The feature of container network topology allows you to perform security-related operations on your clusters in a visualized manner. The feature also displays the network topology of your containers. The feature allows you to manage your containers in a more efficient manner. You can use container network topology to obtain the up-to-date security information and network connections of your containers. This topic describes how to view the network topology of running containers.

Background information

Security Center automatically refreshes the network topology of running containers and security information about the current cluster on the Radar tab at intervals of 1 minute. This ensures that you can view the up-to-date network topology and security information.

Limits

Only the Ultimate edition of Security Center supports this feature. For more information about how to purchase and upgrade Security Center, see Purchase Security Center and Upgrade and downgrade Security Center.

Prerequisites

The network topology of running containers displays the image vulnerability information that is obtained by using the feature of container image scan. If you want to view container risks, you must enable container image scan and scan images. For more information, see Enable container image scan and Scan images.
Note If you use container network topology and you do not enable container image scan, you can view only the server vulnerabilities and the network topology of the current cluster. You cannot view the container vulnerabilities in the current cluster. To ensure the security of the container runtime environment, we recommend that you enable container image scan.

Procedure

  1. Log on to the Security Center console.In the left-side navigation pane, click Overview.
  2. On the Radar tab, view the container network topology of your assets.
    The following figure shows the sections on the Radar tab. The following list describes the operations that you can perform in each section.
    • View the security score of your assets

      In the left-side section of the Radar tab, you can view the security score of your assets. The security score is calculated based on the security information of your assets. If you want to handle the risks in your assets, you can click Fix Now to go to the Security Risk panel. A higher security score indicates fewer risks in your assets. For more information about the security score, see Secure score.

    • View the number of clusters and the number of vulnerable assets

      In the left-side section of the Radar tab, you can view the number of clusters and the number of vulnerable assets. A number in gray indicates the number of clusters, and a number in red indicates the number of vulnerable assets. If you want to view the details of a specific type of assets, you can click the number on the right of an asset type go to the Container page.

    • View the network topology of a cluster by perspective

      On the Radar tab, the network topology of a cluster is displayed by perspective. You can view the network topology on the Internet Perspective or Cluster Perspective tab. In the upper part of the network topology, you can click Internet Perspective or Cluster Perspective based on your business requirements.

    • View the details and security information about a cluster
      On the Radar tab, click the required cluster. In the panel that appears, the information about the cluster is displayed on the following tabs: Cluster information, Cluster risk, Mirror information, and Protection strategy.
      • Cluster information

        On the Cluster information tab, you can view the following basic information about the cluster: Name and Cluster Type. You can also view the numbers of the following items in the cluster: Namespace, Pod, Work(s), Application, and Image.

      • Cluster risk

        On the Cluster risk tab, you can view the security risks of the cluster, such as Security Alerts, Baseline Risks, and Application Vul(s). Click Details to the right of Security Alerts. On the details page of the cluster or the vulnerability list of the Image Security page, view the details of the detected risks and handle the risks. For more information about how to handle risks, see View and handle alerts, Overview, and View image scan results.

      • Mirror information

        On the Mirror information tab, you can view the images that belong to the cluster. Find an image whose image repository is not added to Security Center and click Access Now on the right to go to the Image Security page. On the Image Security page, you can add the image repository to Security Center. For more information about how to add an image repository to Security Center, see Add image repositories to Security Center.

      • Protection strategy

        On the Protection strategy tab, you can view Defense details. The defense details include the following information: Number of intercepted alarms in the past 7 days, Total number of rules, and Defensive status. Click Create rules to go to the Create rules panel. In the panel, you can create protection rules for the cluster.

    • View the network topology of a cluster in a specified time range

      By default, the Radar tab displays the network topology of your cluster traffic in the last seven days. You can use the date picker in the upper-right corner of the Radar tab to specify a time range based on your business requirements. This allows you to view the network topology of your cluster within the specified time range. You can specify a time range within the last seven days.

    • Turn on or turn off Enable the network topology of all clusters
      By default, the network topology of all clusters is enabled. After you enable the feature of container network topology, a small amount of CPU resources are consumed. If you do not require the network topology of all clusters, you can click the Settings icon icon in the upper-right corner of the Radar tab and click the Switch icon. If you want to view the network topology of all clusters, you can turn on Enable the network topology of all clusters.
      Note We recommend that you turn on Enable the network topology of all clusters so that you can obtain the security status of each node in the network topology of all clusters.
    • Export a container network topology

      You can click the The Export icon icon in the upper-right corner of the Radar tab to export a container network topology. The exported network topology is in the PNG format.

    • View the container network topology of a cluster
      You can use one of the following methods to view the container network topology of a cluster:
      • On the Cluster information tab, click View to the right of Container Network Topology.
      • On the Radar tab, click the Icon icon below the cluster.

    On the page that displays the network topology of the cluster, an application is a node in the network topology. The network topology displays the communication links among all containers in the cluster.

    In the left-side section of the page, you can turn on or turn off Show only connected applications, Display port information, and Hide lines to view the topology information based on your business requirements.

    In the left-side section of the page, you can view all namespaces that belong to the cluster. You can click the Hide icon to the right of a namespace to hide or show the namespace. You can also click the Fold icon to the right of a namespace to hide or show the namespace.
    Note If a cluster contains a large number of applications, the network topology of the cluster is not displayed by default.

    Click an application in the network topology of the cluster and view the following information in the panel that appears: pod information, Mirror information, and Network connection. On the pod information tab, move the pointer over the name of a pod, and the pod details message appears. In the message, click View assets to view the information such as Vulnerability and Alerts.