Shipa Insights Module


Upgrading Shipa > 1.7.1 to 1.7.2

If leveraging Shipa Self-Manged e.g on-prem and were running a version less than 1.7.1, post the 1.7.1 upgrade, will need to run the Shipa Cluster Update command on connected clusters that you want to get Insights from.

shipa cluster update CLUSTERNAME

What is Shipa Insights?

Shipa Insights is designed to report on compliance/conformance against Shipa Policies and provide engineering efficiency metrics. Shipa Insights can help bolster security posture and help prioritize where there are engineering bottlenecks in regards to Kubernetes workloads. Shipa Insights will work on workloads deployed through Shipa and workloads that are auto-discovered by Shipa.

Getting Started with Shipa Insights

Shipa Insights is automatic and starts reporting on policy violations against your Framework(s). Applications can either be deployed through Shipa or auto-discoverd through Shipa. To take a look at your current violations, click on the Insights Module in the left hand navigation. Then click on an Application to view the violations.

1529 1529

Taking a look at the Shipa Framework that the workload that has been deployed or auto-discovered against will give you an idea of the policies that are being checked for.


In the above Framework, if an item is not respecting the Resource Consumption limits, this will show up as a policy violation.



Modifying a Framework Updates Violations

By modifying a Shipa Framework, policy violations in Shipa Insights will be updated.

Eventing Policy Violations

Shipa has the ability to send events to external systems using Webhooks. Here is an example of sending multiple policy violations to Slack via Webhook. Can learn more about Webhooks in the docs.

shipa event webhook create policy-violation -d "Policy Violations" -t shipa-team -m POST -b '{"text": "*Policy Violation Alert.*\n*Event Type:* {{.Kind.Name}}\n*Policy Violated:* {{.Target.Value}}"}' --kind-name framework.create --kind-name policy.resource-limits.violation --kind-name policy.pod-auto-scaler.violation --kind-name policy.container.violation