Hands-on with Policy Reporter

2021-04-08

In this episode, we take a look at a new open source project: Policy Reporter. Policy Reporter brings visibility into Kyverno policy enforcement.


šŸæ Rawkode Live

Hosted by David McKay / šŸ¦ https://twitter.com/rawkode
Website: https://rawkode.live
Discord Chat: https://rawkode.live/chat

#RawkodeLive

šŸ•° Timeline

00:00 - Holding screen
01:00 - Introductions
04:20 - What is Policy Reporter?
11:00 - Installing Policy Reporter
13:20 - Policy Reporter UI
24:00 - Integrating with Prometheus and Grafana

šŸ‘„ About the Guests

Frank Jogeleit

Software Developer @move:elevator. I love learning new technologies the trial and error way. I have been working as a DevOps hobbyist with Kubernetes for almost a year.


šŸ¦ https://twitter.com/FrankJogeleit
šŸ§© https://github.com/fjogeleit



šŸ”Ø About the Technologies

Kyverno

Kyverno is a policy engine designed for Kubernetes. With Kyverno, policies are managed as Kubernetes resources and no new language is required to write policies. This allows using familiar tools such as kubectl, git, and kustomize to manage policies. Kyverno policies can validate, mutate, and generate Kubernetes resources. The Kyverno CLI can be used to test policies and validate resources as part of a CI/CD pipeline.

šŸŒ https://kyverno.io/
šŸ¦ https://twitter.com/kyverno
šŸ§© https://github.com/kyverno/kyverno

#Policy #Compliance #Kubernetes


Policy Reporter

Creates Prometheus Metrics for PolicyReports and ClusterPolicyReports. Ships with an optional Web UI and can send new Results to different Clients like Loki and Elasticsearch. Provides a optional Monitoring Subchart with a ServiceMonitor and Grafana Dashboards for the Prometheus Operator.



šŸ§© https://github.com/fjogeleit/policy-reporter