概述
NeuVector 相关操作记录笔记
Swagger 查看 REST API 接口信息
1
| docker run -d -p 8080:8080 swaggerapi/swagger-ui
|
导入 NeuVector API 地址:
1
| https://raw.githubusercontent.com/neuvector/neuvector/main/controller/api/apis.yaml
|
NeuVector 暴露 REST API
1
2
3
4
5
6
7
8
9
10
11
12
13
| apiVersion: v1
kind: Service
metadata:
name: neuvector-service-controller
namespace: cattle-neuvector-system
spec:
ports:
- port: 10443
name: controller
protocol: TCP
type: NodePort
selector:
app: neuvector-controller-pod
|
设定 Debug
Controller Debug
1
| kubectl -n cattle-neuvector-system exec -it manager-xxxx -- cli
|
1
2
3
4
5
6
7
8
9
10
11
| ## admin/admin
login
show controller
set controller xxxxxx debug -c all
show controller setting xxxxxx
## disable debug
set controller xxxxxx debug
|
开启datapath Debug 模式
设定了网络规则,但是告警有问题,可以开启这个模式
1
| set controller ab5020e0fb84 debug -c cpath -c conn
|
1
2
3
4
5
6
7
| > show controller setting ab5020e0fb84
+-----------+-------------+
| Field | Value |
+-----------+-------------+
| log_level | debug |
| debug | conn, cpath |
+-----------+-------------+
|
查看scanner CVE DB 最新版本
1
| https://raw.githubusercontent.com/neuvector/manifests/main/versions/scanner
|
查看 CVE DB
1
| https://vdb.neuvector.com/
|