Linux中國

使用 KRAWL 掃描 Kubernetes 錯誤

當你使用 Kubernetes 運行容器時,你通常會發現它們堆積在一起。這是設計使然。它是容器的優點之一:每當需要新的容器時,它們啟動成本都很低。你可以使用前端工具(如 OpenShift 或 OKD)來管理 Pod 和容器。這些工具使可視化設置變得容易,並且它具有一組豐富的用於快速交互的命令。

如果管理容器的平台不符合你的要求,你也可以僅使用 Kubernetes 工具鏈獲取這些信息,但這需要大量命令才能全面了解複雜環境。出於這個原因,我編寫了 KRAWL,這是一個簡單的腳本,可用於掃描 Kubernetes 集群命名空間下的 Pod 和容器,並在發現任何事件時,顯示事件的輸出。它也可用作為 Kubernetes 插件使用。這是獲取大量有用信息的快速簡便方法。

先決條件

  • 必須安裝 kubectl
  • 集群的 kubeconfig 配置必須在它的默認位置($HOME/.kube/config)或已被導出到環境變數(KUBECONFIG=/path/to/kubeconfig)。

使用

$ ./krawl

![KRAWL script](/data/attachment/album/202002/27/102959imepam5p3asfgggs.png "KRAWL script")

腳本

#!/bin/bash
# AUTHOR: Abhishek Tamrakar
# EMAIL: abhishek.tamrakar08@gmail.com
# LICENSE: Copyright (C) 2018 Abhishek Tamrakar
#
#  Licensed under the Apache License, Version 2.0 (the "License");
#  you may not use this file except in compliance with the License.
#  You may obtain a copy of the License at
#
#       http://www.apache.org/licenses/LICENSE-2.0
#
#   Unless required by applicable law or agreed to in writing, software
#   distributed under the License is distributed on an "AS IS" BASIS,
#   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
#   See the License for the specific language governing permissions and
#   limitations under the License.
##
#define the variables
KUBE_LOC=~/.kube/config
#define variables
KUBECTL=$(which kubectl)
GET=$(which egrep)
AWK=$(which awk)
red=$(tput setaf 1)
normal=$(tput sgr0)
# define functions

# wrapper for printing info messages
info()
{
  printf 'ne[34m%se[m: %sn' "INFO" "$@"
}

# cleanup when all done
cleanup()
{
  rm -f results.csv
}

# just check if the command we are about to call is available
checkcmd()
{
  #check if command exists
  local cmd=$1
  if [ -z "${!cmd}" ]
  then
    printf 'ne[31m%se[m: %sn' "ERROR"  "check if $1 is installed !!!"
    exit 1
  fi
}

get_namespaces()
{
  #get namespaces
  namespaces=( 
          $($KUBECTL get namespaces --ignore-not-found=true | 
          $AWK '/Active/ {print $1}' 
          ORS=" ") 
          )
#exit if namespaces are not found
if [ ${#namespaces[@]} -eq 0 ]
then
  printf 'ne[31m%se[m: %sn' "ERROR"  "No namespaces found!!"
  exit 1
fi
}

#get events for pods in errored state
get_pod_events()
{
  printf 'n'
  if [ ${#ERRORED[@]} -ne 0 ]
  then
      info "${#ERRORED[@]} errored pods found."
      for CULPRIT in ${ERRORED[@]}
      do
        info "POD: $CULPRIT"
        info
        $KUBECTL get events 
        --field-selector=involvedObject.name=$CULPRIT 
        -ocustom-columns=LASTSEEN:.lastTimestamp,REASON:.reason,MESSAGE:.message 
        --all-namespaces 
        --ignore-not-found=true
      done
  else
      info "0 pods with errored events found."
  fi
}

#define the logic
get_pod_errors()
{
  printf "%s %s %sn" "NAMESPACE,POD_NAME,CONTAINER_NAME,ERRORS" > results.csv
  printf "%s %s %sn" "---------,--------,--------------,------" >> results.csv
  for NAMESPACE in ${namespaces[@]}
  do
    while IFS=' ' read -r POD CONTAINERS
    do
      for CONTAINER in ${CONTAINERS//,/ }
      do
        COUNT=$($KUBECTL logs --since=1h --tail=20 $POD -c $CONTAINER -n $NAMESPACE 2>/dev/null| 
        $GET -c '^error|Error|ERROR|Warn|WARN')
        if [ $COUNT -gt 0 ]
        then
            STATE=("${STATE[@]}" "$NAMESPACE,$POD,$CONTAINER,$COUNT")
        else
        #catch pods in errored state
            ERRORED=($($KUBECTL get pods -n $NAMESPACE --no-headers=true | 
                awk '!/Running/ {print $1}' ORS=" ") 
                )
        fi
      done
    done< <($KUBECTL get pods -n $NAMESPACE --ignore-not-found=true -o=custom-columns=NAME:.metadata.name,CONTAINERS:.spec.containers[*].name --no-headers=true)
  done
  printf "%sn" ${STATE[@]:-None} >> results.csv
  STATE=()
}
#define usage for seprate run
usage()
{
cat << EOF

  USAGE: "${0##*/} </path/to/kube-config>(optional)"

  This program is a free software under the terms of Apache 2.0 License.
  COPYRIGHT (C) 2018 Abhishek Tamrakar

EOF
exit 0
}

#check if basic commands are found
trap cleanup EXIT
checkcmd KUBECTL
#
#set the ground
if [ $# -lt 1 ]; then
  if [ ! -e ${KUBE_LOC} -a ! -s ${KUBE_LOC} ]
  then
    info "A readable kube config location is required!!"
    usage
  fi
elif [ $# -eq 1 ]
then
  export KUBECONFIG=$1
elif [ $# -gt 1 ]
then
  usage
fi
#play
get_namespaces
get_pod_errors

printf &apos;n%40sn&apos; &apos;KRAWL&apos;
printf &apos;%sn&apos; &apos;---------------------------------------------------------------------------------&apos;
printf &apos;%sn&apos; &apos;  Krawl is a command line utility to scan pods and prints name of errored pods   &apos;
printf &apos;%snn&apos; &apos; +and containers within. To use it as kubernetes plugin, please check their page &apos;
printf &apos;%sn&apos; &apos;=================================================================================&apos;

cat results.csv | sed &apos;s/,/,|/g&apos;| column -s &apos;,&apos; -t
get_pod_events

此文最初發布在 KRAWL 的 GitHub 倉庫下的 README 中,並被或許重用。

via: https://opensource.com/article/20/2/kubernetes-scanner

作者:Abhishek Tamrakar 選題:lujun9972 譯者:geekpi 校對:wxy

本文由 LCTT 原創編譯,Linux中國 榮譽推出


本文轉載來自 Linux 中國: https://github.com/Linux-CN/archive

對這篇文章感覺如何?

太棒了
0
不錯
0
愛死了
0
不太好
0
感覺很糟
0
雨落清風。心向陽

    You may also like

    Leave a reply

    您的郵箱地址不會被公開。 必填項已用 * 標註

    此站點使用Akismet來減少垃圾評論。了解我們如何處理您的評論數據

    More in:Linux中國