In this blog post we will cover the following topics
- Tanzu Mission Control - - Cluster Inspections Overview - - What Inspections are available - - Performing Inspections - - Viewing Inspections
The follow up blog posts are;
Tanzu Mission Control - Getting Started Tanzu Mission Control - Cluster Inspections - Workspaces and Policies - Data Protection - Deploying TKG clusters to AWS - Upgrading a provisioned cluster - Delete a provisioned cluster - TKG Management support and provisioning new clusters - TMC REST API - Postman Collection
Cluster Inspections Overview
This for me is one of the best features of Tanzu Mission Control, and an area which I expected will be developed further in the future.
Cluster inspections provide a point-in-time report of the condition of the cluster, you might want to run them periodically (to avoid drifting out of conformance) and any time you make significant alterations, such as after you patch or upgrade a cluster.
This capability is achieved by using Sonobuoy, an open source community standard, which provides diagnostics of your Kubernetes environments through conformance testing and additional plugins.
What Inspections are available?
The following cluster inspections are available from the Overview and Inspection tabs of the cluster detail page in the Tanzu Mission Control console.
- Conformance inspection;
Validates the binaries running on your cluster and ensures that your cluster is properly installed, configured, and working. You can view the generated report from within Tanzu Mission Control to assess and address any issues that arise. For more information, see the Kubernetes Conformance documentation at https://github.com/cncf/k8s-conformance/tree/master/docs.
- CIS benchmark inspection;
Evaluates your cluster against the CIS Benchmark for Kubernetes published by the Center for Internet Security.
- Lite inspection;
Is a node conformance test that validates whether nodes meet requirements for Kubernetes. For more information, see Validate node setup in the Kubernetes documentation.
To perform an inspection, there are two ways; from the inspections tab when view a cluster object (as in the above screenshot).
Or you can do this from the Inspections navigation page, as below.