Cisco Panoptica has plugins that can be used to identify Kubernetes workloads (pod templates) upstream, in the CI/CD stages of development, and send this information to the Panoptica server. Then, when the workload is deployed in an environment, Panoptica can apply security and runtime policies to it (allow it to run or connect with other workloads, or block it).
You can also define Kubernetes templates manually, in the Pod Templates tab on the Deployments page. This is a solution for situations when upstream tools are not used.
Click New Pod Template to manually create a template.
Enter a name for the template.
Select the template type.
Select the cluster on which it will be deployed, from among the clusters defined in Panoptica.
Define labels, with values, for the template. These can be used, for example, in runtime policy rules, to select templates.
Enter the image and tag.
View a list of the pod templates in the POD TEMPLATES tab of the Deployments page. This shows details for each template, including the cluster it is deployed on.
The SOURCE field indicates where the template is defined. Templates defined in a CD tool (using the Panoptica plugin) have source Kubernetes, while those defined in the UI, using the New Pod Template function, have source Manual.
To modify a template, select if from list and then click Edit. Make the changes, as required, and then click FINISH.
To delete a template, select if from the list and then click Delete.
Updated 3 months ago