×
$helper.renderConfluenceMacro('{bmc-global-announcement:$space.key}')
 
 
  •  
BMC Helix Discovery ... Using Discovering services with API providers

Discovering Kubernetes clusters managed by Rancher

Rancher is a Kubernetes management tool to deploy and run clusters anywhere and on any provider. Rancher can provision Kubernetes from a hosted provider, provision compute nodes and then install Kubernetes onto them, or import existing Kubernetes clusters running anywhere. Rancher can centralize authentication and role-based access control (RBAC) for all the clusters.

BMC Helix Discovery discovers Kubernetes clusters managed by Rancher. For information, see Discovering containers. The earlier approach discovers Kubernetes management software running on a host, and creates or updates an existing Kubernetes SI. The Kubernetes SI triggers additional patterns to discover the containers that the Kubernetes management software controls. For this approach the hosts must be reached with an IP scan, and host credentials must be available. 

Using the Rancher API provider enables you to discover all of the Kubernetes clusters managed by Rancher, even those hosts that cannot be reached with an IP scan.

API provider discovery of Rancher supports Rancher 2.5 and later.

Related topics

Discovering containers

Kubernetes (BMC Discovery Content Reference)

To discover Kubernetes clusters by using Rancher API provider

The following table describes the tasks that you must perform in the specified sequence, the description of the action that you must perform, and the reference to the procedure:

TaskActionProcedure
1

Ensure that the Rancher management system has suitable permissions to enable you access to Kubernetes clusters managed by it.

Ensure access permissions for the Rancher management system
2

Create an API provider credential valid for the Rancher.

Create an API provider credential
3

Perform an API scan

Perform an API scan

Ensure that the Rancher management system has suitable permissions to enable you access to Kubernetes clusters managed by it

For any Rancher clusters in which you want to discover all supported resources, you must provide BMC Helix Discovery with a token to authenticate with Rancher. You can obtain a token by using the Rancher UI. The Rancher user must have at least the read (get/list) permissions on the required resources in the appropriate API groups for each cluster.
More details about Rancher users management can be obtained here . The required resources are retrieved by using BMC Helix Discovery API queries while scanning the Rancher clusters.

Rancher Bearer token

Rancher token authentication uses a token valid for all clusters or individual Rancher clusters according to scope.

For instructions on obtaining a token to use in the API provider credential, see API Keys and User Authentication

Create an API provider credential valid for the Rancher system

Use the Rancher URL and token that you have just created and retrieved to create the API provider credential. For information on creating credentials, see Adding credentials.

API provider credentials use the Rancher URL to connect.

Perform a snapshot API scan 

  1. On the Manage > Discovery page, click Add New Run.
  2. In the Timing field, select Snapshot.

  3. In the Targeting field, select API.

  4. Enter the information for the snapshot API provider discovery run in the fields.

    Field name

    Details

    Label

    Enter a label for the discovery run. Where the discovery run is referred to in the UI, it is this label that is shown.

    Timing

    Select the run type, one of:

    • Snapshot — The run is performed immediately.

    • Scheduled — The run is performed according to the scheduling information you enter.

    For this snapshot scan, select Snapshot.

    Targeting

    Select the target for the discovery run. This is one of:

    • IP Address — Enter IP address information.
    • Cloud — Enter cloud provider information.
    • API — Enter API provider information.

    For this API provider scan, select API.

    Provider

    Specify the type of API provider. Currently, BMC Helix Discovery supports the following providers:

    • Kubernetes/OpenShift Cluster
    • MongoDB Atlas
    • Rancher Managed Kubernetes Clusters 

    Restrict by Organization

    This field is available only if you have enabled the Enable Restricted Organizations setting in the Administration > Other Settings UI. For more information, see Configuring discovery settings.

    Select the organization that you want to use for the scan. The organizations available in the list are limited to those organizations of which the logged-in user is a member. The organization you select impacts the Outposts available in the scope via field. For more information, see Outposts restricted by organizations.  

    Credential

    The list is populated with valid credentials for the selected provider. Select the credential or credentials to use for the discovery run.

  5. Click OK to start the run.

 

This example uses a snapshot scan. For information on running scheduled cans, see Performing a discovery run.


Viewing the discovered Rancher clusters

Once you have discovered a Rancher, you can view the clusters it manages. To do so:

  1. From the Discovery page, select the Recent Runs tab.

  2. Click the snapshot API scan you just performed.


  3. Click the Clusters icon.


  4. Click any Cluster from the list.

For more information

For more information about the discovery of each Kubernetes cluster, see Kubernetes in the BMC Discovery Content Reference.


Was this page helpful? Yes No Submitting... Thank you
Last modified by Vinay Bellare on Feb 28, 2023
kubernetes kubernetes_clusters help_op_manage_disco production_ready help_op_manage_creds help_disco_tasks help_addconfig_creds help_addconfig_creds_op rancher

Comments

Log in or register to comment.

Discovering Kubernetes clusters
Discovering MongoDB Atlas clusters
© Copyright 2004 - 2023 BMC Software, Inc.
Legal notices

Powered by Atlassian Confluence and Scroll Viewport

© Copyright 2005-2023 BMC Software, Inc. Use of this site signifies your acceptance of BMC’s Terms of Use . BMC, the BMC logo, and other BMC marks are assets of BMC Software, Inc. These trademarks are registered and may be registered in the U.S. and in other countries.