This message was deleted Rancher Users #neuvector-security

Join Slack

This message was deleted.

# neuvector-security

adamant-kite-43734

09/05/2024, 7:03 AM

This message was deleted.

nutritious-computer-61979

09/05/2024, 9:42 AM

fixed it, the problem is that a GET to

Copy code

<api url>/v2/system/config

Wil give you output in v1 format. I loaded the api docs in swagger, see link https://raw.githubusercontent.com/neuvector/neuvector/main/controller/api/apis.yaml You will need to look at the model, this is the correct call

Copy code

- name: Disable Network Policy Enforcement
      ansible.builtin.uri:
        url: "{{ nv_url }}/v2/system/config"
        method: PATCH
        headers:
          {
            "X-Auth-Token": "{{ nv_token }}",
            "accept": "application/json",
            "Content-Type": "application/json"
          }
        body_format: json
        body: {
          "net_config": {
            "disable_net_policy": true
          }
        }
        status_code: 200
        validate_certs: "{{ nv_ca_verify }}"

quaint-candle-18606

09/05/2024, 2:46 PM

Good catch!

quaint-candle-18606

09/05/2024, 3:16 PM

Curious: Why did you choose to disable network policy enforcement?

nutritious-computer-61979

09/06/2024, 5:23 AM

We have other tools like kyverno to create networkpolicies by default on the namespaces.

nutritious-computer-61979

09/06/2024, 7:04 AM

Also the feedback we got from our powerusers is that exporting en importing policies gives to much issues.

2 Views

Open in Slack

Previous Next