From 87bb38a6202e754d659f2fba6e80b146786408bc Mon Sep 17 00:00:00 2001 From: selvamt94 Date: Thu, 19 Oct 2023 11:44:23 -0700 Subject: [PATCH] make chart --- .../neuvector-monitor-103.0.0+up2.6.4.tgz | Bin 0 -> 7800 bytes .../103.0.0+up2.6.4/Chart.yaml | 26 + .../103.0.0+up2.6.4/README.md | 21 + .../103.0.0+up2.6.4/app-readme.md | 5 + .../dashboards/nv_dashboard.json | 1828 +++++++++++++++++ .../103.0.0+up2.6.4/questions.yaml | 27 + .../103.0.0+up2.6.4/templates/_helpers.tpl | 40 + .../103.0.0+up2.6.4/templates/dashboard.yaml | 15 + .../templates/exporter-deployment.yaml | 56 + .../templates/exporter-service.yaml | 28 + .../templates/exporter-servicemonitor.yaml | 39 + .../103.0.0+up2.6.4/templates/secret.yaml | 15 + .../103.0.0+up2.6.4/values.yaml | 51 + index.yaml | 30 + 14 files changed, 2181 insertions(+) create mode 100644 assets/neuvector-monitor/neuvector-monitor-103.0.0+up2.6.4.tgz create mode 100644 charts/neuvector-monitor/103.0.0+up2.6.4/Chart.yaml create mode 100644 charts/neuvector-monitor/103.0.0+up2.6.4/README.md create mode 100644 charts/neuvector-monitor/103.0.0+up2.6.4/app-readme.md create mode 100644 charts/neuvector-monitor/103.0.0+up2.6.4/dashboards/nv_dashboard.json create mode 100644 charts/neuvector-monitor/103.0.0+up2.6.4/questions.yaml create mode 100644 charts/neuvector-monitor/103.0.0+up2.6.4/templates/_helpers.tpl create mode 100644 charts/neuvector-monitor/103.0.0+up2.6.4/templates/dashboard.yaml create mode 100644 charts/neuvector-monitor/103.0.0+up2.6.4/templates/exporter-deployment.yaml create mode 100644 charts/neuvector-monitor/103.0.0+up2.6.4/templates/exporter-service.yaml create mode 100644 charts/neuvector-monitor/103.0.0+up2.6.4/templates/exporter-servicemonitor.yaml create mode 100644 charts/neuvector-monitor/103.0.0+up2.6.4/templates/secret.yaml create mode 100644 charts/neuvector-monitor/103.0.0+up2.6.4/values.yaml diff --git a/assets/neuvector-monitor/neuvector-monitor-103.0.0+up2.6.4.tgz b/assets/neuvector-monitor/neuvector-monitor-103.0.0+up2.6.4.tgz new file mode 100644 index 0000000000000000000000000000000000000000..a7c413ed8826129faf47657a94843e3997f271c9 GIT binary patch literal 7800 zcmV-;9*5x{iwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc zVQyr3R8em|NM&qo0PKBfbKAI2-VCZ|NlNn2zxz(UBy0{e8_cCipXvbV1R=Ru5Np$-Lr5+-Y0LS9ScWM z`nBKgw!1Cfu{_`|Bau*Ve+EB5BfuhNfLtj((1@}e4H#e%2R0=xaBD*4Y$ifPe6Y1u zK%zxl*=JIQr&wUdyX`R%lXw_&U@i>>ghF9F-s-&A-r4Q$_Wuw6vFkYhIsLI`eTLaN zWgZ_`EyTf%84)upz$6ryguv8$2r%&nh{sVxnfSj&5D?Pn9)e2*7ZYG$H7x+AF>^un znZT?;Rq&XU&A2UEx%m^O( zz>%P62q?mwgNH~cC=wGu0)oiL0(jf9#y%Zl-)J1+gZzY$7TpG*V;B=I*ld7o+p<{t z&7@*bTN-$x-8 z5?B&)fqfr53n2*QG`s;4ECvf965z3ckU>PbWRqE{4z~ir7-it)bWp@-0Ad0$ZzZFt z<^qq66jd;}6C92uz9fnTMHn%_9u55&l9CSnhlSAo>GA8cUrr8>-|oFR93bokBuri( z?VX(b`tJB3d2JztBXTlz^OA~B-IkP@jQT#X7LLfE)si^szd!~oeiin#e^%W01p9^nulU_KdA%)Al~H2ug|IXlC)(FQu! z>NtD9iO2{+5Q&*a5FUcBksz_F;Wj2v;~*QRnPNT3C?|z>?Q+k$O%CaE8`dq(20C#W zjwIC!U{mb3C3{Ft;2<_tS4SxYBhLs3UTh;}Ld?O_!z6DNx9Tz8fMCQu1_k;)4M$|G zsXU7Onf$HG{7t|H#3i9a(6WgR)Rm3 z|5g2;is`Mh3HT8(-WJidOo2uEf4ko=>3?a_t@ZzHJYT+S{TG^&U?5pvsdOp$e+(pA z+zAZOe{Ee}TC$dPcoE^yQ_?}oKSW3Bv$FWxmZ{g0;(~;L?97OewQbbO%9S{2>p;U> z*;V_!Haca^cT-@Dc!0i2WfZz-XIp(F!AU$CkqczEvd$p%)MpLhJ_9TO;dG2q?E5qH zXN-O2!bhiM zci#Ftw@bb0aaWvh+{_8va- z^uL$b$JY!7EYSbXZm(O`|NWibTL0h1Q)1o3TWyzJq_%Nf(B)-0Lim}4-T-MM_zjM% z00j21z=Jf97EW8Hzg9|9R>8aa@?{AS()#FYrfu@#To+zSC&&0p%J?-Mouy+BklnG% zQmc7f;B=PAT{%@eS^09tT?-Tm~BRBy|1Q1N2l`Z|HCB zQ!|P7OU&U2iwUw#eI+pLXQ++7B0j<0{tl0W1o_34T?uXaS-8B(>S?i^BXkwhJ&Jw* zM1jdOkjf<)a4kdFIc3$cJirR*gdl|7_#5Zp)6HxDF6amTlJ^cSi?~YFo zkI&@4`c6v{PXYN8qd^%^Ev$}VG${46v@&byE=+R<(yS0ATrF*t-QKg5{g-UOT+t0& zl>gJ)?Un7nPH&z6b1RS0OgQwKZNO>?pSq0}Vrm>3BWhL4aA~Vhf__fKq#nHd{+Oy> zF{Px8HGW*)LCZQ%W#C=fpJ*woC^b{{wr!m(l}M4L+5DQ;UDhma^`fUa3!vJg{W@3M zerAwX+AMB@sWeg*`?9Vn!jh}DeBiRaVPn`b(Kg>843b~ulWKQrrIX%T^N0XKFQOzYtBRs#SQ2q* zj!PC5Nb_52_1L236_-j!ZR{j$W3L8ZB`GEAxSFq$dNeB#Ky`qO7Ix-LYf1Q79pvnq zFtZh)ePmkv>d!p=pNrsKYm9~af0gqeyPdAH*8jKhtQ!B%sdg3axI)-Ji z@V*(1EsFnC^Z$F@UU$v^xAAP`&grOwJSv08vef6A!#qFmoXww}=xJNl#)e4&h?%md zE$egwXheOVp3AC2$`j-hF1Sv9N-E3O5oS050gNYEg&9;D2$Ok8Si19X&Z$_|QPLQF zMF-izB=t>K{fgdF0o-aO5BiE)t(tGiC+kxZWd9@^XRsu@Dk$9^_=-N&Z-jh8U#(9R z3B>wTU=Q)&*g` zQ^b+0^3t-*v$T34@34*j4G`&sMulF4IpQjdO%7XXDjlRxDve#uqpUjQOkR!Dfr3pl zem<)_J%v%<9l$2HvvJeIvF(?=AW6{NXr`U?l9h8Gn1 zbSzOr6RI``E!yZL9*=Bjb~$H10Ba<>y!kFJq5T* zc>YSngvJ8x(?D_+;b2*r9Q42^Qz@-6a%m9xAONvAYzf&*a^@0o>c^@x6`RRqXT+!r zoNtYY59Z95ip`p#RmN=WhrsZV_^KlphoMv=E)9kx1W)%U$y_mvlriWvo&iI z!8!K*b}})>4mDIjUf>0WYE$eN~ekT&LsvY@@PN<>Fm-Us+IARaS7$A>4UXz%D% zDxOD1rD#5t5;iB82~Q3SwQtZzt@8i8G_$LXF_-^4-EO~M^8dO{ud_b?c`MHs3n4of z1+@q0i*k)@X{y-+^ji`_dzbfWA*p~hyuJSLtj zHp!FOZvADhcg+g6KA@O;KOtVtTjJ7ipZb)^e%W}4pE{eU+v#kgZoj{YI?r+d*y{Ae z0NH!F;P8K@g$W5#_}$Cu#|Dy+{bRbKftL37PM5VVp|e zYUu6f>313xxk9}(HxNi5|KX7-;$r5*kH6ajE<_9aWE>7$2nDd;?SK9rA|(I*c~~We$dAV)G~p>(^+mhW?x%g&f(XR`c82~VM!nb-=(Qs3 ztfnDKxr%xmGs@EBoVg!0qfYe_v|qC{eoCG6&Uc?FH6k~brRWfb+-2GO8I5! z&1Jd!6!Sa+mteoxMZS4S&}R5)#33Fk^A$>Svblh$inJ=)a;szy{kYtZs-S#qdw?YF z%5yDz|Jb;Uaj3M99nui$)de-@?z9YFUYc$%5T@J93Da&r{a(~08r%5d01JGiHtvdA zv`O~*l)W))r16)7Ln*MNRG}nS_(#kI8O@Sn91EH+ri>&KR2EMtBY#PMAWzjc121;r zT`fo0F819jY1jea&~BtfeWp~7STu@sc+1XT6i{AS!#rQg?+P@bGV`zam#%NLE<%gbUn3`VaMMsfl$Vg8R*HFjtw ziH`Mo1hh}%P*k-T7x;V7Vjj38z{>XAUaPmH+2d1hd_tMHUH!JRoPK-$y{k7LbMcmn zw~|5DTF%tCIW6Z-!5b#?dc=xu|NSA7yfefcP&(y=3Xr6#yKnM zxwWEOE4phbx`=v@+LJpV+?7lX9y+4lBlhDW?1K={a(&D>ahnOmjk%yfwIh5%_`V9L zgZDqcXx)}dQY|l56hqZiQYq>cGBAZlK6W86;r)_qQI&?6?fGOJnmSIY*kkzoM9lOW z`y{NWo)Pi=cM*1pnAJ2NGwezE)gb&-oeA;aCsu>0lvwLAB#9&4+^H|0lD{f43RRW1 zn%FD3A`$gdQ7d0!R)$u-{grrXo2gSOQwjSg0U@nA0ef_3}+D^$(>vT(&TH(dK z?aSUgQ?1q-OQlA=9aJP4bJc$$p;Vqgp+b}wp+hR9P%l)FocKB!GQDxQjL1w@6`)G@ z1Y=*2QoquA9!N#S-Kq|LkT#P?M5fSO`F~}bD!>;{!|7R;XmsXA@iR1>p{HgkpZ$K7 zP{KDerwkModkTl+YHr6BA_-ZB)&9{h=ogO1P_ykz0xzKqt(67tIB(N6{E+=#5K}bscc3@T@$HlGM6{^3cB*n*(SZjSHIlqWPatG>7mhds z->2vE$LcOM*7m}&nzUbTsO@X$el4f1IhAkKqDiLY)K2*Ouy+=iBM&myt(*(cV3FKc zgJhlR_DJlIGzlPeX&?0#NzQXO>28nHELo=jJP_Ts_T{geUeKU9J1=fdbq=xndCX`W zdTWP%p&~69)Zc+7^$2%q7=kOnJNzCJ$PaQ8M%5WFp;le$$3Zw}trK0aA2SA_sG(8C zRHk$e(2q)iH)c2ZWE|E?84Xc!x2-NCVMKfZ%$)SB+qNd5)T^SQ^xSODZ#zyS@DF?g zc||qJ1tZ~j2}Nl&!K}?GsFF;g@a*C2Ee@&ypPW9keL9|>ED$jo0TZMGOckKq$eIw_ zdfDe08&1XCSi+PkjFBhaIV0)SZDl7fuQa5hkU68&+N~pU0p9-dvABe!Rl6%#x{cr) zRMiqi9#w}^2n9No67agKlam{BMl9^l*Uhq#pKgF9)LH$Teu?t zR^T<}0&yvWZ(tde0G@{x4+}UY0qpTtoL-v&7K*^GbH#L_8$kSs(cq@Ye_5hDQN|cL zq7~71cX$!>uCa0eT#!&R>uRX6%5QTfDoryZ?HA79?ZvM6^O7t6qU4H~x7BwlW9lIG zTvxo--5yaYDywL&Y&pVXgPS_IAr-6#J(j+D4E%zb^o4btqerfFH`6Q`u#h6I>#-4086?oL0CUbl|>=VpW zd!)E{$`Y%IZK#WQy1o7;>i6`Y(|+-+>=fu)+q;{n(|xgtdXB92yrEv-*+iY)?k1AG zI_(#`&zh-2>W<8v{_x?$ht``nt%C#f^Us5zl%bf5wswnNISD`4Ug={zq*Lvh7G3!W z3js_mtNu~^QobYu4s4nMSM8nSkO(aeDm+y1z#6U;G9FF6x6^p&sD8zz{;gT?rk$!e z1hH}GyzDv7?NLBe3_Z6%wLyzzP#ng=u;jj{C~h!YYQi-4Cyus!=4q8&bAdLWj?X~K zi2E5;t4}$t&S=Fb+evbNpmx_@({V1s#&F2x^zB00=@}l68H~*}Y}MN7{cH`Cp_f)) zmVHWp(u%b(hn()dT*&Uay8u|p6TV6>l#OvHrB_o&MJk00_4AT16Kz_t4V46{Q^U&Y z&_4swRIbcu-c(Aw#u7!0ZsWLr&|y>*p%%UWA>KI^JeO)qCla&BtQS7_*cV-U_R z$i1q2hO~8cQ4O|ztZ~YupO;jIpN7t>6M`6frT zn!eqZo?0MR7x8B;&!DHdE#YTH-?CmHqo)DBcs4IqSC5*iHIp2TQ2|j4J>(Rd2Yd+G zhf$@6^&#Z-A>{QTWb{DOxUPK&c{mfm@A~+0L;SciHw$`w{P;m7Q{Bk%;{XE6X2lc8 z-^cmmH)`gO{s{85jjg*dF0P=rR!pnSHNAm-P;L8f?A_%~=+9(4x!Vk$dd+)<#GU0d z^3AQ|%e!31H{g-tMr#cW4=xw0c}cDE+a(O9e9&{LUz_MOU9GqJeJy4k^=~bg2%vl> zGAFVc46Pfms5UDA73|TXkcd4<%-aLZx*1dXpUJmWnSyEx_`zrLBhPCr2UF!`k>;n_0NqDj;SN`4yVq1=48T!5)QDNO->4CBgnYR!+x)ZK?yW8T_)f~8|!n=@Nf{hEc(l7%Lr zN2bJ!vm@P?6@{Ws;${F`;0sdX!t|J3G4rrNxK!PZY|I(Hn3vW1x4%s=pZptUN`DXk z09Op2@AR8UB!3rZai!__CFa#c&>X-Ejfi?!cA8+(S)5mgqC#G?>N+Gx6${e2)(m(s zp~|~Gxw+iI%;G`3N42R|_`cA{zRhr|`N?(fEJ@%h)P1a{&Js`S#QZ|_+se_JD;%>* zsC>oAHPgoC%`W}JkEG{#f6gGaLD&VN!PIIJ5KVBIW=mWPhZcwo{nT7Wx7@%@`vZkx zs~7E|ns_oQk!5|YyErp_*PL@Bdlz?br2MwFOV;e#H1NVrAarAVduL2^iw0HiWb1o4l)L(o z*?SbJT9`()+J0JDLfrml&$Vx&ZU}ljuqDZFygkrGS#AgJeQwqSxSX&NqwB4>+;huY zagX6(#)G~(Eg)fXs-XWJUY=H~&TlbBcT*R?EWC!Od_i38;P=2ZzFq)s)nV>Y9P=0= z%B6;%ZM_Qc7zXGRSJ$hVveyyD1*0rvk?JX<2XTMkm7A|)I86iJe#rH%`T9ZUZa+TG zUbAM?z;_s4y{24V!YI8?oUUJr)9o%Br`!IH;&c@hJfMhNF}y>hjo1`zlU~LHNvFP7 z5w?XW&PUH45R#XRm>t8IaKUCs`5zpWB53QdS?;+%VY7Am`ts@P&ns{&PG8^dXZmrS zzK+)E>q*HveZ5Y1mebcC%FPM4mA~F_pTatYy_h!sqUSVGiM~muxXd?{y#Ausxu?nN zmT4*pSJI>esngeJvAH{e0B0g_dsn|suGjJ~`>bmUoZI8Eg<@}!zo7z#kH+TD-!g`3=Jp($oW`b-04 zl3Z9@x$|w7ZnIeknFIiJt(_sNt;`T=B~5KrmAi~68IbjfRG+BOr&O>5q_F^HZQTeO6hS*x-8VzF zkzI?0TxA`Hf?&V61oiOmpB}$H`{m^D`0d`C!@?Y}C!Lw{L~_?q{lbAs7rJp4^>y>p zFs1t$%nfK(U>@zAoc#Lk_+T|Kk1*%wlzGd5nX9`9%)4f}^|OA~&-%F+&;JGh0RR79 K+m=fJ@&EwA-aaz` literal 0 HcmV?d00001 diff --git a/charts/neuvector-monitor/103.0.0+up2.6.4/Chart.yaml b/charts/neuvector-monitor/103.0.0+up2.6.4/Chart.yaml new file mode 100644 index 000000000..cf2ad5545 --- /dev/null +++ b/charts/neuvector-monitor/103.0.0+up2.6.4/Chart.yaml @@ -0,0 +1,26 @@ +annotations: + catalog.cattle.io/certified: rancher + catalog.cattle.io/display-name: NeuVector Monitor + catalog.cattle.io/kube-version: '>=1.18.0-0 < 1.28.0-0' + catalog.cattle.io/namespace: cattle-neuvector-system + catalog.cattle.io/os: linux + catalog.cattle.io/permit-os: linux + catalog.cattle.io/provides-gvr: neuvector.com/v1 + catalog.cattle.io/rancher-version: '>= 2.8.0-0 < 2.9.0-0' + catalog.cattle.io/release-name: neuvector-monitor + catalog.cattle.io/type: cluster-tool + catalog.cattle.io/upstream-version: 2.6.4 +apiVersion: v1 +appVersion: 5.2.2-s1 +description: Helm feature chart for NeuVector monitor services +home: https://neuvector.com +icon: https://avatars2.githubusercontent.com/u/19367275?s=200&v=4 +keywords: +- security +maintainers: +- email: support@neuvector.com + name: becitsthere +name: neuvector-monitor +sources: +- https://github.com/neuvector/neuvector +version: 103.0.0+up2.6.4 diff --git a/charts/neuvector-monitor/103.0.0+up2.6.4/README.md b/charts/neuvector-monitor/103.0.0+up2.6.4/README.md new file mode 100644 index 000000000..723b7d2c9 --- /dev/null +++ b/charts/neuvector-monitor/103.0.0+up2.6.4/README.md @@ -0,0 +1,21 @@ +# NeuVector Helm Chart + +Helm chart for NeuVector's monitoring services. + +## Configuration + +The following table lists the configurable parameters of the NeuVector chart and their default values. + +Parameter | Description | Default | Notes +--------- | ----------- | ------- | ----- +`registry` | NeuVector container registry | `registry.neuvector.com` | +`oem` | OEM release name | `nil` | +`leastPrivilege` | Assume monitor chart is always installed after the core chart, so service accounts created by the core chart will be used. Keep this value as same as in the core chart. | `false` | +`exporter.enabled` | If true, create Prometheus exporter | `false` | +`exporter.image.repository` | exporter image name | `neuvector/prometheus-exporter` | +`exporter.image.tag` | exporter image tag | `latest` | +`exporter.CTRL_USERNAME` | Username to login to the controller. Suggest to replace the default admin user to a read-only user | `admin` | +`exporter.CTRL_PASSWORD` | Password to login to the controller. | `admin` | + +--- + diff --git a/charts/neuvector-monitor/103.0.0+up2.6.4/app-readme.md b/charts/neuvector-monitor/103.0.0+up2.6.4/app-readme.md new file mode 100644 index 000000000..e0faed5b5 --- /dev/null +++ b/charts/neuvector-monitor/103.0.0+up2.6.4/app-readme.md @@ -0,0 +1,5 @@ +### Run-Time Protection Without Compromise + +NeuVector delivers a complete run-time security solution with container process/file system protection and vulnerability scanning combined with the only true Layer 7 container firewall. Protect sensitive data with a complete container security platform. + +Helm chart for NeuVector's monitoring services. Please make sure REST API service for controller in core chart is enabled. diff --git a/charts/neuvector-monitor/103.0.0+up2.6.4/dashboards/nv_dashboard.json b/charts/neuvector-monitor/103.0.0+up2.6.4/dashboards/nv_dashboard.json new file mode 100644 index 000000000..ad7ce631b --- /dev/null +++ b/charts/neuvector-monitor/103.0.0+up2.6.4/dashboards/nv_dashboard.json @@ -0,0 +1,1828 @@ +{ + "annotations": { + "list": [ + { + "builtIn": 1, + "datasource": { + "type": "datasource", + "uid": "grafana" + }, + "enable": true, + "hide": true, + "iconColor": "rgba(0, 211, 255, 1)", + "name": "Annotations & Alerts", + "target": { + "limit": 100, + "matchAny": false, + "tags": [], + "type": "dashboard" + }, + "type": "dashboard" + } + ] + }, + "editable": true, + "fiscalYearStartMonth": 0, + "graphTooltip": 0, + "links": [], + "liveNow": false, + "panels": [ + { + "datasource": { + "type": "datasource", + "uid": "grafana" + }, + "gridPos": { + "h": 10, + "w": 3, + "x": 0, + "y": 0 + }, + "id": 38, + "options": { + "content": "
\n \n ![NeuVector Logo](https://avatars.githubusercontent.com/u/19367275?s=200&v=4)
\n
\n [Documentation](https://open-docs.neuvector.com)
\n
\n [Users Slack Channel](https://rancher-users.slack.com/archives/C036F6JDZ8C)
\n
\n [GitHub](https://github.com/neuvector)\n\n
", + "mode": "markdown" + }, + "pluginVersion": "9.1.5", + "title": "NeuVector Product Links", + "type": "text" + }, + { + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "thresholds" + }, + "mappings": [ + { + "options": { + "match": "null", + "result": { + "text": "N/A" + } + }, + "type": "special" + } + ], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "blue", + "value": null + } + ] + }, + "unit": "none" + }, + "overrides": [] + }, + "gridPos": { + "h": 3, + "w": 3, + "x": 3, + "y": 0 + }, + "id": 25, + "links": [], + "maxDataPoints": 100, + "options": { + "colorMode": "value", + "graphMode": "none", + "justifyMode": "auto", + "orientation": "horizontal", + "reduceOptions": { + "calcs": [ + "mean" + ], + "fields": "", + "values": false + }, + "text": {}, + "textMode": "auto" + }, + "pluginVersion": "9.1.5", + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "exemplar": true, + "expr": "nv_summary_enforcers", + "format": "time_series", + "instant": true, + "interval": "", + "intervalFactor": 1, + "legendFormat": "{{target}}", + "refId": "A" + } + ], + "title": "Enforcer Replica Count", + "type": "stat" + }, + { + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "thresholds" + }, + "decimals": 3, + "mappings": [ + { + "options": { + "match": "null", + "result": { + "text": "N/A" + } + }, + "type": "special" + } + ], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "blue", + "value": null + } + ] + }, + "unit": "short" + }, + "overrides": [] + }, + "gridPos": { + "h": 3, + "w": 3, + "x": 6, + "y": 0 + }, + "id": 8, + "links": [], + "maxDataPoints": 100, + "options": { + "colorMode": "value", + "graphMode": "none", + "justifyMode": "auto", + "orientation": "horizontal", + "reduceOptions": { + "calcs": [ + "lastNotNull" + ], + "fields": "", + "values": false + }, + "text": {}, + "textMode": "auto" + }, + "pluginVersion": "9.1.5", + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "exemplar": true, + "expr": "nv_summary_cvedbVersion", + "format": "time_series", + "instant": true, + "interval": "", + "intervalFactor": 1, + "legendFormat": "{{target}}", + "refId": "A" + } + ], + "title": "CVE Database Version", + "type": "stat" + }, + { + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "thresholds" + }, + "decimals": 0, + "mappings": [ + { + "options": { + "match": "null", + "result": { + "text": "N/A" + } + }, + "type": "special" + } + ], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "blue", + "value": null + } + ] + }, + "unit": "short" + }, + "overrides": [] + }, + "gridPos": { + "h": 3, + "w": 3, + "x": 9, + "y": 0 + }, + "id": 20, + "links": [], + "maxDataPoints": 1000, + "options": { + "colorMode": "value", + "graphMode": "none", + "justifyMode": "auto", + "orientation": "horizontal", + "reduceOptions": { + "calcs": [ + "lastNotNull" + ], + "fields": "", + "values": false + }, + "text": {}, + "textMode": "auto" + }, + "pluginVersion": "9.1.5", + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "exemplar": true, + "expr": "nv_summary_pods", + "format": "time_series", + "instant": true, + "interval": "", + "intervalFactor": 1, + "legendFormat": "{{target}}", + "refId": "A" + } + ], + "title": "Discovered Pod Count", + "type": "stat" + }, + { + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "never", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "percentunit" + }, + "overrides": [] + }, + "gridPos": { + "h": 6, + "w": 12, + "x": 12, + "y": 0 + }, + "id": 34, + "links": [], + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "multi", + "sort": "desc" + } + }, + "pluginVersion": "9.1.5", + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "editorMode": "code", + "exemplar": true, + "expr": "max(nv_controller_cpu) by (display)\n", + "format": "time_series", + "interval": "", + "intervalFactor": 1, + "legendFormat": "{{display}}", + "range": true, + "refId": "A" + } + ], + "title": "Controller CPU Usage", + "type": "timeseries" + }, + { + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "thresholds" + }, + "mappings": [ + { + "options": { + "match": "null", + "result": { + "text": "N/A" + } + }, + "type": "special" + } + ], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 1 + } + ] + }, + "unit": "none" + }, + "overrides": [] + }, + "gridPos": { + "h": 3, + "w": 3, + "x": 3, + "y": 3 + }, + "id": 32, + "links": [], + "maxDataPoints": 100, + "options": { + "colorMode": "value", + "graphMode": "none", + "justifyMode": "center", + "orientation": "horizontal", + "reduceOptions": { + "calcs": [ + "lastNotNull" + ], + "fields": "", + "values": false + }, + "text": {}, + "textMode": "auto" + }, + "pluginVersion": "9.1.5", + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "exemplar": true, + "expr": "nv_admission_denied", + "format": "time_series", + "instant": true, + "interval": "", + "intervalFactor": 1, + "legendFormat": "", + "refId": "A" + } + ], + "title": "Denied Admissions", + "type": "stat" + }, + { + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "continuous-RdYlGr" + }, + "mappings": [ + { + "options": { + "1": { + "color": "light-orange", + "index": 1 + }, + "2": { + "color": "yellow", + "index": 2 + }, + "3": { + "color": "green", + "index": 3 + } + }, + "type": "value" + }, + { + "options": { + "match": "null", + "result": { + "index": 0, + "text": "N/A" + } + }, + "type": "special" + } + ], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "red", + "value": null + } + ] + }, + "unit": "none" + }, + "overrides": [] + }, + "gridPos": { + "h": 3, + "w": 3, + "x": 6, + "y": 3 + }, + "id": 2, + "links": [], + "maxDataPoints": 100, + "options": { + "colorMode": "value", + "graphMode": "none", + "justifyMode": "auto", + "orientation": "horizontal", + "reduceOptions": { + "calcs": [ + "mean" + ], + "fields": "", + "values": false + }, + "text": {}, + "textMode": "auto" + }, + "pluginVersion": "9.1.5", + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "exemplar": true, + "expr": "nv_summary_controllers", + "format": "time_series", + "instant": true, + "interval": "", + "intervalFactor": 1, + "legendFormat": "{{target}}", + "refId": "A" + } + ], + "title": "Controller Replicas", + "type": "stat" + }, + { + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "thresholds" + }, + "decimals": 0, + "mappings": [ + { + "options": { + "match": "null", + "result": { + "text": "N/A" + } + }, + "type": "special" + } + ], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 1 + } + ] + }, + "unit": "none" + }, + "overrides": [] + }, + "gridPos": { + "h": 3, + "w": 3, + "x": 9, + "y": 3 + }, + "id": 19, + "links": [], + "maxDataPoints": 100, + "options": { + "colorMode": "background", + "graphMode": "none", + "justifyMode": "center", + "orientation": "horizontal", + "reduceOptions": { + "calcs": [ + "lastNotNull" + ], + "fields": "", + "values": false + }, + "text": {}, + "textMode": "value" + }, + "pluginVersion": "9.1.5", + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "exemplar": true, + "expr": "nv_summary_disconnectedEnforcers", + "format": "time_series", + "instant": true, + "interval": "", + "intervalFactor": 1, + "legendFormat": "{{target}}", + "refId": "A" + } + ], + "title": "Disconnected Enforcers", + "type": "stat" + }, + { + "columns": [ + { + "text": "Current", + "value": "current" + } + ], + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "thresholds" + }, + "custom": { + "align": "center", + "displayMode": "auto", + "filterable": false, + "inspect": false, + "width": 300 + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + } + ] + }, + "unit": "string" + }, + "overrides": [ + { + "matcher": { + "id": "byName", + "options": "log" + }, + "properties": [ + { + "id": "custom.width", + "value": 101 + }, + { + "id": "custom.displayMode", + "value": "color-text" + }, + { + "id": "color", + "value": { + "fixedColor": "light-orange", + "mode": "fixed" + } + }, + { + "id": "displayName", + "value": "Event Type" + }, + { + "id": "custom.filterable", + "value": true + } + ] + }, + { + "matcher": { + "id": "byName", + "options": "name" + }, + "properties": [ + { + "id": "custom.filterable", + "value": true + }, + { + "id": "displayName", + "value": "Violation Type" + } + ] + }, + { + "matcher": { + "id": "byName", + "options": "Last seen" + }, + "properties": [ + { + "id": "unit", + "value": "dateTimeAsIso" + }, + { + "id": "custom.width", + "value": 200 + } + ] + }, + { + "matcher": { + "id": "byName", + "options": "fromname" + }, + "properties": [ + { + "id": "displayName", + "value": "Source Pod" + } + ] + }, + { + "matcher": { + "id": "byName", + "options": "toname" + }, + "properties": [ + { + "id": "displayName", + "value": "Destination Pod" + } + ] + } + ] + }, + "fontSize": "90%", + "gridPos": { + "h": 8, + "w": 9, + "x": 3, + "y": 6 + }, + "id": 29, + "links": [], + "options": { + "footer": { + "enablePagination": true, + "fields": "", + "reducer": [ + "sum" + ], + "show": false + }, + "showHeader": true, + "sortBy": [ + { + "desc": true, + "displayName": "Last seen" + } + ] + }, + "pluginVersion": "9.1.5", + "scroll": true, + "showHeader": true, + "sort": { + "col": 1, + "desc": true + }, + "styles": [ + { + "alias": "Event", + "colors": [ + "rgba(245, 54, 54, 0.9)", + "rgba(237, 129, 40, 0.89)", + "rgba(50, 172, 45, 0.97)" + ], + "dateFormat": "YYYY-MM-DD HH:mm", + "decimals": 2, + "link": false, + "mappingType": 1, + "pattern": "Metric", + "preserveFormat": false, + "sanitize": true, + "thresholds": [], + "type": "string", + "unit": "short" + }, + { + "alias": "Time", + "colorMode": "value", + "colors": [ + "#E0B400", + "rgba(237, 129, 40, 0.89)", + "rgba(50, 172, 45, 0.97)" + ], + "decimals": 0, + "pattern": "Current", + "thresholds": [], + "type": "number", + "unit": "dateTimeAsIso" + } + ], + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "editorMode": "code", + "exemplar": false, + "expr": "nv_log_events", + "format": "time_series", + "instant": true, + "interval": "", + "intervalFactor": 1, + "legendFormat": "", + "range": false, + "refId": "A" + } + ], + "title": "Security Event Log", + "transform": "timeseries_aggregations", + "transformations": [ + { + "id": "labelsToFields", + "options": {} + }, + { + "id": "merge", + "options": {} + }, + { + "id": "organize", + "options": { + "excludeByName": { + "Time": true, + "endpoint": true, + "fromns": true, + "id": true, + "instance": true, + "job": true, + "namespace": true, + "pod": true, + "service": true, + "target": true, + "tons": true + }, + "indexByName": { + "Time": 0, + "Value": 14, + "endpoint": 1, + "fromname": 7, + "fromns": 15, + "id": 2, + "instance": 3, + "job": 4, + "log": 5, + "name": 6, + "namespace": 8, + "pod": 9, + "service": 10, + "target": 11, + "toname": 12, + "tons": 13 + }, + "renameByName": {} + } + }, + { + "id": "groupBy", + "options": { + "fields": { + "Value": { + "aggregations": [ + "max" + ], + "operation": "aggregate" + }, + "fromname": { + "aggregations": [], + "operation": "groupby" + }, + "log": { + "aggregations": [], + "operation": "groupby" + }, + "name": { + "aggregations": [], + "operation": "groupby" + }, + "toname": { + "aggregations": [], + "operation": "groupby" + } + } + } + }, + { + "id": "organize", + "options": { + "excludeByName": {}, + "indexByName": {}, + "renameByName": { + "Value (lastNotNull)": "Last seen", + "Value (max)": "Last seen" + } + } + } + ], + "type": "table" + }, + { + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "left", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "never", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "bytes" + }, + "overrides": [] + }, + "gridPos": { + "h": 6, + "w": 12, + "x": 12, + "y": 6 + }, + "id": 12, + "links": [], + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "multi", + "sort": "desc" + } + }, + "pluginVersion": "9.1.5", + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "editorMode": "code", + "exemplar": true, + "expr": "max(nv_controller_memory) by (display)", + "format": "time_series", + "interval": "", + "intervalFactor": 1, + "legendFormat": "{{display}}", + "range": true, + "refId": "A" + } + ], + "title": "Controller Memory Usage", + "type": "timeseries" + }, + { + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + } + }, + "mappings": [], + "unit": "none" + }, + "overrides": [ + { + "matcher": { + "id": "byName", + "options": "Value #A" + }, + "properties": [ + { + "id": "displayName", + "value": "High" + }, + { + "id": "color", + "value": { + "fixedColor": "red", + "mode": "fixed" + } + } + ] + }, + { + "matcher": { + "id": "byName", + "options": "Value #B" + }, + "properties": [ + { + "id": "displayName", + "value": "Medium" + }, + { + "id": "color", + "value": { + "fixedColor": "light-orange", + "mode": "fixed" + } + } + ] + } + ] + }, + "gridPos": { + "h": 14, + "w": 3, + "x": 0, + "y": 10 + }, + "id": 24, + "links": [], + "options": { + "displayLabels": [ + "value" + ], + "legend": { + "displayMode": "list", + "placement": "bottom", + "showLegend": true, + "values": [] + }, + "pieType": "pie", + "reduceOptions": { + "calcs": [ + "lastNotNull" + ], + "fields": "", + "values": false + }, + "tooltip": { + "mode": "none", + "sort": "none" + } + }, + "pluginVersion": "9.1.5", + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "expr": "sum(nv_container_vulnerabilityHigh) by (service)", + "format": "table", + "instant": true, + "interval": "", + "intervalFactor": 2, + "legendFormat": "", + "refId": "A" + }, + { + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "expr": "sum(nv_container_vulnerabilityMedium) by (service)", + "format": "table", + "instant": true, + "interval": "", + "intervalFactor": 2, + "legendFormat": "", + "refId": "B" + } + ], + "title": "Cluster CVE Count", + "transformations": [ + { + "id": "merge", + "options": { + "reducers": [] + } + }, + { + "id": "organize", + "options": { + "excludeByName": { + "Time": true + }, + "indexByName": {}, + "renameByName": {} + } + } + ], + "type": "piechart" + }, + { + "aliasColors": {}, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "fill": 0, + "fillGradient": 0, + "gridPos": { + "h": 6, + "w": 12, + "x": 12, + "y": 12 + }, + "hiddenSeries": false, + "id": 10, + "legend": { + "avg": false, + "current": false, + "hideEmpty": true, + "hideZero": true, + "max": false, + "min": false, + "show": true, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 1, + "links": [], + "nullPointMode": "null", + "options": { + "alertThreshold": true + }, + "percentage": false, + "pluginVersion": "9.1.5", + "pointradius": 2, + "points": false, + "renderer": "flot", + "seriesOverrides": [], + "spaceLength": 10, + "stack": false, + "steppedLine": false, + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "exemplar": true, + "expr": "max(nv_enforcer_cpu) by (display)\n", + "format": "time_series", + "interval": "", + "intervalFactor": 1, + "legendFormat": "{{display}}", + "refId": "A" + } + ], + "thresholds": [], + "timeRegions": [], + "title": "Enforcer CPU Usage", + "tooltip": { + "shared": true, + "sort": 2, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "mode": "time", + "show": true, + "values": [] + }, + "yaxes": [ + { + "$$hashKey": "object:865", + "format": "percentunit", + "logBase": 1, + "show": true + }, + { + "$$hashKey": "object:866", + "format": "short", + "logBase": 1, + "show": true + } + ], + "yaxis": { + "align": false + } + }, + { + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "thresholds" + }, + "custom": { + "align": "center", + "displayMode": "auto", + "inspect": false, + "width": 101 + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + } + ] + } + }, + "overrides": [ + { + "matcher": { + "id": "byName", + "options": "exported_service" + }, + "properties": [ + { + "id": "custom.filterable", + "value": true + }, + { + "id": "displayName", + "value": "Cluster Service Name" + }, + { + "id": "custom.inspect", + "value": true + } + ] + }, + { + "matcher": { + "id": "byName", + "options": "Value #A" + }, + "properties": [ + { + "id": "displayName", + "value": "High" + }, + { + "id": "thresholds", + "value": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 1 + } + ] + } + }, + { + "id": "custom.displayMode", + "value": "color-text" + } + ] + }, + { + "matcher": { + "id": "byName", + "options": "Value #B" + }, + "properties": [ + { + "id": "custom.displayMode", + "value": "color-text" + }, + { + "id": "displayName", + "value": "Medium" + }, + { + "id": "thresholds", + "value": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "light-orange", + "value": 1 + } + ] + } + } + ] + }, + { + "matcher": { + "id": "byName", + "options": "exported_service" + }, + "properties": [ + { + "id": "custom.width", + "value": 300 + }, + { + "id": "custom.align", + "value": "right" + }, + { + "id": "displayName", + "value": "Cluster Service Name" + } + ] + } + ] + }, + "gridPos": { + "h": 10, + "w": 4, + "x": 3, + "y": 14 + }, + "id": 36, + "links": [], + "options": { + "footer": { + "enablePagination": true, + "fields": "", + "reducer": [ + "sum" + ], + "show": false + }, + "showHeader": true, + "sortBy": [] + }, + "pluginVersion": "9.1.5", + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "editorMode": "code", + "expr": "sum(nv_container_vulnerabilityHigh) by (exported_service)", + "format": "table", + "instant": true, + "interval": "", + "intervalFactor": 1, + "legendFormat": "", + "refId": "A" + }, + { + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "editorMode": "code", + "expr": "sum(nv_container_vulnerabilityMedium) by (exported_service)", + "format": "table", + "instant": true, + "interval": "", + "intervalFactor": 1, + "legendFormat": "", + "refId": "B" + } + ], + "title": "Vulnerabilities by Service", + "transformations": [ + { + "id": "merge", + "options": { + "reducers": [] + } + }, + { + "id": "organize", + "options": { + "excludeByName": { + "Time": true + }, + "indexByName": {}, + "renameByName": {} + } + } + ], + "type": "table" + }, + { + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "thresholds" + }, + "custom": { + "align": "center", + "displayMode": "auto", + "filterable": false, + "inspect": false, + "minWidth": 50 + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + } + ] + } + }, + "overrides": [ + { + "matcher": { + "id": "byName", + "options": "name" + }, + "properties": [ + { + "id": "unit", + "value": "string" + }, + { + "id": "custom.align", + "value": "right" + }, + { + "id": "custom.inspect", + "value": true + }, + { + "id": "custom.filterable", + "value": true + }, + { + "id": "displayName", + "value": "Repository/Image: Tag" + } + ] + }, + { + "matcher": { + "id": "byName", + "options": "Value #A" + }, + "properties": [ + { + "id": "displayName", + "value": "High" + }, + { + "id": "unit", + "value": "none" + }, + { + "id": "custom.displayMode", + "value": "color-text" + }, + { + "id": "color" + }, + { + "id": "thresholds", + "value": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 1 + } + ] + } + } + ] + }, + { + "matcher": { + "id": "byName", + "options": "Value #B" + }, + "properties": [ + { + "id": "displayName", + "value": "Medium" + }, + { + "id": "unit", + "value": "none" + }, + { + "id": "custom.displayMode", + "value": "color-text" + }, + { + "id": "thresholds", + "value": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "light-orange", + "value": 1 + } + ] + } + }, + { + "id": "color" + } + ] + } + ] + }, + "gridPos": { + "h": 10, + "w": 5, + "x": 7, + "y": 14 + }, + "id": 33, + "links": [], + "options": { + "footer": { + "enablePagination": true, + "fields": "", + "reducer": [ + "sum" + ], + "show": false + }, + "showHeader": true + }, + "pluginVersion": "9.1.5", + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "expr": "sum(nv_image_vulnerabilityHigh) by (name)", + "format": "table", + "instant": true, + "interval": "", + "intervalFactor": 2, + "legendFormat": "", + "refId": "A" + }, + { + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "expr": "sum(nv_image_vulnerabilityMedium) by (name)", + "format": "table", + "instant": true, + "interval": "", + "intervalFactor": 2, + "legendFormat": "", + "refId": "B" + } + ], + "title": "Registry Images Vulnerabilities", + "transformations": [ + { + "id": "merge", + "options": { + "reducers": [] + } + }, + { + "id": "organize", + "options": { + "excludeByName": { + "Time": true + }, + "indexByName": {}, + "renameByName": {} + } + } + ], + "type": "table" + }, + { + "aliasColors": {}, + "bars": false, + "dashLength": 10, + "dashes": false, + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "fill": 0, + "fillGradient": 0, + "gridPos": { + "h": 6, + "w": 12, + "x": 12, + "y": 18 + }, + "hiddenSeries": false, + "id": 35, + "legend": { + "avg": false, + "current": false, + "hideEmpty": true, + "hideZero": true, + "max": false, + "min": false, + "show": true, + "total": false, + "values": false + }, + "lines": true, + "linewidth": 1, + "links": [], + "nullPointMode": "null", + "options": { + "alertThreshold": true + }, + "percentage": false, + "pluginVersion": "9.1.5", + "pointradius": 2, + "points": false, + "renderer": "flot", + "seriesOverrides": [], + "spaceLength": 10, + "stack": false, + "steppedLine": false, + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "exemplar": true, + "expr": "max(nv_enforcer_memory) by (display)", + "format": "time_series", + "interval": "", + "intervalFactor": 1, + "legendFormat": "{{display}}", + "refId": "A" + } + ], + "thresholds": [], + "timeRegions": [], + "title": "Enforcer Memory Usage", + "tooltip": { + "shared": true, + "sort": 2, + "value_type": "individual" + }, + "type": "graph", + "xaxis": { + "mode": "time", + "show": true, + "values": [] + }, + "yaxes": [ + { + "$$hashKey": "object:940", + "format": "bytes", + "logBase": 1, + "show": true + }, + { + "$$hashKey": "object:941", + "format": "short", + "logBase": 1, + "show": true + } + ], + "yaxis": { + "align": false + } + } + ], + "refresh": "15s", + "schemaVersion": 37, + "style": "dark", + "tags": [], + "templating": { + "list": [] + }, + "time": { + "from": "now-5m", + "to": "now" + }, + "timepicker": { + "hidden": false, + "refresh_intervals": [ + "5s", + "10s", + "15s", + "30s", + "1m", + "5m", + "15m", + "30m", + "1h" + ], + "time_options": [ + "5m", + "15m", + "1h", + "6h", + "12h", + "24h", + "2d", + "7d", + "30d" + ] + }, + "timezone": "UTC", + "title": "NeuVector", + "uid": "nv_dashboard0001", + "version": 2, + "weekStart": "" +} diff --git a/charts/neuvector-monitor/103.0.0+up2.6.4/questions.yaml b/charts/neuvector-monitor/103.0.0+up2.6.4/questions.yaml new file mode 100644 index 000000000..b8d51b379 --- /dev/null +++ b/charts/neuvector-monitor/103.0.0+up2.6.4/questions.yaml @@ -0,0 +1,27 @@ +questions: +#monitor configurations +- variable: exporter.image.repository + default: "neuvector/prometheus-exporter" + description: exporter image repository + type: string + label: Exporter Image Path + group: "Container Images" +- variable: exporter.image.tag + default: "" + description: image tag for exporter + type: string + label: exporter Image Tag + group: "Container Images" +#controller crendential configuration +- variable: exporter.CTRL_USERNAME + default: "admin" + description: Controller Username + type: string + label: Controller Username + group: "Controller Crendential" +- variable: exporter.CTRL_PASSWORD + default: "admin" + description: Controller Password + type: string + label: Controller Password + group: "Controller Crendential" diff --git a/charts/neuvector-monitor/103.0.0+up2.6.4/templates/_helpers.tpl b/charts/neuvector-monitor/103.0.0+up2.6.4/templates/_helpers.tpl new file mode 100644 index 000000000..5d21a1824 --- /dev/null +++ b/charts/neuvector-monitor/103.0.0+up2.6.4/templates/_helpers.tpl @@ -0,0 +1,40 @@ +{{/* vim: set filetype=mustache: */}} +{{/* +Expand the name of the chart. +*/}} +{{- define "neuvector.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "neuvector.fullname" -}} +{{- if .Values.fullnameOverride -}} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- $name := default .Chart.Name .Values.nameOverride -}} +{{- if contains $name .Release.Name -}} +{{- .Release.Name | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- end -}} +{{- end -}} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "neuvector.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{- define "system_default_registry" -}} +{{- if .Values.global.cattle.systemDefaultRegistry -}} +{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}} +{{- else -}} +{{- "" -}} +{{- end -}} +{{- end -}} diff --git a/charts/neuvector-monitor/103.0.0+up2.6.4/templates/dashboard.yaml b/charts/neuvector-monitor/103.0.0+up2.6.4/templates/dashboard.yaml new file mode 100644 index 000000000..72c5d9f70 --- /dev/null +++ b/charts/neuvector-monitor/103.0.0+up2.6.4/templates/dashboard.yaml @@ -0,0 +1,15 @@ +{{- if .Values.exporter.grafanaDashboard.enabled }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: nv-grafana-dashboard + namespace: {{ .Values.exporter.grafanaDashboard.namespace | default .Release.Namespace }} + labels: + grafana_dashboard: "1" +{{- if .Values.exporter.grafanaDashboard.labels }} + {{- toYaml .Values.exporter.grafanaDashboard.labels | nindent 4}} +{{- end }} +data: + nv_dashboard.json: | +{{ .Files.Get "dashboards/nv_dashboard.json" | indent 4 }} +{{- end }} diff --git a/charts/neuvector-monitor/103.0.0+up2.6.4/templates/exporter-deployment.yaml b/charts/neuvector-monitor/103.0.0+up2.6.4/templates/exporter-deployment.yaml new file mode 100644 index 000000000..5353c05a6 --- /dev/null +++ b/charts/neuvector-monitor/103.0.0+up2.6.4/templates/exporter-deployment.yaml @@ -0,0 +1,56 @@ +{{- if .Values.exporter.enabled -}} +apiVersion: apps/v1 +kind: Deployment +metadata: + name: neuvector-prometheus-exporter-pod + namespace: {{ .Release.Namespace }} + labels: + chart: {{ template "neuvector.chart" . }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + replicas: 1 + selector: + matchLabels: + app: neuvector-prometheus-exporter-pod + template: + metadata: + annotations: + prometheus.io/path: /metrics + prometheus.io/port: "8068" + prometheus.io/scrape: "true" + checksum/secret: {{ include (print $.Template.BasePath "/secret.yaml") . | sha256sum }} + labels: + app: neuvector-prometheus-exporter-pod + release: {{ .Release.Name }} + spec: + {{- if .Values.imagePullSecrets }} + imagePullSecrets: + - name: {{ .Values.imagePullSecrets }} + {{- end }} + {{- if .Values.leastPrivilege }} + serviceAccountName: basic + serviceAccount: basic + {{- end }} + containers: + - name: neuvector-prometheus-exporter-pod + {{ if eq .Values.registry "registry.neuvector.com" }} + {{ if .Values.oem }} + image: "{{ .Values.registry }}/{{ .Values.oem }}/prometheus-exporter:{{ .Values.exporter.image.tag }}" + {{- else }} + image: "{{ .Values.registry }}/prometheus-exporter:{{ .Values.exporter.image.tag }}" + {{- end }} + {{- else }} + image: {{ template "system_default_registry" . }}{{ .Values.exporter.image.repository }}:{{ .Values.exporter.image.tag }} + {{- end }} + imagePullPolicy: Always + env: + - name: CTRL_API_SERVICE + value: {{ .Values.exporter.apiSvc }} + - name: EXPORTER_PORT + value: "8068" + envFrom: + - secretRef: + name: neuvector-prometheus-exporter-pod-secret + restartPolicy: Always +{{- end }} diff --git a/charts/neuvector-monitor/103.0.0+up2.6.4/templates/exporter-service.yaml b/charts/neuvector-monitor/103.0.0+up2.6.4/templates/exporter-service.yaml new file mode 100644 index 000000000..b30456270 --- /dev/null +++ b/charts/neuvector-monitor/103.0.0+up2.6.4/templates/exporter-service.yaml @@ -0,0 +1,28 @@ +{{- if and .Values.exporter.enabled .Values.exporter.svc.enabled -}} +apiVersion: v1 +kind: Service +metadata: + name: neuvector-prometheus-exporter + namespace: {{ .Release.Namespace }} + {{- with .Values.exporter.svc.annotations }} + annotations: + {{ toYaml . | nindent 4 }} + {{- end }} + labels: + chart: {{ template "neuvector.chart" . }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + app: neuvector-prometheus-exporter +spec: + type: {{ .Values.exporter.svc.type }} + {{- if and .Values.exporter.svc.loadBalancerIP (eq .Values.exporter.svc.type "LoadBalancer") }} + loadBalancerIP: {{ .Values.exporter.svc.loadBalancerIP }} + {{- end }} + ports: + - port: 8068 + name: metrics + targetPort: 8068 + protocol: TCP + selector: + app: neuvector-prometheus-exporter-pod +{{- end }} diff --git a/charts/neuvector-monitor/103.0.0+up2.6.4/templates/exporter-servicemonitor.yaml b/charts/neuvector-monitor/103.0.0+up2.6.4/templates/exporter-servicemonitor.yaml new file mode 100644 index 000000000..25ca23d12 --- /dev/null +++ b/charts/neuvector-monitor/103.0.0+up2.6.4/templates/exporter-servicemonitor.yaml @@ -0,0 +1,39 @@ +{{- if .Values.exporter.serviceMonitor.enabled -}} +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: neuvector-prometheus-exporter + namespace: {{ .Release.Namespace }} + {{- with .Values.exporter.serviceMonitor.annotations }} + annotations: + {{ toYaml . | nindent 4 }} + {{- end }} + labels: + chart: {{ template "neuvector.chart" . }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +{{- if .Values.exporter.serviceMonitor.labels }} + {{- toYaml .Values.exporter.serviceMonitor.labels | nindent 4}} +{{- end }} +spec: + selector: + matchLabels: + app: neuvector-prometheus-exporter + namespaceSelector: + matchNames: + - {{ .Release.Namespace }} + endpoints: + - port: metrics + {{- if .Values.exporter.serviceMonitor.interval }} + interval: {{ .Values.exporter.serviceMonitor.interval }} + {{- end }} + path: "/metrics" + {{- if .Values.exporter.serviceMonitor.metricRelabelings }} + metricRelabelings: + {{- toYaml .Values.exporter.serviceMonitor.metricRelabelings | nindent 6 }} + {{- end }} + {{- if .Values.exporter.serviceMonitor.relabelings }} + relabelings: + {{- toYaml .Values.exporter.serviceMonitor.relabelings | nindent 6 }} + {{- end }} +{{- end }} diff --git a/charts/neuvector-monitor/103.0.0+up2.6.4/templates/secret.yaml b/charts/neuvector-monitor/103.0.0+up2.6.4/templates/secret.yaml new file mode 100644 index 000000000..9a04ac476 --- /dev/null +++ b/charts/neuvector-monitor/103.0.0+up2.6.4/templates/secret.yaml @@ -0,0 +1,15 @@ +{{- if .Values.exporter.enabled -}} +apiVersion: v1 +kind: Secret +metadata: + name: neuvector-prometheus-exporter-pod-secret + namespace: {{ .Release.Namespace }} + labels: + chart: {{ template "neuvector.chart" . }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +type: Opaque +data: + CTRL_USERNAME: {{ .Values.exporter.CTRL_USERNAME | b64enc | quote }} + CTRL_PASSWORD: {{ .Values.exporter.CTRL_PASSWORD | b64enc | quote }} +{{- end }} diff --git a/charts/neuvector-monitor/103.0.0+up2.6.4/values.yaml b/charts/neuvector-monitor/103.0.0+up2.6.4/values.yaml new file mode 100644 index 000000000..c3b1392c2 --- /dev/null +++ b/charts/neuvector-monitor/103.0.0+up2.6.4/values.yaml @@ -0,0 +1,51 @@ +# Default values for neuvector. +# This is a YAML-formatted file. +# Declare variables to be passed into the templates. + +global: + cattle: + systemDefaultRegistry: "" + +registry: docker.io +oem: '' +leastPrivilege: false + +exporter: + # If false, exporter will not be installed + enabled: true + image: + repository: rancher/mirrored-neuvector-prometheus-exporter + tag: 5.2.2 + # changes this to a readonly user ! + CTRL_USERNAME: admin + CTRL_PASSWORD: admin + + apiSvc: neuvector-svc-controller-api:10443 + + svc: + enabled: true + type: ClusterIP + loadBalancerIP: '' + annotations: {} + # service.beta.kubernetes.io/azure-load-balancer-internal: "true" + # service.beta.kubernetes.io/azure-load-balancer-internal-subnet: "apps-subnet" + + grafanaDashboard: + enabled: false + namespace: "" # Release namespace, if empty + labels: {} + + serviceMonitor: + enabled: false + # labels for the ServiceMonitor. + labels: {} + # annotations for the ServiceMonitor. + annotations: {} + # Scrape interval. If not set, the Prometheus default scrape interval is used. + interval: "" + # MetricRelabelConfigs to apply to samples after scraping, but before ingestion. + # ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig + metricRelabelings: [] + # RelabelConfigs to apply to samples before scraping + # ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig + relabelings: [] diff --git a/index.yaml b/index.yaml index fe2ead0bc..9c8ca3ff8 100755 --- a/index.yaml +++ b/index.yaml @@ -5001,6 +5001,36 @@ entries: - assets/neuvector-crd/neuvector-crd-100.0.0+up2.2.0.tgz version: 100.0.0+up2.2.0 neuvector-monitor: + - annotations: + catalog.cattle.io/certified: rancher + catalog.cattle.io/display-name: NeuVector Monitor + catalog.cattle.io/kube-version: '>=1.18.0-0 < 1.28.0-0' + catalog.cattle.io/namespace: cattle-neuvector-system + catalog.cattle.io/os: linux + catalog.cattle.io/permit-os: linux + catalog.cattle.io/provides-gvr: neuvector.com/v1 + catalog.cattle.io/rancher-version: '>= 2.8.0-0 < 2.9.0-0' + catalog.cattle.io/release-name: neuvector-monitor + catalog.cattle.io/type: cluster-tool + catalog.cattle.io/upstream-version: 2.6.4 + apiVersion: v1 + appVersion: 5.2.2-s1 + created: "2023-10-19T11:44:20.685082269-07:00" + description: Helm feature chart for NeuVector monitor services + digest: 2afa97c9d2550e670977ec31591c9930e08899cf68c291f0598d6c08c99e155f + home: https://neuvector.com + icon: https://avatars2.githubusercontent.com/u/19367275?s=200&v=4 + keywords: + - security + maintainers: + - email: support@neuvector.com + name: becitsthere + name: neuvector-monitor + sources: + - https://github.com/neuvector/neuvector + urls: + - assets/neuvector-monitor/neuvector-monitor-103.0.0+up2.6.4.tgz + version: 103.0.0+up2.6.4 - annotations: catalog.cattle.io/certified: rancher catalog.cattle.io/display-name: NeuVector Monitor