Kubernetes cluster components descriptions

Usage Controller

Usage Controller regularly reports usage data which is used for Cloud One billing and for determining installed helm versions.

trendmicro-usage-controller-xxxxxxxxxx-xxxxx

• controller-manager
• rbac-proxy

Admission Controller

Admission Controller is used to validate Kubernetes and to perform block or log actions based on deployment policy.

trendmicro-admission-controller-xxxxxxxxxx-xxxxx

• trendmicro-admission-controller

Oversight Controller

The Oversight Controller component repeatedly scans Kubernetes resources against continuous policy and handles isolation and termination actions. Used for continuous compliance policy enforcement.

trendmicro-oversight-controller-xxxxxxxxx-xxxxx

• controller-manager
• rbac-proxy

Workload Operator

The Workload Operator component detects unique, running container images for the runtime scanning feature and also collects Kubernetes resource data for the Inventory feature.

trendmicro-workload-operator-xxxxxxxxxx-xxxxx

• trendmicro-workload-operator

Scout

Scout provides a runtime security feature, controls runtime rules, and handles event aggregation and uploads. A deamonset is deployed per node.

trendmicro-scout-xxxxx

• falco
• scout

K8s-metacollector

The k8s-metacollector fetches the metadata from the API server for various Kubernetes resources and transmits the metadata to the in-cluster components, like Falco instances, to decrease the performance impact to Kubernetes API server.

trendmicro-metacollector-xxxxxxxxxx-xxxxx

• k8s-metacollector

Scan Manager

Scan Manager manages in-cluster vulnerability scans and starts Scan Jobs.

trendmicro-scan-manager-xxxxxxxx-xxxxx

• scan-manager

Scan Job

Scan Job generates SBOMs for container images and reports to Scan Manager. This pod deploys in the target pod name-space.

trendmicro-scan-job-xxxxxxxxxx-xxxxx

• scan-job