sensu-plugins-kubernetes-reactiveops 0.1.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/CHANGELOG.md +50 -0
- data/LICENSE +22 -0
- data/README.md +229 -0
- data/bin/check-kube-apiserver-available.rb +56 -0
- data/bin/check-kube-nodes-ready.rb +59 -0
- data/bin/check-kube-pods-pending.rb +116 -0
- data/bin/check-kube-pods-restarting.rb +116 -0
- data/bin/check-kube-pods-running.rb +104 -0
- data/bin/check-kube-pods-runtime.rb +116 -0
- data/bin/check-kube-service-available.rb +121 -0
- data/bin/handler-kube-pod.rb +87 -0
- data/bin/metrics-pods.rb +59 -0
- data/lib/sensu-plugins-kubernetes.rb +1 -0
- data/lib/sensu-plugins-kubernetes/cli.rb +96 -0
- data/lib/sensu-plugins-kubernetes/client.rb +126 -0
- data/lib/sensu-plugins-kubernetes/version.rb +9 -0
- metadata +242 -0
checksums.yaml
ADDED
@@ -0,0 +1,7 @@
|
|
1
|
+
---
|
2
|
+
SHA1:
|
3
|
+
metadata.gz: 25b537379f6e02c1eeddab70d94520a43616d6c1
|
4
|
+
data.tar.gz: bccba5e6690207a3b3bb71d5ec1427e3ac1303e0
|
5
|
+
SHA512:
|
6
|
+
metadata.gz: 4f4673f8517e188270b429baf4a4f922359153a13dbe093e7b170ed0321c1873881aa6f40bfce8e3877babc02c03186da7c0e976dc8974fc7b259e6a660bf48b
|
7
|
+
data.tar.gz: 5f501632b0e28e4a12500effa1ed51aa7602c3e0abcbe788112540e4b45655050fe13d7a515ad809018e367cff844654f03c2b420b8a6693b9788113923177d2
|
data/CHANGELOG.md
ADDED
@@ -0,0 +1,50 @@
|
|
1
|
+
#Change Log
|
2
|
+
This project adheres to [Semantic Versioning](http://semver.org/).
|
3
|
+
|
4
|
+
This CHANGELOG follows the format listed at [Keep A Changelog](http://keepachangelog.com/)
|
5
|
+
|
6
|
+
## [Unreleased]
|
7
|
+
### Added
|
8
|
+
- Added metrics-pods.rb that will output the number of running pods per service
|
9
|
+
- Added check-kube-pods-running check
|
10
|
+
- Split check-kube-pods-pending into two checks; the original still checks for
|
11
|
+
pending pods, the restart count portion has been split into it's own check.
|
12
|
+
|
13
|
+
## [0.1.2] - 2016-08-07
|
14
|
+
### Fixed
|
15
|
+
- check-kube-service-available.rb: fixed error caused by misspelling of true boolean (@justinhammar)
|
16
|
+
|
17
|
+
### Changed
|
18
|
+
- check-kube-pods-pending.rb: Add namespace to output (@ajohnstone)
|
19
|
+
- check-kube-service-available.rb: Add namespace to output (@ajohnstone)
|
20
|
+
- pin `activesupport` to `< 5.0.0` to maintain compatability with Ruby < 2.2 (@eheydrick)
|
21
|
+
|
22
|
+
## [0.1.1] - 2016-05-17
|
23
|
+
### Fixed
|
24
|
+
- cli.rb: Fixed typo in critical call
|
25
|
+
|
26
|
+
## [0.1.0] - 2016-05-15
|
27
|
+
### Added
|
28
|
+
- Added flag to ignore namespaces in check-kube-pods-pending
|
29
|
+
- check-kube-service-available.rb: Will not mark a service as failed if any needed pod is running and ready
|
30
|
+
- check-kube-service-available.rb: Added options to allow of pod pending for given time to be counted as valid
|
31
|
+
- Factored all checks to share a common base class for connecting to Kubernetes
|
32
|
+
- Added flags to specify certificate authority and Kubernetes bearer token
|
33
|
+
- Added flags to specify client certificate/key and in-cluster support
|
34
|
+
- Support for Ruby 2.3
|
35
|
+
|
36
|
+
### Fixed
|
37
|
+
- check-kube-service-available.rb: Fixed scope issue in main block that would cause a nil error
|
38
|
+
|
39
|
+
### Changed
|
40
|
+
- Update to Rubocop 0.40 and cleanup
|
41
|
+
- Update to kubeclient 1.1.3
|
42
|
+
|
43
|
+
## 0.0.1 - 2016-03-03
|
44
|
+
### Added
|
45
|
+
- initial release
|
46
|
+
|
47
|
+
[Unreleased]: https://github.com/sensu-plugins/sensu-plugins-kubernetes/compare/0.1.2...HEAD
|
48
|
+
[0.1.2]: https://github.com/sensu-plugins/sensu-plugins-kubernetes/compare/0.1.1...0.1.2
|
49
|
+
[0.1.1]: https://github.com/sensu-plugins/sensu-plugins-kubernetes/compare/0.1.0...0.1.1
|
50
|
+
[0.1.0]: https://github.com/sensu-plugins/sensu-plugins-kubernetes/compare/0.0.1...0.1.0
|
data/LICENSE
ADDED
@@ -0,0 +1,22 @@
|
|
1
|
+
The MIT License (MIT)
|
2
|
+
|
3
|
+
Copyright (c) 2016 Sensu Community Plugins
|
4
|
+
|
5
|
+
Permission is hereby granted, free of charge, to any person obtaining a copy
|
6
|
+
of this software and associated documentation files (the "Software"), to deal
|
7
|
+
in the Software without restriction, including without limitation the rights
|
8
|
+
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
9
|
+
copies of the Software, and to permit persons to whom the Software is
|
10
|
+
furnished to do so, subject to the following conditions:
|
11
|
+
|
12
|
+
The above copyright notice and this permission notice shall be included in all
|
13
|
+
copies or substantial portions of the Software.
|
14
|
+
|
15
|
+
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
16
|
+
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
17
|
+
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
18
|
+
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
19
|
+
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
20
|
+
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
|
21
|
+
SOFTWARE.
|
22
|
+
|
data/README.md
ADDED
@@ -0,0 +1,229 @@
|
|
1
|
+
## Sensu-Plugins-kubernetes
|
2
|
+
|
3
|
+
[![Build Status](https://travis-ci.org/sensu-plugins/sensu-plugins-kubernetes.svg?branch=master)](https://travis-ci.org/sensu-plugins/sensu-plugins-kubernetes)
|
4
|
+
[![Gem Version](https://badge.fury.io/rb/sensu-plugins-kubernetes.svg)](http://badge.fury.io/rb/sensu-plugins-kubernetes)
|
5
|
+
[![Code Climate](https://codeclimate.com/github/sensu-plugins/sensu-plugins-kubernetes/badges/gpa.svg)](https://codeclimate.com/github/sensu-plugins/sensu-plugins-kubernetes)
|
6
|
+
[![Test Coverage](https://codeclimate.com/github/sensu-plugins/sensu-plugins-kubernetes/badges/coverage.svg)](https://codeclimate.com/github/sensu-plugins/sensu-plugins-kubernetes)
|
7
|
+
[![Dependency Status](https://gemnasium.com/sensu-plugins/sensu-plugins-kubernetes.svg)](https://gemnasium.com/sensu-plugins/sensu-plugins-kubernetes)
|
8
|
+
|
9
|
+
## Functionality
|
10
|
+
This provides functionality to check node and pod status as well as api and service availability.
|
11
|
+
|
12
|
+
## Files
|
13
|
+
- bin/check-kube-nodes-ready.rb
|
14
|
+
- bin/check-kube-apiserver-available.rb
|
15
|
+
- bin/check-kube-pods-pending.rb
|
16
|
+
- bin/check-kube-service-available.rb
|
17
|
+
- bin/check-kube-pods-runtime.rb
|
18
|
+
- bin/check-kube-pods-running.rb
|
19
|
+
- bin/check-kube-pods-restarting.rb
|
20
|
+
- bin/handler-kube-pod.rb
|
21
|
+
- bin/metrics-pods.rb
|
22
|
+
|
23
|
+
## Usage
|
24
|
+
|
25
|
+
**check-kube-nodes-ready.rb**
|
26
|
+
```
|
27
|
+
Usage: check-kube-nodes-ready.rb (options)
|
28
|
+
--ca-file CA-FILE CA file to verify API server cert
|
29
|
+
--cert CERT-FILE Client cert to present
|
30
|
+
--key KEY-FILE Client key for the client cert
|
31
|
+
--in-cluster Use service account authentication
|
32
|
+
-p, --password PASSWORD If user is passed, also pass a password
|
33
|
+
-s, --api-server URL URL to API server
|
34
|
+
-t, --token TOKEN Bearer token for authorization
|
35
|
+
--token-file TOKEN-FILE File containing bearer token for authorization
|
36
|
+
-u, --user USER User with access to API
|
37
|
+
-v, --api-version VERSION API version
|
38
|
+
```
|
39
|
+
|
40
|
+
**check-kube-apiserver-available.rb**
|
41
|
+
```
|
42
|
+
Usage: check-kube-apiserver-available.rb (options)
|
43
|
+
--ca-file CA-FILE CA file to verify API server cert
|
44
|
+
--cert CERT-FILE Client cert to present
|
45
|
+
--key KEY-FILE Client key for the client cert
|
46
|
+
--in-cluster Use service account authentication
|
47
|
+
-p, --password PASSWORD If user is passed, also pass a password
|
48
|
+
-s, --api-server URL URL to API server
|
49
|
+
-t, --token TOKEN Bearer token for authorization
|
50
|
+
--token-file TOKEN-FILE File containing bearer token for authorization
|
51
|
+
-u, --user USER User with access to API
|
52
|
+
```
|
53
|
+
|
54
|
+
**check-kube-pods-pending.rb**
|
55
|
+
```
|
56
|
+
Usage: check-kube-pods-pending.rb (options)
|
57
|
+
--ca-file CA-FILE CA file to verify API server cert
|
58
|
+
--cert CERT-FILE Client cert to present
|
59
|
+
--key KEY-FILE Client key for the client cert
|
60
|
+
--in-cluster Use service account authentication
|
61
|
+
--password PASSWORD If user is passed, also pass a password
|
62
|
+
-s, --api-server URL URL to API server
|
63
|
+
--token TOKEN Bearer token for authorization
|
64
|
+
--token-file TOKEN-FILE File containing bearer token for authorization
|
65
|
+
-u, --user USER User with access to API
|
66
|
+
-v, --api-version VERSION API version
|
67
|
+
-n NAMESPACES, Exclude the specified list of namespaces
|
68
|
+
--exclude-namespace
|
69
|
+
-t, --timeout TIMEOUT Threshold for pods to be in the pending state
|
70
|
+
-f, --filter FILTER Selector filter for pods to be checked
|
71
|
+
-p, --pods PODS List of pods to check
|
72
|
+
-r, --restart COUNT Threshold for number of restarts allowed
|
73
|
+
```
|
74
|
+
|
75
|
+
**check-kube-service-available.rb**
|
76
|
+
```
|
77
|
+
Usage: check-kube-service-available.rb (options)
|
78
|
+
--ca-file CA-FILE CA file to verify API server cert
|
79
|
+
--cert CERT-FILE Client cert to present
|
80
|
+
--key KEY-FILE Client key for the client cert
|
81
|
+
--in-cluster Use service account authentication
|
82
|
+
--password PASSWORD If user is passed, also pass a password
|
83
|
+
-s, --api-server URL URL to API server
|
84
|
+
-t, --token TOKEN Bearer token for authorization
|
85
|
+
--token-file TOKEN-FILE File containing bearer token for authorization
|
86
|
+
-u, --user USER User with access to API
|
87
|
+
-v, --api-version VERSION API version
|
88
|
+
-p, --pending SECONDS Time (in seconds) a pod may be pending for and be valid
|
89
|
+
-l, --list SERVICES List of services to check (required)
|
90
|
+
```
|
91
|
+
|
92
|
+
**check-kube-pods-runtime.rb**
|
93
|
+
```
|
94
|
+
Usage: check-kube-pods-runtime.rb (options)
|
95
|
+
--ca-file CA-FILE CA file to verify API server cert
|
96
|
+
--cert CERT-FILE Client cert to present
|
97
|
+
--key KEY-FILE Client key for the client cert
|
98
|
+
--in-cluster Use service account authentication
|
99
|
+
--password PASSWORD If user is passed, also pass a password
|
100
|
+
-s, --api-server URL URL to API server
|
101
|
+
-t, --token TOKEN Bearer token for authorization
|
102
|
+
--token-file TOKEN-FILE File containing bearer token for authorization
|
103
|
+
-u, --user USER User with access to API
|
104
|
+
-v, --api-version VERSION API version
|
105
|
+
-c, --critical COUNT Threshold for Pods to be critical
|
106
|
+
-f, --filter FILTER Selector filter for pods to be checked
|
107
|
+
-p, --pods PODS List of pods to check
|
108
|
+
-w, --warn TIMEOUT Threshold for pods to be in the pending state
|
109
|
+
```
|
110
|
+
|
111
|
+
**check-kube-pods-running.rb**
|
112
|
+
```
|
113
|
+
Usage: ./check-kube-pods-running.rb (options)
|
114
|
+
--ca-file CA-FILE CA file to verify API server cert
|
115
|
+
--cert CERT-FILE Client cert to present
|
116
|
+
--key KEY-FILE Client key for the client cert
|
117
|
+
--in-cluster Use service account authentication
|
118
|
+
--password PASSWORD If user is passed, also pass a password
|
119
|
+
-s, --api-server URL URL to API server
|
120
|
+
-t, --token TOKEN Bearer token for authorization
|
121
|
+
--token-file TOKEN-FILE File containing bearer token for authorization
|
122
|
+
-u, --user USER User with access to API
|
123
|
+
-v, --api-version VERSION API version
|
124
|
+
-n NAMESPACES, Exclude the specified list of namespaces
|
125
|
+
--exclude-namespace
|
126
|
+
-f, --filter FILTER Selector filter for pods to be checked
|
127
|
+
-p, --pods PODS List of pods to check
|
128
|
+
```
|
129
|
+
|
130
|
+
**check-kube-pods-restarting.rb**
|
131
|
+
|
132
|
+
```
|
133
|
+
Usage: ./check-kube-pods-restarting.rb (options)
|
134
|
+
--ca-file CA-FILE CA file to verify API server cert
|
135
|
+
--cert CERT-FILE Client cert to present
|
136
|
+
--key KEY-FILE Client key for the client cert
|
137
|
+
--in-cluster Use service account authentication
|
138
|
+
--password PASSWORD If user is passed, also pass a password
|
139
|
+
-s, --api-server URL URL to API server
|
140
|
+
-t, --token TOKEN Bearer token for authorization
|
141
|
+
--token-file TOKEN-FILE File containing bearer token for authorization
|
142
|
+
-u, --user USER User with access to API
|
143
|
+
-v, --api-version VERSION API version
|
144
|
+
-n NAMESPACES, Exclude the specified list of namespaces
|
145
|
+
--exclude-namespace
|
146
|
+
-f, --filter FILTER Selector filter for pods to be checked
|
147
|
+
-p, --pods PODS List of pods to check
|
148
|
+
-r, --restart COUNT Threshold for number of restarts allowed
|
149
|
+
```
|
150
|
+
|
151
|
+
**handler-kube-pod.rb**
|
152
|
+
```
|
153
|
+
Usage: handler-kube-pod.rb (options)
|
154
|
+
-j, --json JSONCONFIG Configuration name
|
155
|
+
```
|
156
|
+
|
157
|
+
`JSONCONFIG` defaults to `k8s`.
|
158
|
+
|
159
|
+
```
|
160
|
+
{
|
161
|
+
"k8s": {
|
162
|
+
"server": "https://kubernetes/",
|
163
|
+
"version": "v1",
|
164
|
+
"incluster": false,
|
165
|
+
"ca_file": "/certs/ca.crt.pem",
|
166
|
+
"client_cert_file": "/certs/client.crt.pem",
|
167
|
+
"client_key_file": "/private/client.key.pem",
|
168
|
+
"username": "alice",
|
169
|
+
"password": "secret",
|
170
|
+
"token": "incomprehensible.token.string",
|
171
|
+
"token_file": "/secret/token"
|
172
|
+
}
|
173
|
+
}
|
174
|
+
```
|
175
|
+
|
176
|
+
**metrics-pods**
|
177
|
+
```
|
178
|
+
Usage: metrics-pods.rb (options)
|
179
|
+
--ca-file CA-FILE CA file to verify API server cert
|
180
|
+
--cert CERT-FILE Client cert to present
|
181
|
+
--key KEY-FILE Client key for the client cert
|
182
|
+
--in-cluster Use service account authentication
|
183
|
+
--password PASSWORD If user is passed, also pass a password
|
184
|
+
-s, --api-server URL URL to API server
|
185
|
+
-t, --token TOKEN Bearer token for authorization
|
186
|
+
--token-file TOKEN-FILE File containing bearer token for authorization
|
187
|
+
-u, --user USER User with access to API
|
188
|
+
-v, --api-version VERSION API version
|
189
|
+
```
|
190
|
+
|
191
|
+
`api_server` and `api_version` can still be used for backwards compatibility,
|
192
|
+
but `server` and `version` will take precedence.
|
193
|
+
|
194
|
+
## Installation
|
195
|
+
|
196
|
+
[Installation and Setup](http://sensu-plugins.io/docs/installation_instructions.html)
|
197
|
+
|
198
|
+
## Notes
|
199
|
+
|
200
|
+
Of the Kubernetes connection options:
|
201
|
+
```
|
202
|
+
--api-server URL URL to API server
|
203
|
+
--api-version VERSION API version
|
204
|
+
--in-cluster Use service account authentication
|
205
|
+
--ca-file CA-FILE CA file to verify API server cert
|
206
|
+
--cert CERT-FILE Client cert to present
|
207
|
+
--key KEY-FILE Client key for the client cert
|
208
|
+
--user USER User with access to API
|
209
|
+
--password PASSWORD If user is passed, also pass a password
|
210
|
+
--token TOKEN Bearer token for authorization
|
211
|
+
--token-file TOKEN-FILE File containing bearer token for authorization
|
212
|
+
```
|
213
|
+
Only the API server option is required, however it does default to the `KUBERNETES_MASTER` environment variable, or you can use the in-cluster option. The other options are to be used as needed.
|
214
|
+
|
215
|
+
The default API version is `v1`.
|
216
|
+
|
217
|
+
The in-cluster option provides defaults for:
|
218
|
+
- The server URL, using the `KUBERNETES_SERVICE_HOST` and `KUBERNETES_SERVICE_PORT` environment variables.
|
219
|
+
- The API CA file, using the service account CA file if it exists. (`/var/run/secrets/kubernetes.io/serviceaccount/ca.crt`)
|
220
|
+
- The API token, using the service account token file. (`/var/run/secrets/kubernetes.io/serviceaccount/token`)
|
221
|
+
|
222
|
+
If the Kubernetes API provides a server certificate, it is only validated if a CA file is provided.
|
223
|
+
|
224
|
+
The client certificate and client private key are optional, but if one is provided then the other must also be provided.
|
225
|
+
|
226
|
+
Only one of the authentication methods (user, token, or token file) can be used.
|
227
|
+
For example, using a username and a token, or a token and a token file, will produce an error.
|
228
|
+
|
229
|
+
If the 'user' authentication method is used, a password must also be provided.
|
@@ -0,0 +1,56 @@
|
|
1
|
+
#! /usr/bin/env ruby
|
2
|
+
#
|
3
|
+
# check-kube-apiserver-available.rb
|
4
|
+
#
|
5
|
+
# DESCRIPTION:
|
6
|
+
# => Check if the Kubernetes API server is up
|
7
|
+
#
|
8
|
+
# OUTPUT:
|
9
|
+
# plain text
|
10
|
+
#
|
11
|
+
# PLATFORMS:
|
12
|
+
# Linux
|
13
|
+
#
|
14
|
+
# DEPENDENCIES:
|
15
|
+
# gem: sensu-plugin
|
16
|
+
# gem: kube-client
|
17
|
+
#
|
18
|
+
# USAGE:
|
19
|
+
# -s, --api-server URL URL to API server
|
20
|
+
# --in-cluster Use service account authentication
|
21
|
+
# --ca-file CA-FILE CA file to verify API server cert
|
22
|
+
# --cert CERT-FILE Client cert to present
|
23
|
+
# --key KEY-FILE Client key for the client cert
|
24
|
+
# -u, --user USER User with access to API
|
25
|
+
# -p, --password PASSWORD If user is passed, also pass a password
|
26
|
+
# -t, --token TOKEN Bearer token for authorization
|
27
|
+
# --token-file TOKEN-FILE File containing bearer token for authorization
|
28
|
+
#
|
29
|
+
# LICENSE:
|
30
|
+
# Kel Cecil <kelcecil@praisechaos.com>
|
31
|
+
# Released under the same terms as Sensu (the MIT license); see LICENSE
|
32
|
+
# for details.
|
33
|
+
#
|
34
|
+
|
35
|
+
require 'sensu-plugins-kubernetes/cli'
|
36
|
+
|
37
|
+
class ApiServerIsAvailable < Sensu::Plugins::Kubernetes::CLI
|
38
|
+
@options = Sensu::Plugins::Kubernetes::CLI.options.reject { |k| k == :api_version }
|
39
|
+
|
40
|
+
def run
|
41
|
+
if healthy?
|
42
|
+
ok 'Kubernetes API server is available'
|
43
|
+
end
|
44
|
+
critical 'Kubernetes API server is unavailable'
|
45
|
+
end
|
46
|
+
|
47
|
+
# TODO: replace this method when it's added to kubeclient
|
48
|
+
def healthy?
|
49
|
+
client.handle_exception do
|
50
|
+
client.create_rest_client('/healthz').get(client.headers)
|
51
|
+
end
|
52
|
+
true
|
53
|
+
rescue KubeException
|
54
|
+
false
|
55
|
+
end
|
56
|
+
end
|
@@ -0,0 +1,59 @@
|
|
1
|
+
#! /usr/bin/env ruby
|
2
|
+
#
|
3
|
+
# check-kube-nodes-ready.rb
|
4
|
+
#
|
5
|
+
# DESCRIPTION:
|
6
|
+
# => Check if the Kubernetes nodes are in a ready to use state
|
7
|
+
#
|
8
|
+
# OUTPUT:
|
9
|
+
# plain text
|
10
|
+
#
|
11
|
+
# PLATFORMS:
|
12
|
+
# Linux
|
13
|
+
#
|
14
|
+
# DEPENDENCIES:
|
15
|
+
# gem: sensu-plugin
|
16
|
+
# gem: kube-client
|
17
|
+
#
|
18
|
+
# USAGE:
|
19
|
+
# -s, --api-server URL URL to API server
|
20
|
+
# -v, --api-version VERSION API version. Defaults to 'v1'
|
21
|
+
# --in-cluster Use service account authentication
|
22
|
+
# --ca-file CA-FILE CA file to verify API server cert
|
23
|
+
# --cert CERT-FILE Client cert to present
|
24
|
+
# --key KEY-FILE Client key for the client cert
|
25
|
+
# -u, --user USER User with access to API
|
26
|
+
# -p, --password PASSWORD If user is passed, also pass a password
|
27
|
+
# -t, --token TOKEN Bearer token for authorization
|
28
|
+
# --token-file TOKEN-FILE File containing bearer token for authorization
|
29
|
+
#
|
30
|
+
# LICENSE:
|
31
|
+
# Kel Cecil <kelcecil@praisechaos.com>
|
32
|
+
# Released under the same terms as Sensu (the MIT license); see LICENSE
|
33
|
+
# for details.
|
34
|
+
#
|
35
|
+
|
36
|
+
require 'sensu-plugins-kubernetes/cli'
|
37
|
+
|
38
|
+
class AllNodesAreReady < Sensu::Plugins::Kubernetes::CLI
|
39
|
+
@options = Sensu::Plugins::Kubernetes::CLI.options.dup
|
40
|
+
|
41
|
+
def run
|
42
|
+
failed_nodes = []
|
43
|
+
client.get_nodes.each do |node|
|
44
|
+
item = node.status.conditions.detect { |condition| condition.type == 'Ready' }
|
45
|
+
if item.nil?
|
46
|
+
warning "#{node.name} does not have a status"
|
47
|
+
elsif item.status != 'True'
|
48
|
+
failed_nodes << node.metadata.name
|
49
|
+
end
|
50
|
+
end
|
51
|
+
|
52
|
+
if failed_nodes.empty?
|
53
|
+
ok 'All nodes are reporting as ready'
|
54
|
+
end
|
55
|
+
critical "Nodes are not ready: #{failed_nodes.join(' ')}"
|
56
|
+
rescue KubeException => e
|
57
|
+
critical 'API error: ' << e.message
|
58
|
+
end
|
59
|
+
end
|
@@ -0,0 +1,116 @@
|
|
1
|
+
#! /usr/bin/env ruby
|
2
|
+
#
|
3
|
+
# check-kube-pods-pending
|
4
|
+
#
|
5
|
+
# DESCRIPTION:
|
6
|
+
# => Check if pods are stuck in a pending state or constantly restarting
|
7
|
+
#
|
8
|
+
# OUTPUT:
|
9
|
+
# plain text
|
10
|
+
#
|
11
|
+
# PLATFORMS:
|
12
|
+
# Linux
|
13
|
+
#
|
14
|
+
# DEPENDENCIES:
|
15
|
+
# gem: sensu-plugin
|
16
|
+
# gem: kube-client
|
17
|
+
#
|
18
|
+
# USAGE:
|
19
|
+
# -s, --api-server URL URL to API server
|
20
|
+
# -v, --api-version VERSION API version. Defaults to 'v1'
|
21
|
+
# --in-cluster Use service account authentication
|
22
|
+
# --ca-file CA-FILE CA file to verify API server cert
|
23
|
+
# --cert CERT-FILE Client cert to present
|
24
|
+
# --key KEY-FILE Client key for the client cert
|
25
|
+
# -u, --user USER User with access to API
|
26
|
+
# --password PASSWORD If user is passed, also pass a password
|
27
|
+
# --token TOKEN Bearer token for authorization
|
28
|
+
# --token-file TOKEN-FILE File containing bearer token for authorization
|
29
|
+
# -n NAMESPACES, Exclude the specified list of namespaces
|
30
|
+
# --exclude-namespace
|
31
|
+
# -t, --timeout TIMEOUT Threshold for pods to be in the pending state
|
32
|
+
# -f, --filter FILTER Selector filter for pods to be checked
|
33
|
+
# -p, --pods PODS Optional list of pods to check.
|
34
|
+
# Defaults to 'all'
|
35
|
+
#
|
36
|
+
# NOTES:
|
37
|
+
# => The filter used for the -f flag is in the form key=value. If multiple
|
38
|
+
# filters need to be specfied, use a comma. ex. foo=bar,red=color
|
39
|
+
#
|
40
|
+
# LICENSE:
|
41
|
+
# Barry Martin <nyxcharon@gmail.com>
|
42
|
+
# Released under the same terms as Sensu (the MIT license); see LICENSE
|
43
|
+
# for details.
|
44
|
+
#
|
45
|
+
|
46
|
+
require 'sensu-plugins-kubernetes/cli'
|
47
|
+
|
48
|
+
class AllPodsAreReady < Sensu::Plugins::Kubernetes::CLI
|
49
|
+
@options = Sensu::Plugins::Kubernetes::CLI.options.dup
|
50
|
+
|
51
|
+
option :pod_list,
|
52
|
+
description: 'List of pods to check',
|
53
|
+
short: '-p PODS',
|
54
|
+
long: '--pods',
|
55
|
+
default: 'all'
|
56
|
+
|
57
|
+
option :pending_timeout,
|
58
|
+
description: 'Threshold for pods to be in the pending state',
|
59
|
+
short: '-t TIMEOUT',
|
60
|
+
long: '--timeout',
|
61
|
+
proc: proc(&:to_i),
|
62
|
+
default: 300
|
63
|
+
|
64
|
+
option :pod_filter,
|
65
|
+
description: 'Selector filter for pods to be checked',
|
66
|
+
short: '-f FILTER',
|
67
|
+
long: '--filter'
|
68
|
+
|
69
|
+
option :exclude_namespace,
|
70
|
+
description: 'Exclude the specified list of namespaces',
|
71
|
+
short: '-n NAMESPACES',
|
72
|
+
long: '--exclude-namespace',
|
73
|
+
proc: proc { |a| a.split(',') },
|
74
|
+
default: ''
|
75
|
+
|
76
|
+
def run
|
77
|
+
pods_list = []
|
78
|
+
failed_pods = []
|
79
|
+
pods = []
|
80
|
+
if config[:pod_filter].nil?
|
81
|
+
pods_list = parse_list(config[:pod_list])
|
82
|
+
pods = client.get_pods
|
83
|
+
else
|
84
|
+
pods = client.get_pods(label_selector: config[:pod_filter].to_s)
|
85
|
+
if pods.empty?
|
86
|
+
unknown 'The filter specified resulted in 0 pods'
|
87
|
+
end
|
88
|
+
pods_list = ['all']
|
89
|
+
end
|
90
|
+
pods.each do |pod|
|
91
|
+
next if pod.nil?
|
92
|
+
next if config[:exclude_namespace].include?(pod.metadata.namespace)
|
93
|
+
next unless pods_list.include?(pod.metadata.name) || pods_list.include?('all')
|
94
|
+
# Check for pending state
|
95
|
+
next unless pod.status.phase == 'Pending'
|
96
|
+
pod_stamp = Time.parse(pod.metadata.creationTimestamp)
|
97
|
+
puts pod.metadata.name
|
98
|
+
if (Time.now.utc - pod_stamp.utc).to_i > config[:pending_timeout]
|
99
|
+
failed_pods << "#{pod.metadata.namespace}.#{pod.metadata.name}"
|
100
|
+
end
|
101
|
+
end
|
102
|
+
if failed_pods.empty?
|
103
|
+
ok 'All pods are reporting as ready'
|
104
|
+
else
|
105
|
+
critical "Pods exceeded pending threshold: #{failed_pods.join(' ')}"
|
106
|
+
end
|
107
|
+
rescue KubeException => e
|
108
|
+
critical 'API error: ' << e.message
|
109
|
+
end
|
110
|
+
|
111
|
+
def parse_list(list)
|
112
|
+
return list.split(',') if list && list.include?(',')
|
113
|
+
return [list] if list
|
114
|
+
['']
|
115
|
+
end
|
116
|
+
end
|