Cloud Discovery & Visibility imports two components of EKS: cluster and node pool data.
In the following image, GKE clusters have been created in the GCP infrastructure.
When imported into Address Manager, an GKE cluster is represented by a device with the Kubernetes Clusters device subtype.
Within the GCP infrastructure, each GKE cluster is registered with a VPC. To represent this relationship in Address Manager, a tag is created with the same name as the GKE Cluster Device and linked to the corresponding address space.
In the following image, a node pool have been added to an existing GKE cluster in the GCP infrastructure.
When imported into Address Manager, an GKE node pool is represented by a tag. The node pool tag is added to the associated GKE cluster device.
Within the GCP infrastructure, a node pool manages one or more VM instances. If you enable the discovery of VM instances, node pools tagged to the VM instance device are also imported
Tag hierarchy in Address Manager
When GKE data is imported into Address Manager, it is imported as a hierarchy of tags based on the region, cluster, and node group of the GKE data.
- Tag Group: named as Google Kubernetes Engine to distinguish GKE data from other resource tags.
- Level 1 tag: named as the Project Name in GCP to distinguish cluster and node pool tags from other resource groups.
- Level 2 tag: named as the BlueCat configuration name. Since tags are used across configurations, using the name of the BlueCat configuration avoids data conflict and mismatches when multiple discovery and visibility requests are run against resources on the same Address Manager.
- Level 3 tag: named as the cluster name.
- Level 4 tag: named as the node pool name.