Uploads to Rancher

Rancher manages clusters through its control plane. Managed clusters send data to Rancher's central management servers. This includes "always-on" data, exchanged with Rancher whenever the cluster has Internet access, and "on-demand" data, which should be explicitly requested by Forcepoint Support via the Rancher UI.

Always-On Data sent to Rancher includes:

Cluster Metadata:

  • Information about the cluster

  • Nodes list and metadata (IP address, hostname, cluster role, etc.)

  • K3s version

Health and Monitoring Data:

  • CPU and RAM usage on each cluster node

  • Current Metrics (via Prometheus)

  • Fleet agent heartbeat

  • Fleet bundle synchronization data

  • Current cluster status (healthy/unhealthy)

On-Demand Data:

Cluster Metadata:

  • Resource allocation (which Kubernetes resource runs on which node)

  • Current cluster-level Alerts

  • Current cluster-level Events

Kubernetes Objects:

  • List Kubernetes objects (usually Pods and Configurations)

  • Delete one or more objects

  • Create a new Kubernetes definition

  • Update existing definition (limited)

Kubernetes Container Logs:

  • Current logs via Rancher UI

  • Historical logs via Loki and Prometheus

Health and Monitoring Data:

  • Historical metrics via Grafana

kubectl Commands Output:

Rancher allows running kubectl exec into running containers, but this feature is blocked by our WAF. Support needs SSH access or screen-sharing with the customer to execute these commands.

None of those categories are critical for operation, and access to Rancher can be disabled after deployment.