msmagnanijr
commented
4 years ago +1
Open ricardozanini opened 4 years ago
msmagnanijr
commented
4 years ago +1
derailed
commented
4 years ago @ricardozanini @msmagnanijr Absolutely brilliant!! Thank you for this report Ricardo! I think that makes sense, but will need to noodle on this a bit to figure out best ways to surface the scans and reports. You can already run Popeye in cluster via cronjob so don't think that's to far fetch to turn it into an operator. Also thank you for your offer to help, I'll ping here once I've had a chance to give it a rinse...
ricardozanini
commented
4 years ago @derailed awesome! So let’s keep in touch. :)
I think will give even more traction to the Kubernetes community since we will add it to the OperatorHub.
EDIT: I guess I can work with a POC using the CronJob as an example.
karanmagdani
commented
4 years ago @derailed @ricardozanini Hey guys, I am currently in the process of doing something similar ( not using operators though), I have done the following: 1) Created a dynamic Helm chart using CronJob and configmap, runs on all clusters 2) After https://github.com/derailed/popeye/pull/67 is merged, I will push the data from all clusters on a single S3 bucket (just manually uploaded the json for now) 3) Created a basic golang app (dockerized) that reads from this S3 bucket, and currently dumps json as static content on web ui. 4) Created a popeye-reports helm chart that uses the dockerized image from above and deploys it on kubernetes with deployment, svc, ingress.
My plan now is to convert the json report into a nice web ui
Let me know if I can help in any way, bit new to golang but happy to help :)
ricardozanini
commented
4 years ago @karanmagdani1 after you finish the web ui, we can add it to the PoC I'm envisioning. Once I start working on it, I'll let you know by posting in this thread.
derailed
commented
4 years ago @ricardozanini @karanmagdani1 Thank you both for your input! Moving the needle a bit more in v0.8.0. As of this drop, Popeye can leverage k8s factories to observe resources. So I think we can now get notification when a resource changes that should allow us to run cluster scans on observed resources.
@karanmagdani1 you've also probably saw html support was added in the prev release that should allow you to generate html reports upon your cron invocations.
Is your feature request related to a problem? Please describe. It's not a problem. But would be nice to have Popeye running on a cluster as a Kubernetes Operator, so users would have reports direct into the cluster (we could have a static content served on NGINX - or events and mail notifications). Plus the Operator would have "real time" data to work with.
Describe the solution you'd like Creating a Popeye Operator (scope TBD) to include all its features into a cluster as a Kubernetes native application.
Describe alternatives you've considered None
Additional context I'm the maintainer of the Nexus and Kogito Operator, if you guys consider this project, we can sit down and discuss it further. I'm willing to help.
:-)