API for retrieving information on a Kubernetes resource on-demand - Support and Troubleshooting

API for retrieving information on a Kubernetes resource on-demand When CNO is deployed, a scripted API can be used to send a request to the informer to get the information on a specific Kubernetes resource.

The script name is sn_acc_visibility.K8sInformerGetResourceApi and it is open to all application scopes, but will reject calls from users who do not have the discovery_admin role.

The caller should call the script function getResources which accepts two parameters:

Informer – the informer name as seen in the Name field (e.g. k8s_informer_05a96879-9ea0-4e2d-bc19-cd99cc8f983c) Resources – array of resource requests. Each resource request has the following fields: url : this is the URL of the request resource in the Kubernetes API server. The URL does not include the protocol and host name. Example: apis/apps/v1/namespaces/servicenow/deployments/k8s-informer-cno

jsonPath : this is an optional parameter allowing the caller to specify which part in the resource JSON we would like to send to the instance. Example ( " .spec " )

targetUrl : this is the URL on the instance to which the informer will post the result.

Example of an API call:

var requests = [ { url: 'apis/apps/v1/namespaces/servicenow/deployments/k8s-informer-cno' ,

targetUrl: 'api/sn_acc_visibility/informer/resource?cluster_name=my_cluster' ,

jsonPath: '.spec'

}

];

new sn_acc_visibility. K8sInformerGetResourceApi ().getResources( 'k8s_informer_05a96879-9ea0-4e2d-bc19-cd99cc8f983c' ,requests);

The Happy Path On the instance, when a request is processed and a command is sent to the informer, the syslog will show:

K8sInformer[K8sInformerGetResourceApi] K8sInformerGetResourceApi message sent to informer k8s_informer_47685711-e83e-4169-b84b-5ce610713375

When the informer receives the request and processes it successfully, the log messages report on that. As an example:

2024/05/05 13:02:40 Accepted command: get_resource=[{"url":"apis/apps/v1/namespaces/trivy-system/deployments/trivy-operator","targetUrl":"/api/sn_acc_visibility/informer/resource?cluster_name=my_cluster"}]

2024/05/05 13:02:41 Payload size 6278 posted to https://cnotal5.service-now.com/api/sn_acc_visibility/informer/resource?cluster_name=my_cluster

Error Conditions Detected On the Instance Side The calling user does not have the discovery_admin role

Action taken: Exception thrown and shown in the system logs

One of the requests does not have the mandatory attributes url and targetUrl

Action taken: Exception thrown and shown in the system logs

Requests input argument is not provided

Action taken: Exception thrown and shown in the system logs

The number of requests exceeds the maximum allowed (10)

Action taken: Exception thrown and shown in the system logs

The informer name is not found

Action taken: Reported in syslog

The informer name is found, but the informer is not in the Up state

Action taken: Reported to syslog

Error Conditions Detected On the Informer Side All errors are reported in the informer's log.

The number of requests in a single command exceeded the maximum allowed.

The informer will drop request beyond the declared limit.

(the maximum is defined in Helm value maxGetResourceRequests with default of 10).

The size of the payload of a single request exceeds the maximum allowed.

The informer will report to the log and ignore the request

(the size is defined in Helm value getResourceMaxBytes with the default of 5242800).

Missing url or targetUrl in a request

The informer will drop the invalid requests

Failure to get the resource from Kubernetes API server

The informer will drop the request and report to the log

The payload extracted using the given JSON path resulted in empty payload

The informer will drop the request and report to the log

Failure to complete the HTTP post call to the instance

The informer will retry two times by default (controlled by Helm value httpRestApiPostRetryCount)

Http Post call was successful but the status code was >= 400

Error will be reported to the informer log

The Instance Side Scripted Rest API The URL provided in the get_resource request should correspond to a scripted rest API endpoint. The associated script should look like this:

( function process( /*RESTAPIRequest*/ request, /*RESTAPIResponse*/ response) {

// The resource payload will be in request.body.dataString

var reqStr = request.body.dataString;

// The request may come with query parameters

if (request.queryParams)

gs.info( 'Informer request params: ' + JSON .stringify(request.queryParams));

// Put your logic here

gs.info( 'Uploaded from informer: ' + reqStr);

})(request, response);