormat": "", + "refId": "A" + }, + { + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "editorMode": "code", + "expr": "sum(nv_container_vulnerabilityMedium) by (exported_service)", + "format": "table", + "instant": true, + "interval": "", + "intervalFactor": 1, + "legendFormat": "", + "refId": "B" + } + ], + "title": "Vulnerabilities by Service", + "transformations": [ + { + "id": "merge", + "options": { + "reducers": [] + } + }, + { + "id": "organize", + "options": { + "excludeByName": { + "Time": true + }, + "indexByName": {}, + "renameByName": {} + } + } + ], + "type": "table" + }, + { + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "thresholds" + }, + "custom": { + "align": "center", + "displayMode": "auto", + "filterable": false, + "inspect": false, + "minWidth": 50 + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + } + ] + } + }, + "overrides": [ + { + "matcher": { + "id": "byName", + "options": "name" + }, + "properties": [ + { + "id": "unit", + "value": "string" + }, + { + "id": "custom.align", + "value": "right" + }, + { + "id": "custom.inspect", + "value": true + }, + { + "id": "custom.filterable", + "value": true + }, + { + "id": "displayName", + "value": "Repository/Image: Tag" + } + ] + }, + { + "matcher": { + "id": "byName", + "options": "Value #A" + }, + "properties": [ + { + "id": "displayName", + "value": "High" + }, + { + "id": "unit", + "value": "none" + }, + { + "id": "custom.displayMode", + "value": "color-text" + }, + { + "id": "color" + }, + { + "id": "thresholds", + "value": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 1 + } + ] + } + } + ] + }, + { + "matcher": { + "id": "byName", + "options": "Value #B" + }, + "properties": [ + { + "id": "displayName", + "value": "Medium" + }, + { + "id": "unit", + "value": "none" + }, + { + "id": "custom.displayMode", + "value": "color-text" + }, + { + "id": "thresholds", + "value": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "light-orange", + "value": 1 + } + ] + } + }, + { + "id": "color" + } + ] + } + ] + }, + "gridPos": { + "h": 10, + "w": 5, + "x": 7, + "y": 14 + }, + "id": 33, + "links": [], + "options": { + "footer": { + "enablePagination": true, + "fields": "", + "reducer": [ + "sum" + ], + "show": false + }, + "showHeader": true + }, + "pluginVersion": "9.1.5", + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "expr": "sum(nv_image_vulnerabilityHigh) by (name)", + "format": "table", + "instant": true, + "interval": "", + "intervalFactor": 2, + "legendFormat": "", + "refId": "A" + }, + { + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "expr": "sum(nv_image_vulnerabilityMedium) by (name)", + "format": "table", + "instant": true, + "interval": "", + "intervalFactor": 2, + "legendFormat": "", + "refId": "B" + } + ], + "title": "Registry Images Vulnerabilities", + "transformations": [ + { + "id": "merge", + "options": { + "reducers": [] + } + }, + { + "id": "organize", + "options": { + "excludeByName": { + "Time": true + }, + "indexByName": {}, + "renameByName": {} + } + } + ], + "type": "table" + }, + { + "aliasColors": {}, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "fill": 0, + "fillGradient": 0, + "gridPos": { + "h": 6, + "w": 12, + "x": 12, + "y": 18 + }, + "hiddenSeries": false, + "id": 35, + "legend": { + "avg": false, + "current": false, + "hideEmpty": true, + "hideZero": true, + "max": false, + "min": false, + "show": true, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 1, + "links": [], + "nullPointMode": "null", + "options": { + "alertThreshold": true + }, + "percentage": false, + "pluginVersion": "9.1.5", + "pointradius": 2, + "points": false, + "renderer": "flot", + "seriesOverrides": [], + "spaceLength": 10, + "stack": false, + "steppedLine": false, + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "exemplar": true, + "expr": "max(nv_enforcer_memory) by (display)", + "format": "time_series", + "interval": "", + "intervalFactor": 1, + "legendFormat": "{{display}}", + "refId": "A" + } + ], + "thresholds": [], + "timeRegions": [], + "title": "Enforcer Memory Usage", + "tooltip": { + "shared": true, + "sort": 2, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "mode": "time", + "show": true, + "values": [] + }, + "yaxes": [ + { + "$$hashKey": "object:940", + "format": "bytes", + "logBase": 1, + "show": true + }, + { + "$$hashKey": "object:941", + "format": "short", + "logBase": 1, + "show": true + } + ], + "yaxis": { + "align": false + } + } + ], + "refresh": "15s", + "schemaVersion": 37, + "style": "dark", + "tags": [], + "templating": { + "list": [] + }, + "time": { + "from": "now-5m", + "to": "now" + }, + "timepicker": { + "hidden": false, + "refresh_intervals": [ + "5s", + "10s", + "15s", + "30s", + "1m", + "5m", + "15m", + "30m", + "1h" + ], + "time_options": [ + "5m", + "15m", + "1h", + "6h", + "12h", + "24h", + "2d", + "7d", + "30d" + ] + }, + "timezone": "UTC", + "title": "NeuVector", + "uid": "nv_dashboard0001", + "version": 2, + "weekStart": "" +} diff --git a/charts/neuvector-monitor/102.0.3+up2.6.0/questions.yaml b/charts/neuvector-monitor/102.0.3+up2.6.0/questions.yaml new file mode 100644 index 0000000000..b8d51b3791 --- /dev/null +++ b/charts/neuvector-monitor/102.0.3+up2.6.0/questions.yaml @@ -0,0 +1,27 @@ +questions: +#monitor configurations +- variable: exporter.image.repository + default: "neuvector/prometheus-exporter" + description: exporter image repository + type: string + label: Exporter Image Path + group: "Container Images" +- variable: exporter.image.tag + default: "" + description: image tag for exporter + type: string + label: exporter Image Tag + group: "Container Images" +#controller crendential configuration +- variable: exporter.CTRL_USERNAME + default: "admin" + description: Controller Username + type: string + label: Controller Username + group: "Controller Crendential" +- variable: exporter.CTRL_PASSWORD + default: "admin" + description: Controller Password + type: string + label: Controller Password + group: "Controller Crendential" diff --git a/charts/neuvector-monitor/102.0.3+up2.6.0/templates/_helpers.tpl b/charts/neuvector-monitor/102.0.3+up2.6.0/templates/_helpers.tpl new file mode 100644 index 0000000000..5d21a18241 --- /dev/null +++ b/charts/neuvector-monitor/102.0.3+up2.6.0/templates/_helpers.tpl @@ -0,0 +1,40 @@ +{{/* vim: set filetype=mustache: */}} +{{/* +Expand the name of the chart. +*/}} +{{- define "neuvector.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "neuvector.fullname" -}} +{{- if .Values.fullnameOverride -}} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- $name := default .Chart.Name .Values.nameOverride -}} +{{- if contains $name .Release.Name -}} +{{- .Release.Name | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- end -}} +{{- end -}} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "neuvector.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{- define "system_default_registry" -}} +{{- if .Values.global.cattle.systemDefaultRegistry -}} +{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}} +{{- else -}} +{{- "" -}} +{{- end -}} +{{- end -}} diff --git a/charts/neuvector-monitor/102.0.3+up2.6.0/templates/dashboard.yaml b/charts/neuvector-monitor/102.0.3+up2.6.0/templates/dashboard.yaml new file mode 100644 index 0000000000..72c5d9f709 --- /dev/null +++ b/charts/neuvector-monitor/102.0.3+up2.6.0/templates/dashboard.yaml @@ -0,0 +1,15 @@ +{{- if .Values.exporter.grafanaDashboard.enabled }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: nv-grafana-dashboard + namespace: {{ .Values.exporter.grafanaDashboard.namespace | default .Release.Namespace }} + labels: + grafana_dashboard: "1" +{{- if .Values.exporter.grafanaDashboard.labels }} + {{- toYaml .Values.exporter.grafanaDashboard.labels | nindent 4}} +{{- end }} +data: + nv_dashboard.json: | +{{ .Files.Get "dashboards/nv_dashboard.json" | indent 4 }} +{{- end }} diff --git a/charts/neuvector-monitor/102.0.3+up2.6.0/templates/exporter-deployment.yaml b/charts/neuvector-monitor/102.0.3+up2.6.0/templates/exporter-deployment.yaml new file mode 100644 index 0000000000..5353c05a6a --- /dev/null +++ b/charts/neuvector-monitor/102.0.3+up2.6.0/templates/exporter-deployment.yaml @@ -0,0 +1,56 @@ +{{- if .Values.exporter.enabled -}} +apiVersion: apps/v1 +kind: Deployment +metadata: + name: neuvector-prometheus-exporter-pod + namespace: {{ .Release.Namespace }} + labels: + chart: {{ template "neuvector.chart" . }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + replicas: 1 + selector: + matchLabels: + app: neuvector-prometheus-exporter-pod + template: + metadata: + annotations: + prometheus.io/path: /metrics + prometheus.io/port: "8068" + prometheus.io/scrape: "true" + checksum/secret: {{ include (print $.Template.BasePath "/secret.yaml") . | sha256sum }} + labels: + app: neuvector-prometheus-exporter-pod + release: {{ .Release.Name }} + spec: + {{- if .Values.imagePullSecrets }} + imagePullSecrets: + - name: {{ .Values.imagePullSecrets }} + {{- end }} + {{- if .Values.leastPrivilege }} + serviceAccountName: basic + serviceAccount: basic + {{- end }} + containers: + - name: neuvector-prometheus-exporter-pod + {{ if eq .Values.registry "registry.neuvector.com" }} + {{ if .Values.oem }} + image: "{{ .Values.registry }}/{{ .Values.oem }}/prometheus-exporter:{{ .Values.exporter.image.tag }}" + {{- else }} + image: "{{ .Values.registry }}/prometheus-exporter:{{ .Values.exporter.image.tag }}" + {{- end }} + {{- else }} + image: {{ template "system_default_registry" . }}{{ .Values.exporter.image.repository }}:{{ .Values.exporter.image.tag }} + {{- end }} + imagePullPolicy: Always + env: + - name: CTRL_API_SERVICE + value: {{ .Values.exporter.apiSvc }} + - name: EXPORTER_PORT + value: "8068" + envFrom: + - secretRef: + name: neuvector-prometheus-exporter-pod-secret + restartPolicy: Always +{{- end }} diff --git a/charts/neuvector-monitor/102.0.3+up2.6.0/templates/exporter-service.yaml b/charts/neuvector-monitor/102.0.3+up2.6.0/templates/exporter-service.yaml new file mode 100644 index 0000000000..b304562709 --- /dev/null +++ b/charts/neuvector-monitor/102.0.3+up2.6.0/templates/exporter-service.yaml @@ -0,0 +1,28 @@ +{{- if and .Values.exporter.enabled .Values.exporter.svc.enabled -}} +apiVersion: v1 +kind: Service +metadata: + name: neuvector-prometheus-exporter + namespace: {{ .Release.Namespace }} + {{- with .Values.exporter.svc.annotations }} + annotations: + {{ toYaml . | nindent 4 }} + {{- end }} + labels: + chart: {{ template "neuvector.chart" . }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + app: neuvector-prometheus-exporter +spec: + type: {{ .Values.exporter.svc.type }} + {{- if and .Values.exporter.svc.loadBalancerIP (eq .Values.exporter.svc.type "LoadBalancer") }} + loadBalancerIP: {{ .Values.exporter.svc.loadBalancerIP }} + {{- end }} + ports: + - port: 8068 + name: metrics + targetPort: 8068 + protocol: TCP + selector: + app: neuvector-prometheus-exporter-pod +{{- end }} diff --git a/charts/neuvector-monitor/102.0.3+up2.6.0/templates/exporter-servicemonitor.yaml b/charts/neuvector-monitor/102.0.3+up2.6.0/templates/exporter-servicemonitor.yaml new file mode 100644 index 0000000000..25ca23d121 --- /dev/null +++ b/charts/neuvector-monitor/102.0.3+up2.6.0/templates/exporter-servicemonitor.yaml @@ -0,0 +1,39 @@ +{{- if .Values.exporter.serviceMonitor.enabled -}} +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: neuvector-prometheus-exporter + namespace: {{ .Release.Namespace }} + {{- with .Values.exporter.serviceMonitor.annotations }} + annotations: + {{ toYaml . | nindent 4 }} + {{- end }} + labels: + chart: {{ template "neuvector.chart" . }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +{{- if .Values.exporter.serviceMonitor.labels }} + {{- toYaml .Values.exporter.serviceMonitor.labels | nindent 4}} +{{- end }} +spec: + selector: + matchLabels: + app: neuvector-prometheus-exporter + namespaceSelector: + matchNames: + - {{ .Release.Namespace }} + endpoints: + - port: metrics + {{- if .Values.exporter.serviceMonitor.interval }} + interval: {{ .Values.exporter.serviceMonitor.interval }} + {{- end }} + path: "/metrics" + {{- if .Values.exporter.serviceMonitor.metricRelabelings }} + metricRelabelings: + {{- toYaml .Values.exporter.serviceMonitor.metricRelabelings | nindent 6 }} + {{- end }} + {{- if .Values.exporter.serviceMonitor.relabelings }} + relabelings: + {{- toYaml .Values.exporter.serviceMonitor.relabelings | nindent 6 }} + {{- end }} +{{- end }} diff --git a/charts/neuvector-monitor/102.0.3+up2.6.0/templates/secret.yaml b/charts/neuvector-monitor/102.0.3+up2.6.0/templates/secret.yaml new file mode 100644 index 0000000000..9a04ac476d --- /dev/null +++ b/charts/neuvector-monitor/102.0.3+up2.6.0/templates/secret.yaml @@ -0,0 +1,15 @@ +{{- if .Values.exporter.enabled -}} +apiVersion: v1 +kind: Secret +metadata: + name: neuvector-prometheus-exporter-pod-secret + namespace: {{ .Release.Namespace }} + labels: + chart: {{ template "neuvector.chart" . }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +type: Opaque +data: + CTRL_USERNAME: {{ .Values.exporter.CTRL_USERNAME | b64enc | quote }} + CTRL_PASSWORD: {{ .Values.exporter.CTRL_PASSWORD | b64enc | quote }} +{{- end }} diff --git a/charts/neuvector-monitor/102.0.3+up2.6.0/values.yaml b/charts/neuvector-monitor/102.0.3+up2.6.0/values.yaml new file mode 100644 index 0000000000..5f9050b639 --- /dev/null +++ b/charts/neuvector-monitor/102.0.3+up2.6.0/values.yaml @@ -0,0 +1,51 @@ +# Default values for neuvector. +# This is a YAML-formatted file. +# Declare variables to be passed into the templates. + +global: + cattle: + systemDefaultRegistry: "" + +registry: docker.io +oem: '' +leastPrivilege: false + +exporter: + # If false, exporter will not be installed + enabled: true + image: + repository: rancher/mirrored-neuvector-prometheus-exporter + tag: 5.2.0 + # changes this to a readonly user ! + CTRL_USERNAME: admin + CTRL_PASSWORD: admin + + apiSvc: neuvector-svc-controller-api:10443 + + svc: + enabled: true + type: ClusterIP + loadBalancerIP: '' + annotations: {} + # service.beta.kubernetes.io/azure-load-balancer-internal: "true" + # service.beta.kubernetes.io/azure-load-balancer-internal-subnet: "apps-subnet" + + grafanaDashboard: + enabled: false + namespace: "" # Release namespace, if empty + labels: {} + + serviceMonitor: + enabled: false + # labels for the ServiceMonitor. + labels: {} + # annotations for the ServiceMonitor. + annotations: {} + # Scrape interval. If not set, the Prometheus default scrape interval is used. + interval: "" + # MetricRelabelConfigs to apply to samples after scraping, but before ingestion. + # ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig + metricRelabelings: [] + # RelabelConfigs to apply to samples before scraping + # ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig + relabelings: [] diff --git a/index.yaml b/index.yaml index 957006843b..754f7e93bf 100755 --- a/index.yaml +++ b/index.yaml @@ -4297,6 +4297,37 @@ entries: urls: - assets/neuvector-crd/neuvector-crd-100.0.0+up2.2.0.tgz version: 100.0.0+up2.2.0 + neuvector-monitor: + - annotations: + catalog.cattle.io/certified: rancher + catalog.cattle.io/display-name: NeuVector Monitor + catalog.cattle.io/kube-version: '>=1.18.0-0 < 1.28.0-0' + catalog.cattle.io/namespace: cattle-neuvector-system + catalog.cattle.io/os: linux + catalog.cattle.io/permit-os: linux + catalog.cattle.io/provides-gvr: neuvector.com/v1 + catalog.cattle.io/rancher-version: '>= 2.7.0-0 < 2.8.0-0' + catalog.cattle.io/release-name: neuvector-monitor + catalog.cattle.io/type: cluster-tool + catalog.cattle.io/upstream-version: 2.6.0 + apiVersion: v1 + appVersion: 5.2.0 + created: "2023-07-20T20:05:48.905921486-07:00" + description: Helm feature chart for NeuVector monitor services + digest: bae9814a94e38e5a2b459c7686d1b12854d99fc11ea5523dbfa89a3b34e7ce28 + home: https://neuvector.com + icon: https://avatars2.githubusercontent.com/u/19367275?s=200&v=4 + keywords: + - security + maintainers: + - email: support@neuvector.com + name: becitsthere + name: neuvector-monitor + sources: + - https://github.com/neuvector/neuvector + urls: + - assets/neuvector-monitor/neuvector-monitor-102.0.3+up2.6.0.tgz + version: 102.0.3+up2.6.0 prometheus-federator: - annotations: catalog.cattle.io/certified: rancher