This repository uses the following applications:
Here is how to use the resources:
Create a monitoring namespace:
kubectl create ns monitoring
Install the helm prometheus stack chart:
helm repo add prometheus-community https://prometheus-community.github.io/helm-charts
helm upgrade --install prom prometheus-community/kube-prometheus-stack -n monitoring --values observability-conf/prom-values.yaml
Install promtail to colelct logs from every node:
helm upgrade --install promtail grafana/promtail -f observability-conf/promtail-values.yaml -n monitoring
Install loki to collect all the logs from promtail:
helm upgrade --install loki grafana/loki-distributed -n monitoring
Install Trivy operator:
helm repo add aqua https://aquasecurity.github.io/helm-charts/
helm repo update
And finally, the Helm chart can be installed with the following command:
helm install trivy-operator aqua/trivy-operator \
--namespace trivy-system \
--create-namespace \
--set="trivy.ignoreUnfixed=true" \
--version 0.1.3
Make sure to cross-check the updated installation incl. the latest versio of the operator in the docs: https://aquasecurity.github.io/trivy-operator/latest/operator/installation/helm/
Install the Trivy exporter -- note that here we are still using the old Starboard exporter:
helm repo add giantswarm https://giantswarm.github.io/giantswarm-catalog
helm repo update
helm upgrade -i trivy-exporter --namespace <trivy namespace> giantswarm/starboard-exporter
Install tracee to monitor your cluster:
kubectl apply -f observability-conf/tracee.yaml
Create application:
kubectl create ns app
kubectl apply -f app-manifests -n app
You can then port-forward to grafana:
kubectl port-forward service/prom-grafana -n monitoring 3000:80
The login is: Username: admin Password: prom-operator
And provide Grafana with the dashboards in the observability-conf folder.
