search

kubesphere / kubeeye

KubeEye aims to find various problems on Kubernetes, such as application misconfiguration, unhealthy cluster components and node problems.
https://kubesphere.io
Apache License 2.0
810 stars 126 forks source link

Cluster Inspection Scoring Policy #161

Open panzhen6668 opened 2 years ago

panzhen6668 commented 2 years ago

How to better score clusters refer to https://en.wikipedia.org/wiki/Common_Vulnerability_Scoring_System

The following three methods of scoring policy 一.Simple weighted calculation 1.First count the total check items weighting; totalWeight = Success 2 + Warning1 + Danger * 2 (ingore excluding)

2.Then calculate according to the ratio; score = Success 2 / totalWeight 100 eg. { "scoreInfo": { "score": 79, "dangerous": 10, "passing": 50, "ignore": 5, "warning": 7, "total": 72 } } score: 50 2 / (10 2 + 50 2 + 7 1) * 100=79

二.Multiply by an availability factor (0.8-1) on the basis of the first method above, this availability factor can be dynamically valued according to the current vulnerability situation. score=(Success 2 / totalWeight 100) * factor

三. Expand the weighting range to NS Give different weighted values according to different namespaces: for example, the weighted value of kube-system is 3, the weighted value of no namespace is 2, and the ordinary namespace is 1.

totalWeight = kube-system score + no namespace score + other namespace score success score = kube-system.Success3 + no namespace.Success2 + other namespace.Success1 total score = (success score / totalWeight 100)

more other methods ...