CloudFabrix Documentation
Asset IntelligenceOps IntelligenceObservabilityRobotic Data
  • Getting Started
  • CloudFabrix Overview
  • AIOps Platform
  • AIOps Solutions
  • CloudFabrix RDA
    • RDA - Overview
      • RDA - Terminology and Artifacts
    • RDA - Installation
      • Linux OS
      • Windows OS
      • Mac OS
      • RDA Client
      • Worker Nodes
      • Event Gateway
      • Edge Collector
      • Log Shippers
        • Filebeat
        • Fluentd
        • Rsyslog
        • Syslog (udp)
        • Splunk forwarder (Windows and Linux)
        • Winlogbeat (Windows)
      • RDA Log Archives
    • RDA - Administration
      • RDA - Configuration
    • RDA - User Guide
      • RDA - AIOps Studio
        • AIOps Studio - Solution Packages
        • AIOps Studio - Pipelines
        • AIOps Studio - Explore
        • AIOps Studio - Administration
        • RDA CLI in UI
        • AIOps Studio - Examples
          • File Operations
          • Loop Operations
          • Data Management Operations - cfxdm
          • Data mapping - cfxdm - dm:eval
          • Filters - cfxdm - dm:filter
          • Data mapping - cfxdm - dm:map
          • Metadata - cfxdm-dm:metadata
          • Data mapping - cfxdm - dm:functions
            • Any_non_null
            • Concat
            • Datetime
            • Date and Timestamp
            • Evaluate
            • Fixed
            • Highest
            • Join
            • jsonDecode
            • Lower
            • Lowest
            • Match
            • Minutes_Between
            • Replace
            • Seconds_Between
            • Slice
            • Split
            • Strip
            • To_Numeric
            • Ts_To_Datetimestr
            • Upper
            • When_Null
          • Data Mapping cfxdm - dm:sort
          • Data Mapping cfxdm - dm:head
          • Data Mapping cfxdm - dm: tail
          • Data Mapping cfxdm - dm: dedup
          • Data Mapping cfxdm - dm:selectcolumns
          • Data Mapping cfxdm - dm:fixcolumns
          • Data Mapping cfxdm - dm:mergecolumns
          • Data Mapping cfxdm - dm:describe
          • Data Mapping cfxdm - dm:save
          • Data Mapping cfxdm - dm:savedlist
          • Data Mapping cfxdm - dm:recall
          • Data Mapping cfxdm - dm:concat
          • Data Mapping cfxdm - dm:groupby
          • Data Mapping cfxdm - dm:to_type
          • Data Mapping cfxdm - dm:enrich
          • Data Mapping cfxdm - dm:dns_ip_to_name
          • Data Mapping cfxdm - dm:dns_name_to_ip
        • AIOps Studio - Datasource Examples
          • Elasticsearch (v1)
      • RDA - Data Management (cfxdm)
        • cfxdm - dm:filter
        • cfxdm - dm:map
        • cfxdm - dm:functions
        • cfxdm - dm:sort
        • cfxdm - dm:head
        • cfxdm - dm:tail
        • cfxdm - dm:dedup
        • cfxdm - dm:selectcolumns
        • cfxdm - dm:mergecolumns
        • cfxdm - dm:describe
        • cfxdm - dm:hist
        • cfxdm - dm:bin
        • cfxdm - dm:fixcolumns
        • cfxdm - dm:save
        • cfxdm - dm:savedlist
        • cfxdx - dm:recall
        • cfxdm - dm:concat
        • cfxdm - dm:groupby
        • cfxdm - dm:enrich
        • cfxdm - dm:to_type
        • cfxdm - dm:dns_ip_to_name
        • cfxdm - dm:dns_name_to_ip
        • cfxdm - files:loadfile
      • RDA Terminal
        • Examples using Terminal / Commandline
    • RDA - Bot Documentation
    • RDA - Datasource Integrations
      • AppDynamics
      • Dynatrace
      • Dell EMC Unity
      • Elasticsearch
      • Infoblox NetMRI
      • Kubernetes Cluster
      • Linux OS
      • Microsoft Windows Server OS
      • Nagios XI
      • NetApp Clustered ONTAP
      • PRTG Network Monitor
      • VMware vCenter
      • VMware vRealize Operations
    • RDA - Python API
      • Class CaaSDataset
      • Class CaaSClient
      • Python API Example
    • RDA - FAQ
      • Download and Installation
      • Troubleshooting
  • CFXQL - CFX Query Language
    • CFXQL User Interface
  • Operations Intelligence Analytics (OIA)
    • Solution Overview
      • Navigating cfxOIA
      • Any title
    • Administration Guide
      • Active Directory Integration
      • Add Customer
      • First Steps
      • OIA Users
      • Add New Users and Assign Roles
      • Add Environment
      • Add Gateway
      • Add DataSource
      • Add Project
      • Project Configuration
      • Stacks
      • Teams
    • User Guide
      • Incidents
        • Incident
        • Stack
      • Alerts
      • Outcomes
  • INTEGRATIONS
    • Zabbix
    • AppDynamics
    • Dynatrace
    • NetApp C Mode
    • NetApp 7 Mode
    • Splunk Enterprise
    • VMware vCenter
  • OBSERVABILITY
  • Observability - IT Infrastructure Monitoring (cfxPulse)
    • Getting Started
    • Solution Overview
    • Installing cfxPulse Collector
    • Administrator Quick Start Guide
      • Prerequisites
      • Accessing cfxPulse
      • Configuration of cfxPulse
      • Setting Up Monitoring
      • Monitoring Using Prometheus Agents
      • How to add Prometheus Agent Details
      • Discovery of Devices
      • Monitoring Dashboard
    • End User Quick Start Guide
      • Portal Navigation
      • Monitoring Analysis
      • Monitoring
      • Alerts and Incidents
      • Reports
      • NOC/Ops
      • Configuration Backups
      • Interacting With Tabular Reports
      • Creating Custom Dashboards
  • Observability - Log Monitoring & Analytics (CFX LogAnalytics or CLA)
    • Getting Started
    • Solution Overview
    • Solution Key Components
    • Log Forwarding
      • Install and Configure Logstash
      • Sending Logs to Logstash Forwarder
    • Log Collection
      • Collecting Logs from Linux
    • Log Transformation & Enrichment
    • Logstash Installation
      • How to install Java / Logstash on client side
  • Asset Intelligence Analytics (AIA) Solution
    • Getting Started
    • Solution Overview
    • AIA Roles
      • Platform Admin
        • Managed Service Provider (MSP)
        • Authentication Server
        • Set Up Services
        • Organizations
        • Users
      • Organization Admin
        • My Organizations
      • Organization Executive
      • Organization User
    • AIA Tasks, Functions
      • Home Page Navigation
      • Filters
      • Settings Menu
      • Notifications
      • Authentical Server
      • How to Add, Edit, Delete MSP
      • Actions
        • Services
        • Files
        • Dictionaries
        • Discovery Jobs
        • Snapshots
        • Clambda Jobs
        • State Operations
        • Replacement Rate
      • Details
        • Overall
        • POR Insights
        • HW Assets
        • SW Assets
        • Contracts
        • App Dependency
        • Asset List
    • AIA API
    • Enterprise Discovery
      • cfxEdgeCollector
        • Deployment of cfxEdgeCollector
        • Configuration of cfxEdgeCollector
        • cfxEdgeCollector Command Line Options
        • cfxEdgeCollector Help Command
        • Working With cfxEdgeCollector
        • cfxEdgeCollector Auto Export
    • Asset Intelligence & Analytics (AIA) (Delete)
  • CloudFabrix SaaS
    • Signup
    • Navigation
    • User Roles
  • Support
    • Contact Support
Powered by GitBook
On this page
  • Prerequisites:
  • Inventory collection using kubectl over SSH:
  • Inventory collection using HTTP API:
  • Adding Kubernetes Cluster as Datasource/Extension in 'RDA':
  1. CloudFabrix RDA
  2. RDA - Datasource Integrations

Kubernetes Cluster

Kubernetes Cluster infrastructure inventory

Prerequisites:

Kubernetes is a portable, extensible, open source orchestration platform for managing containerized workloads and services, that facilitates both declarative configuration and automation. CloudFabrix's RDA supports integrating with Kubernetes cluster through it's CLI interface (kubectl) over SSH or API interface to collect the inventory of Kubernetes resources such as pods, nodes, services, deployments etc.. on-demand or on schedule basis.

Inventory collection using kubectl over SSH:

Create a service user account with SSH login privileges to connect to one of the Kubernetes master node (on which kubectl is installed) to collect the inventory data. The user should have privileges to run the below command.

  • kubectl get *

Note-1: If kubectl is enabled only for root user, provide sudo privileges to service user account that was created in the above step.

On CentOS, RHEL & Ubuntu, edit /etc/sudoersfile and add the kubetctl command for the user account that is used for data collection. Below configuration setting restricts the service user account to execute only the kubectl get * commands and does not allow any other administrative commands.

<user_name> ALL=(root) NOPASSWD: /usr/bin/kubectl get *

Note-2: User authentication supports both password and SSH key.

Inventory collection using HTTP API:

Follow the below steps to create a service user account with read-only permissions to Kubernetes resources for inventory data collection using Kubernetes HTTP API interface.

Step-1: Create a Namespace for service user account

kubectl create namespace cfx-kube-discovery

Step-2: Create a service user account and associate it to the above namespace.

kubectl create serviceaccount cfx-api-access -n cfx-kube-discovery

Step-3: Create a a role for service user account with below configuration contents and apply the role configuration.

kubectl apply -f cfx-api-access-role.yml

##### Content of the file

apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  name: cfx-api-access-role
  namespace: cfx-kube-discovery
rules:
  - apiGroups: [""]
    resources: ["*"]
    verbs: ["get", "list", "watch"]
  - apiGroups: ["apps"]
    resources: ["*"]
    verbs: ["get", "list", "watch"]

Step-4: Create a role binding for the service user account with the below configuration contents and apply the role bindings configuration.

kubectl apply -f cfx-api-access-role-binding.yml

##### Content of the file

apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: cfx-api-access-role-binding
  namespace: cfx-kube-discovery
subjects:
- namespace: cfx-kube-discovery
  kind: ServiceAccount
  name: cfx-api-access 
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: cfx-api-access-role
  

Step-5: Get the secret name for service user account.

kubectl get serviceaccount cfx-api-access -o=jsonpath='{.secrets[0].name}' -n cfx-kube-discovery

Step-6: Get the secret token of service user account and decode it. It shows the HTTP bearer token for service account.

Note: The secret name of the service user account 'cfx-api-access' is provided in the command's output executed in Step-5

kubectl get secrets cfx-api-access-token-XXXXX -o=jsonpath='{.data.token}' -n cfx-kube-discovery | base64 -d

Step-7: Verify the Kubernetes cluster's HTTP API access using the below sample curl command which should list all namespaces that are configured in the Kubernetes cluster.

curl -k  https://kube-cluster-ip:6443/api/v1/namespaces -H "Authorization: Bearer <bearer token>" --insecure

Adding Kubernetes Cluster as Datasource/Extension in 'RDA':

Kubernetes Cluster or any other datasource/extension's configuration is configured in RDA's user interface. Login into RDA's user interface using a browser.

https://<rda-ip-address>:9998

Under 'Notebook', click on 'CFXDX Python 3' box

In the 'Notebook' command box, type botadmin() and alt (or option) + Enter to open datasource administration menu.

Click on 'Add' menu and under Type drop down, select kubernetes-inventory

Select API or SSH to access Kubernetes cluster resources for inventory data collection.

Login Method: API (configure the below options)

  • Hostname (IP Address or DNS name of Kubernetes cluster)

  • Port (HTTP API access port, ex: 6443)

  • Protocol (http or https)

  • API Token (Service user account's bearer token extracted in Step-6)

  • Verify SSL Certificate (Optional)

Login Method: SSH (configure the below options)

  • Hostname (IP Address or DNS name of Kubernetes cluster)

  • Username (Service user account for SSH access)

  • Password (Enter the user's password only when password based authentication is used)

  • Private Key Passphrase (Enter the key passphrase only when SSH key based authentication is used)

  • SSH Private Key (Enter the SSH RSA key only when SSH key based authentication is used)

  • Port (SSH port, default is set to 22)

PreviousInfoblox NetMRINextLinux OS

Last updated 2 years ago

For the details on Kubernetes cluster inventory data collection bots, refer .

CloudFabrix RDA Bot documentation