sensu-plugins-kubernetes-reactiveops 0.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +7 -0
- data/CHANGELOG.md +50 -0
- data/LICENSE +22 -0
- data/README.md +229 -0
- data/bin/check-kube-apiserver-available.rb +56 -0
- data/bin/check-kube-nodes-ready.rb +59 -0
- data/bin/check-kube-pods-pending.rb +116 -0
- data/bin/check-kube-pods-restarting.rb +116 -0
- data/bin/check-kube-pods-running.rb +104 -0
- data/bin/check-kube-pods-runtime.rb +116 -0
- data/bin/check-kube-service-available.rb +121 -0
- data/bin/handler-kube-pod.rb +87 -0
- data/bin/metrics-pods.rb +59 -0
- data/lib/sensu-plugins-kubernetes.rb +1 -0
- data/lib/sensu-plugins-kubernetes/cli.rb +96 -0
- data/lib/sensu-plugins-kubernetes/client.rb +126 -0
- data/lib/sensu-plugins-kubernetes/version.rb +9 -0
- metadata +242 -0
checksums.yaml
ADDED
@@ -0,0 +1,7 @@
|
|
1
|
+
---
|
2
|
+
SHA1:
|
3
|
+
metadata.gz: 25b537379f6e02c1eeddab70d94520a43616d6c1
|
4
|
+
data.tar.gz: bccba5e6690207a3b3bb71d5ec1427e3ac1303e0
|
5
|
+
SHA512:
|
6
|
+
metadata.gz: 4f4673f8517e188270b429baf4a4f922359153a13dbe093e7b170ed0321c1873881aa6f40bfce8e3877babc02c03186da7c0e976dc8974fc7b259e6a660bf48b
|
7
|
+
data.tar.gz: 5f501632b0e28e4a12500effa1ed51aa7602c3e0abcbe788112540e4b45655050fe13d7a515ad809018e367cff844654f03c2b420b8a6693b9788113923177d2
|
data/CHANGELOG.md
ADDED
@@ -0,0 +1,50 @@
|
|
1
|
+
#Change Log
|
2
|
+
This project adheres to [Semantic Versioning](http://semver.org/).
|
3
|
+
|
4
|
+
This CHANGELOG follows the format listed at [Keep A Changelog](http://keepachangelog.com/)
|
5
|
+
|
6
|
+
## [Unreleased]
|
7
|
+
### Added
|
8
|
+
- Added metrics-pods.rb that will output the number of running pods per service
|
9
|
+
- Added check-kube-pods-running check
|
10
|
+
- Split check-kube-pods-pending into two checks; the original still checks for
|
11
|
+
pending pods, the restart count portion has been split into it's own check.
|
12
|
+
|
13
|
+
## [0.1.2] - 2016-08-07
|
14
|
+
### Fixed
|
15
|
+
- check-kube-service-available.rb: fixed error caused by misspelling of true boolean (@justinhammar)
|
16
|
+
|
17
|
+
### Changed
|
18
|
+
- check-kube-pods-pending.rb: Add namespace to output (@ajohnstone)
|
19
|
+
- check-kube-service-available.rb: Add namespace to output (@ajohnstone)
|
20
|
+
- pin `activesupport` to `< 5.0.0` to maintain compatability with Ruby < 2.2 (@eheydrick)
|
21
|
+
|
22
|
+
## [0.1.1] - 2016-05-17
|
23
|
+
### Fixed
|
24
|
+
- cli.rb: Fixed typo in critical call
|
25
|
+
|
26
|
+
## [0.1.0] - 2016-05-15
|
27
|
+
### Added
|
28
|
+
- Added flag to ignore namespaces in check-kube-pods-pending
|
29
|
+
- check-kube-service-available.rb: Will not mark a service as failed if any needed pod is running and ready
|
30
|
+
- check-kube-service-available.rb: Added options to allow of pod pending for given time to be counted as valid
|
31
|
+
- Factored all checks to share a common base class for connecting to Kubernetes
|
32
|
+
- Added flags to specify certificate authority and Kubernetes bearer token
|
33
|
+
- Added flags to specify client certificate/key and in-cluster support
|
34
|
+
- Support for Ruby 2.3
|
35
|
+
|
36
|
+
### Fixed
|
37
|
+
- check-kube-service-available.rb: Fixed scope issue in main block that would cause a nil error
|
38
|
+
|
39
|
+
### Changed
|
40
|
+
- Update to Rubocop 0.40 and cleanup
|
41
|
+
- Update to kubeclient 1.1.3
|
42
|
+
|
43
|
+
## 0.0.1 - 2016-03-03
|
44
|
+
### Added
|
45
|
+
- initial release
|
46
|
+
|
47
|
+
[Unreleased]: https://github.com/sensu-plugins/sensu-plugins-kubernetes/compare/0.1.2...HEAD
|
48
|
+
[0.1.2]: https://github.com/sensu-plugins/sensu-plugins-kubernetes/compare/0.1.1...0.1.2
|
49
|
+
[0.1.1]: https://github.com/sensu-plugins/sensu-plugins-kubernetes/compare/0.1.0...0.1.1
|
50
|
+
[0.1.0]: https://github.com/sensu-plugins/sensu-plugins-kubernetes/compare/0.0.1...0.1.0
|
data/LICENSE
ADDED
@@ -0,0 +1,22 @@
|
|
1
|
+
The MIT License (MIT)
|
2
|
+
|
3
|
+
Copyright (c) 2016 Sensu Community Plugins
|
4
|
+
|
5
|
+
Permission is hereby granted, free of charge, to any person obtaining a copy
|
6
|
+
of this software and associated documentation files (the "Software"), to deal
|
7
|
+
in the Software without restriction, including without limitation the rights
|
8
|
+
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
9
|
+
copies of the Software, and to permit persons to whom the Software is
|
10
|
+
furnished to do so, subject to the following conditions:
|
11
|
+
|
12
|
+
The above copyright notice and this permission notice shall be included in all
|
13
|
+
copies or substantial portions of the Software.
|
14
|
+
|
15
|
+
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
16
|
+
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
17
|
+
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
18
|
+
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
19
|
+
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
20
|
+
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
|
21
|
+
SOFTWARE.
|
22
|
+
|
data/README.md
ADDED
@@ -0,0 +1,229 @@
|
|
1
|
+
## Sensu-Plugins-kubernetes
|
2
|
+
|
3
|
+
[](https://travis-ci.org/sensu-plugins/sensu-plugins-kubernetes)
|
4
|
+
[](http://badge.fury.io/rb/sensu-plugins-kubernetes)
|
5
|
+
[](https://codeclimate.com/github/sensu-plugins/sensu-plugins-kubernetes)
|
6
|
+
[](https://codeclimate.com/github/sensu-plugins/sensu-plugins-kubernetes)
|
7
|
+
[](https://gemnasium.com/sensu-plugins/sensu-plugins-kubernetes)
|
8
|
+
|
9
|
+
## Functionality
|
10
|
+
This provides functionality to check node and pod status as well as api and service availability.
|
11
|
+
|
12
|
+
## Files
|
13
|
+
- bin/check-kube-nodes-ready.rb
|
14
|
+
- bin/check-kube-apiserver-available.rb
|
15
|
+
- bin/check-kube-pods-pending.rb
|
16
|
+
- bin/check-kube-service-available.rb
|
17
|
+
- bin/check-kube-pods-runtime.rb
|
18
|
+
- bin/check-kube-pods-running.rb
|
19
|
+
- bin/check-kube-pods-restarting.rb
|
20
|
+
- bin/handler-kube-pod.rb
|
21
|
+
- bin/metrics-pods.rb
|
22
|
+
|
23
|
+
## Usage
|
24
|
+
|
25
|
+
**check-kube-nodes-ready.rb**
|
26
|
+
```
|
27
|
+
Usage: check-kube-nodes-ready.rb (options)
|
28
|
+
--ca-file CA-FILE CA file to verify API server cert
|
29
|
+
--cert CERT-FILE Client cert to present
|
30
|
+
--key KEY-FILE Client key for the client cert
|
31
|
+
--in-cluster Use service account authentication
|
32
|
+
-p, --password PASSWORD If user is passed, also pass a password
|
33
|
+
-s, --api-server URL URL to API server
|
34
|
+
-t, --token TOKEN Bearer token for authorization
|
35
|
+
--token-file TOKEN-FILE File containing bearer token for authorization
|
36
|
+
-u, --user USER User with access to API
|
37
|
+
-v, --api-version VERSION API version
|
38
|
+
```
|
39
|
+
|
40
|
+
**check-kube-apiserver-available.rb**
|
41
|
+
```
|
42
|
+
Usage: check-kube-apiserver-available.rb (options)
|
43
|
+
--ca-file CA-FILE CA file to verify API server cert
|
44
|
+
--cert CERT-FILE Client cert to present
|
45
|
+
--key KEY-FILE Client key for the client cert
|
46
|
+
--in-cluster Use service account authentication
|
47
|
+
-p, --password PASSWORD If user is passed, also pass a password
|
48
|
+
-s, --api-server URL URL to API server
|
49
|
+
-t, --token TOKEN Bearer token for authorization
|
50
|
+
--token-file TOKEN-FILE File containing bearer token for authorization
|
51
|
+
-u, --user USER User with access to API
|
52
|
+
```
|
53
|
+
|
54
|
+
**check-kube-pods-pending.rb**
|
55
|
+
```
|
56
|
+
Usage: check-kube-pods-pending.rb (options)
|
57
|
+
--ca-file CA-FILE CA file to verify API server cert
|
58
|
+
--cert CERT-FILE Client cert to present
|
59
|
+
--key KEY-FILE Client key for the client cert
|
60
|
+
--in-cluster Use service account authentication
|
61
|
+
--password PASSWORD If user is passed, also pass a password
|
62
|
+
-s, --api-server URL URL to API server
|
63
|
+
--token TOKEN Bearer token for authorization
|
64
|
+
--token-file TOKEN-FILE File containing bearer token for authorization
|
65
|
+
-u, --user USER User with access to API
|
66
|
+
-v, --api-version VERSION API version
|
67
|
+
-n NAMESPACES, Exclude the specified list of namespaces
|
68
|
+
--exclude-namespace
|
69
|
+
-t, --timeout TIMEOUT Threshold for pods to be in the pending state
|
70
|
+
-f, --filter FILTER Selector filter for pods to be checked
|
71
|
+
-p, --pods PODS List of pods to check
|
72
|
+
-r, --restart COUNT Threshold for number of restarts allowed
|
73
|
+
```
|
74
|
+
|
75
|
+
**check-kube-service-available.rb**
|
76
|
+
```
|
77
|
+
Usage: check-kube-service-available.rb (options)
|
78
|
+
--ca-file CA-FILE CA file to verify API server cert
|
79
|
+
--cert CERT-FILE Client cert to present
|
80
|
+
--key KEY-FILE Client key for the client cert
|
81
|
+
--in-cluster Use service account authentication
|
82
|
+
--password PASSWORD If user is passed, also pass a password
|
83
|
+
-s, --api-server URL URL to API server
|
84
|
+
-t, --token TOKEN Bearer token for authorization
|
85
|
+
--token-file TOKEN-FILE File containing bearer token for authorization
|
86
|
+
-u, --user USER User with access to API
|
87
|
+
-v, --api-version VERSION API version
|
88
|
+
-p, --pending SECONDS Time (in seconds) a pod may be pending for and be valid
|
89
|
+
-l, --list SERVICES List of services to check (required)
|
90
|
+
```
|
91
|
+
|
92
|
+
**check-kube-pods-runtime.rb**
|
93
|
+
```
|
94
|
+
Usage: check-kube-pods-runtime.rb (options)
|
95
|
+
--ca-file CA-FILE CA file to verify API server cert
|
96
|
+
--cert CERT-FILE Client cert to present
|
97
|
+
--key KEY-FILE Client key for the client cert
|
98
|
+
--in-cluster Use service account authentication
|
99
|
+
--password PASSWORD If user is passed, also pass a password
|
100
|
+
-s, --api-server URL URL to API server
|
101
|
+
-t, --token TOKEN Bearer token for authorization
|
102
|
+
--token-file TOKEN-FILE File containing bearer token for authorization
|
103
|
+
-u, --user USER User with access to API
|
104
|
+
-v, --api-version VERSION API version
|
105
|
+
-c, --critical COUNT Threshold for Pods to be critical
|
106
|
+
-f, --filter FILTER Selector filter for pods to be checked
|
107
|
+
-p, --pods PODS List of pods to check
|
108
|
+
-w, --warn TIMEOUT Threshold for pods to be in the pending state
|
109
|
+
```
|
110
|
+
|
111
|
+
**check-kube-pods-running.rb**
|
112
|
+
```
|
113
|
+
Usage: ./check-kube-pods-running.rb (options)
|
114
|
+
--ca-file CA-FILE CA file to verify API server cert
|
115
|
+
--cert CERT-FILE Client cert to present
|
116
|
+
--key KEY-FILE Client key for the client cert
|
117
|
+
--in-cluster Use service account authentication
|
118
|
+
--password PASSWORD If user is passed, also pass a password
|
119
|
+
-s, --api-server URL URL to API server
|
120
|
+
-t, --token TOKEN Bearer token for authorization
|
121
|
+
--token-file TOKEN-FILE File containing bearer token for authorization
|
122
|
+
-u, --user USER User with access to API
|
123
|
+
-v, --api-version VERSION API version
|
124
|
+
-n NAMESPACES, Exclude the specified list of namespaces
|
125
|
+
--exclude-namespace
|
126
|
+
-f, --filter FILTER Selector filter for pods to be checked
|
127
|
+
-p, --pods PODS List of pods to check
|
128
|
+
```
|
129
|
+
|
130
|
+
**check-kube-pods-restarting.rb**
|
131
|
+
|
132
|
+
```
|
133
|
+
Usage: ./check-kube-pods-restarting.rb (options)
|
134
|
+
--ca-file CA-FILE CA file to verify API server cert
|
135
|
+
--cert CERT-FILE Client cert to present
|
136
|
+
--key KEY-FILE Client key for the client cert
|
137
|
+
--in-cluster Use service account authentication
|
138
|
+
--password PASSWORD If user is passed, also pass a password
|
139
|
+
-s, --api-server URL URL to API server
|
140
|
+
-t, --token TOKEN Bearer token for authorization
|
141
|
+
--token-file TOKEN-FILE File containing bearer token for authorization
|
142
|
+
-u, --user USER User with access to API
|
143
|
+
-v, --api-version VERSION API version
|
144
|
+
-n NAMESPACES, Exclude the specified list of namespaces
|
145
|
+
--exclude-namespace
|
146
|
+
-f, --filter FILTER Selector filter for pods to be checked
|
147
|
+
-p, --pods PODS List of pods to check
|
148
|
+
-r, --restart COUNT Threshold for number of restarts allowed
|
149
|
+
```
|
150
|
+
|
151
|
+
**handler-kube-pod.rb**
|
152
|
+
```
|
153
|
+
Usage: handler-kube-pod.rb (options)
|
154
|
+
-j, --json JSONCONFIG Configuration name
|
155
|
+
```
|
156
|
+
|
157
|
+
`JSONCONFIG` defaults to `k8s`.
|
158
|
+
|
159
|
+
```
|
160
|
+
{
|
161
|
+
"k8s": {
|
162
|
+
"server": "https://kubernetes/",
|
163
|
+
"version": "v1",
|
164
|
+
"incluster": false,
|
165
|
+
"ca_file": "/certs/ca.crt.pem",
|
166
|
+
"client_cert_file": "/certs/client.crt.pem",
|
167
|
+
"client_key_file": "/private/client.key.pem",
|
168
|
+
"username": "alice",
|
169
|
+
"password": "secret",
|
170
|
+
"token": "incomprehensible.token.string",
|
171
|
+
"token_file": "/secret/token"
|
172
|
+
}
|
173
|
+
}
|
174
|
+
```
|
175
|
+
|
176
|
+
**metrics-pods**
|
177
|
+
```
|
178
|
+
Usage: metrics-pods.rb (options)
|
179
|
+
--ca-file CA-FILE CA file to verify API server cert
|
180
|
+
--cert CERT-FILE Client cert to present
|
181
|
+
--key KEY-FILE Client key for the client cert
|
182
|
+
--in-cluster Use service account authentication
|
183
|
+
--password PASSWORD If user is passed, also pass a password
|
184
|
+
-s, --api-server URL URL to API server
|
185
|
+
-t, --token TOKEN Bearer token for authorization
|
186
|
+
--token-file TOKEN-FILE File containing bearer token for authorization
|
187
|
+
-u, --user USER User with access to API
|
188
|
+
-v, --api-version VERSION API version
|
189
|
+
```
|
190
|
+
|
191
|
+
`api_server` and `api_version` can still be used for backwards compatibility,
|
192
|
+
but `server` and `version` will take precedence.
|
193
|
+
|
194
|
+
## Installation
|
195
|
+
|
196
|
+
[Installation and Setup](http://sensu-plugins.io/docs/installation_instructions.html)
|
197
|
+
|
198
|
+
## Notes
|
199
|
+
|
200
|
+
Of the Kubernetes connection options:
|
201
|
+
```
|
202
|
+
--api-server URL URL to API server
|
203
|
+
--api-version VERSION API version
|
204
|
+
--in-cluster Use service account authentication
|
205
|
+
--ca-file CA-FILE CA file to verify API server cert
|
206
|
+
--cert CERT-FILE Client cert to present
|
207
|
+
--key KEY-FILE Client key for the client cert
|
208
|
+
--user USER User with access to API
|
209
|
+
--password PASSWORD If user is passed, also pass a password
|
210
|
+
--token TOKEN Bearer token for authorization
|
211
|
+
--token-file TOKEN-FILE File containing bearer token for authorization
|
212
|
+
```
|
213
|
+
Only the API server option is required, however it does default to the `KUBERNETES_MASTER` environment variable, or you can use the in-cluster option. The other options are to be used as needed.
|
214
|
+
|
215
|
+
The default API version is `v1`.
|
216
|
+
|
217
|
+
The in-cluster option provides defaults for:
|
218
|
+
- The server URL, using the `KUBERNETES_SERVICE_HOST` and `KUBERNETES_SERVICE_PORT` environment variables.
|
219
|
+
- The API CA file, using the service account CA file if it exists. (`/var/run/secrets/kubernetes.io/serviceaccount/ca.crt`)
|
220
|
+
- The API token, using the service account token file. (`/var/run/secrets/kubernetes.io/serviceaccount/token`)
|
221
|
+
|
222
|
+
If the Kubernetes API provides a server certificate, it is only validated if a CA file is provided.
|
223
|
+
|
224
|
+
The client certificate and client private key are optional, but if one is provided then the other must also be provided.
|
225
|
+
|
226
|
+
Only one of the authentication methods (user, token, or token file) can be used.
|
227
|
+
For example, using a username and a token, or a token and a token file, will produce an error.
|
228
|
+
|
229
|
+
If the 'user' authentication method is used, a password must also be provided.
|
@@ -0,0 +1,56 @@
|
|
1
|
+
#! /usr/bin/env ruby
|
2
|
+
#
|
3
|
+
# check-kube-apiserver-available.rb
|
4
|
+
#
|
5
|
+
# DESCRIPTION:
|
6
|
+
# => Check if the Kubernetes API server is up
|
7
|
+
#
|
8
|
+
# OUTPUT:
|
9
|
+
# plain text
|
10
|
+
#
|
11
|
+
# PLATFORMS:
|
12
|
+
# Linux
|
13
|
+
#
|
14
|
+
# DEPENDENCIES:
|
15
|
+
# gem: sensu-plugin
|
16
|
+
# gem: kube-client
|
17
|
+
#
|
18
|
+
# USAGE:
|
19
|
+
# -s, --api-server URL URL to API server
|
20
|
+
# --in-cluster Use service account authentication
|
21
|
+
# --ca-file CA-FILE CA file to verify API server cert
|
22
|
+
# --cert CERT-FILE Client cert to present
|
23
|
+
# --key KEY-FILE Client key for the client cert
|
24
|
+
# -u, --user USER User with access to API
|
25
|
+
# -p, --password PASSWORD If user is passed, also pass a password
|
26
|
+
# -t, --token TOKEN Bearer token for authorization
|
27
|
+
# --token-file TOKEN-FILE File containing bearer token for authorization
|
28
|
+
#
|
29
|
+
# LICENSE:
|
30
|
+
# Kel Cecil <kelcecil@praisechaos.com>
|
31
|
+
# Released under the same terms as Sensu (the MIT license); see LICENSE
|
32
|
+
# for details.
|
33
|
+
#
|
34
|
+
|
35
|
+
require 'sensu-plugins-kubernetes/cli'
|
36
|
+
|
37
|
+
class ApiServerIsAvailable < Sensu::Plugins::Kubernetes::CLI
|
38
|
+
@options = Sensu::Plugins::Kubernetes::CLI.options.reject { |k| k == :api_version }
|
39
|
+
|
40
|
+
def run
|
41
|
+
if healthy?
|
42
|
+
ok 'Kubernetes API server is available'
|
43
|
+
end
|
44
|
+
critical 'Kubernetes API server is unavailable'
|
45
|
+
end
|
46
|
+
|
47
|
+
# TODO: replace this method when it's added to kubeclient
|
48
|
+
def healthy?
|
49
|
+
client.handle_exception do
|
50
|
+
client.create_rest_client('/healthz').get(client.headers)
|
51
|
+
end
|
52
|
+
true
|
53
|
+
rescue KubeException
|
54
|
+
false
|
55
|
+
end
|
56
|
+
end
|
@@ -0,0 +1,59 @@
|
|
1
|
+
#! /usr/bin/env ruby
|
2
|
+
#
|
3
|
+
# check-kube-nodes-ready.rb
|
4
|
+
#
|
5
|
+
# DESCRIPTION:
|
6
|
+
# => Check if the Kubernetes nodes are in a ready to use state
|
7
|
+
#
|
8
|
+
# OUTPUT:
|
9
|
+
# plain text
|
10
|
+
#
|
11
|
+
# PLATFORMS:
|
12
|
+
# Linux
|
13
|
+
#
|
14
|
+
# DEPENDENCIES:
|
15
|
+
# gem: sensu-plugin
|
16
|
+
# gem: kube-client
|
17
|
+
#
|
18
|
+
# USAGE:
|
19
|
+
# -s, --api-server URL URL to API server
|
20
|
+
# -v, --api-version VERSION API version. Defaults to 'v1'
|
21
|
+
# --in-cluster Use service account authentication
|
22
|
+
# --ca-file CA-FILE CA file to verify API server cert
|
23
|
+
# --cert CERT-FILE Client cert to present
|
24
|
+
# --key KEY-FILE Client key for the client cert
|
25
|
+
# -u, --user USER User with access to API
|
26
|
+
# -p, --password PASSWORD If user is passed, also pass a password
|
27
|
+
# -t, --token TOKEN Bearer token for authorization
|
28
|
+
# --token-file TOKEN-FILE File containing bearer token for authorization
|
29
|
+
#
|
30
|
+
# LICENSE:
|
31
|
+
# Kel Cecil <kelcecil@praisechaos.com>
|
32
|
+
# Released under the same terms as Sensu (the MIT license); see LICENSE
|
33
|
+
# for details.
|
34
|
+
#
|
35
|
+
|
36
|
+
require 'sensu-plugins-kubernetes/cli'
|
37
|
+
|
38
|
+
class AllNodesAreReady < Sensu::Plugins::Kubernetes::CLI
|
39
|
+
@options = Sensu::Plugins::Kubernetes::CLI.options.dup
|
40
|
+
|
41
|
+
def run
|
42
|
+
failed_nodes = []
|
43
|
+
client.get_nodes.each do |node|
|
44
|
+
item = node.status.conditions.detect { |condition| condition.type == 'Ready' }
|
45
|
+
if item.nil?
|
46
|
+
warning "#{node.name} does not have a status"
|
47
|
+
elsif item.status != 'True'
|
48
|
+
failed_nodes << node.metadata.name
|
49
|
+
end
|
50
|
+
end
|
51
|
+
|
52
|
+
if failed_nodes.empty?
|
53
|
+
ok 'All nodes are reporting as ready'
|
54
|
+
end
|
55
|
+
critical "Nodes are not ready: #{failed_nodes.join(' ')}"
|
56
|
+
rescue KubeException => e
|
57
|
+
critical 'API error: ' << e.message
|
58
|
+
end
|
59
|
+
end
|
@@ -0,0 +1,116 @@
|
|
1
|
+
#! /usr/bin/env ruby
|
2
|
+
#
|
3
|
+
# check-kube-pods-pending
|
4
|
+
#
|
5
|
+
# DESCRIPTION:
|
6
|
+
# => Check if pods are stuck in a pending state or constantly restarting
|
7
|
+
#
|
8
|
+
# OUTPUT:
|
9
|
+
# plain text
|
10
|
+
#
|
11
|
+
# PLATFORMS:
|
12
|
+
# Linux
|
13
|
+
#
|
14
|
+
# DEPENDENCIES:
|
15
|
+
# gem: sensu-plugin
|
16
|
+
# gem: kube-client
|
17
|
+
#
|
18
|
+
# USAGE:
|
19
|
+
# -s, --api-server URL URL to API server
|
20
|
+
# -v, --api-version VERSION API version. Defaults to 'v1'
|
21
|
+
# --in-cluster Use service account authentication
|
22
|
+
# --ca-file CA-FILE CA file to verify API server cert
|
23
|
+
# --cert CERT-FILE Client cert to present
|
24
|
+
# --key KEY-FILE Client key for the client cert
|
25
|
+
# -u, --user USER User with access to API
|
26
|
+
# --password PASSWORD If user is passed, also pass a password
|
27
|
+
# --token TOKEN Bearer token for authorization
|
28
|
+
# --token-file TOKEN-FILE File containing bearer token for authorization
|
29
|
+
# -n NAMESPACES, Exclude the specified list of namespaces
|
30
|
+
# --exclude-namespace
|
31
|
+
# -t, --timeout TIMEOUT Threshold for pods to be in the pending state
|
32
|
+
# -f, --filter FILTER Selector filter for pods to be checked
|
33
|
+
# -p, --pods PODS Optional list of pods to check.
|
34
|
+
# Defaults to 'all'
|
35
|
+
#
|
36
|
+
# NOTES:
|
37
|
+
# => The filter used for the -f flag is in the form key=value. If multiple
|
38
|
+
# filters need to be specfied, use a comma. ex. foo=bar,red=color
|
39
|
+
#
|
40
|
+
# LICENSE:
|
41
|
+
# Barry Martin <nyxcharon@gmail.com>
|
42
|
+
# Released under the same terms as Sensu (the MIT license); see LICENSE
|
43
|
+
# for details.
|
44
|
+
#
|
45
|
+
|
46
|
+
require 'sensu-plugins-kubernetes/cli'
|
47
|
+
|
48
|
+
class AllPodsAreReady < Sensu::Plugins::Kubernetes::CLI
|
49
|
+
@options = Sensu::Plugins::Kubernetes::CLI.options.dup
|
50
|
+
|
51
|
+
option :pod_list,
|
52
|
+
description: 'List of pods to check',
|
53
|
+
short: '-p PODS',
|
54
|
+
long: '--pods',
|
55
|
+
default: 'all'
|
56
|
+
|
57
|
+
option :pending_timeout,
|
58
|
+
description: 'Threshold for pods to be in the pending state',
|
59
|
+
short: '-t TIMEOUT',
|
60
|
+
long: '--timeout',
|
61
|
+
proc: proc(&:to_i),
|
62
|
+
default: 300
|
63
|
+
|
64
|
+
option :pod_filter,
|
65
|
+
description: 'Selector filter for pods to be checked',
|
66
|
+
short: '-f FILTER',
|
67
|
+
long: '--filter'
|
68
|
+
|
69
|
+
option :exclude_namespace,
|
70
|
+
description: 'Exclude the specified list of namespaces',
|
71
|
+
short: '-n NAMESPACES',
|
72
|
+
long: '--exclude-namespace',
|
73
|
+
proc: proc { |a| a.split(',') },
|
74
|
+
default: ''
|
75
|
+
|
76
|
+
def run
|
77
|
+
pods_list = []
|
78
|
+
failed_pods = []
|
79
|
+
pods = []
|
80
|
+
if config[:pod_filter].nil?
|
81
|
+
pods_list = parse_list(config[:pod_list])
|
82
|
+
pods = client.get_pods
|
83
|
+
else
|
84
|
+
pods = client.get_pods(label_selector: config[:pod_filter].to_s)
|
85
|
+
if pods.empty?
|
86
|
+
unknown 'The filter specified resulted in 0 pods'
|
87
|
+
end
|
88
|
+
pods_list = ['all']
|
89
|
+
end
|
90
|
+
pods.each do |pod|
|
91
|
+
next if pod.nil?
|
92
|
+
next if config[:exclude_namespace].include?(pod.metadata.namespace)
|
93
|
+
next unless pods_list.include?(pod.metadata.name) || pods_list.include?('all')
|
94
|
+
# Check for pending state
|
95
|
+
next unless pod.status.phase == 'Pending'
|
96
|
+
pod_stamp = Time.parse(pod.metadata.creationTimestamp)
|
97
|
+
puts pod.metadata.name
|
98
|
+
if (Time.now.utc - pod_stamp.utc).to_i > config[:pending_timeout]
|
99
|
+
failed_pods << "#{pod.metadata.namespace}.#{pod.metadata.name}"
|
100
|
+
end
|
101
|
+
end
|
102
|
+
if failed_pods.empty?
|
103
|
+
ok 'All pods are reporting as ready'
|
104
|
+
else
|
105
|
+
critical "Pods exceeded pending threshold: #{failed_pods.join(' ')}"
|
106
|
+
end
|
107
|
+
rescue KubeException => e
|
108
|
+
critical 'API error: ' << e.message
|
109
|
+
end
|
110
|
+
|
111
|
+
def parse_list(list)
|
112
|
+
return list.split(',') if list && list.include?(',')
|
113
|
+
return [list] if list
|
114
|
+
['']
|
115
|
+
end
|
116
|
+
end
|