Viewing Container Assets
Scenarios
HSS can collect information about container assets, including clusters, nodes, containers, images, and container fingerprints. With the container asset function, you can centrally count container assets and detect unsafe assets in a timely manner.
This section describes how to view collected container asset information.
Constraints
- Only the HSS container edition supports the container fingerprint function.
- Only Linux is supported.
Viewing Cluster Information
- Log in to the management console.
- In the upper left corner of the page, select a region, click
, and choose Security & Compliance > Host Security Service.
- Choose
. Click the Cluster tab.Figure 1 Clusters
- (Optional) If you have enabled the enterprise project function, select an enterprise project from the Enterprise Project drop-down list in the upper part of the page to view its data.
- View the cluster list, workload, service, and pod information.
Viewing Node Information
- Log in to the management console.
- In the upper left corner of the page, select a region, click
, and choose Security & Compliance > Host Security Service.
- Choose
. Click the Nodes tab.Figure 2 Nodes
- (Optional) If you have enabled the enterprise project function, select an enterprise project from the Enterprise Project drop-down list in the upper part of the page to view its data.
- View information about cluster nodes and independent nodes.
Viewing Container Information
- Log in to the management console.
- In the upper left corner of the page, select a region, click
, and choose Security & Compliance > Host Security Service.
- Choose
. Click the Containers tab.Figure 3 Containers
- (Optional) If you have enabled the enterprise project function, select an enterprise project from the Enterprise Project drop-down list in the upper part of the page to view its data.
- View container information.
Viewing Image Information
- Log in to the management console.
- In the upper left corner of the page, select a region, click
, and choose Security & Compliance > Host Security Service.
- Choose
. Click the Images tab.Figure 4 Images
- (Optional) If you have enabled the enterprise project function, select an enterprise project from the Enterprise Project drop-down list in the upper part of the page to view its data.
- View the CI/CD image, local image, and container image information.
Viewing Container Fingerprint Information
- Log in to the management console.
- In the upper left corner of the page, select a region, click
, and choose Security & Compliance > Host Security Service.
- Choose Asset Management > Container Fingerprints. Click the Container Fingerprints tab. View the fingerprint data of all containers.
To view the fingerprints of a single container, choose
, and click the server name where the container is deployed. On the node details page that is displayed, choose .Figure 5 Container fingerprints - (Optional) If you have enabled the enterprise project function, select an enterprise project from the Enterprise Project drop-down list in the upper part of the page to view its data.
- Click a fingerprint type in the list to view the asset information.
- (Optional) Remove risky assets.
If you find unsafe assets after counting, remove them in a timely manner.
If you receive port alarms, you can set Dangerous Port to Yes in the search box of the Open Ports area to filter dangerous ports. You are advised to handle unsafe ports as follows:
- If HSS detects open high-risk ports or unused ports, check whether they are really used by your services. If they are not, disable them. For dangerous ports, you are advised to further check their program files, and delete or isolate their source files if necessary.
- If a detected high-risk port is actually a normal port used for services, you can ignore it. Ignored alarms will neither be recorded as unsafe items and nor trigger alarms.
High-risk port list describes the common dangerous ports.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot