Skip to content
/ kube-checker Public

Kube-checker checks your Kubernetes cluster and provides recommendations and best practices

9 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

infracloudio/kube-checker

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

11 Commits
cmd
cmd
 
 
design/spec
design/spec
 
 
images
images
 
 
pkg
pkg
 
 
.gitignore
.gitignore
 
 
Makefile
Makefile
 
 
README.md
README.md
 
 
glide.lock
glide.lock
 
 
glide.yaml
glide.yaml
 
 

Repository files navigation

kube-checker

Kube-checker extracts relevant information from a running Kubernetes cluster to make debugging faster.

Motivation

Debugging issues in a running Kubernetes cluster can become complex. Many of the issues can not be caught by existing logging/monitoring tools and technologies. Kube-checker codifies frequently used playbooks and provides the information at your fingertips so the resolution is faster.

There are some tools that exist but they solve a specific area only ATM. Kube-checker integrates with existing tools and fills gaps in areas where no tooling exist.

Details

Integrations

Following is list of tools that Kube-checker will integrate with to get information

Tool Name Details
Klint Klint runs a linting rules against Kubernetes resources
Node-problem-detector Node problem detector specifically focuses on problems at Node level and makes them visible upstream
Kube-bench Runs CIS Kubernetes benchmarks on a cluster

Rules/Playbooks

There are many things which are well documented from support perspective today but not “codified”, the Kube-checker fills that gap. For example, detecting that a job’s history has grown way too long and is consuming space is something most teams can do today by running a few commands, but can be handy if available as a one click utility and Kube-checker has many such utilities to enable faster remediation of problems. Some more sample rules that are part of Kube-checker:

  • A pod should not use default service account and should use a custom service account instead.
  • A pod should have resource requirement clearly defined (Supported by Klint as of now)
  • A pod should have a security context defined.
  • Using latest tag or no tag on a container image should be avoided, it makes it difficult to rollback and identify currently running version.
  • Stopped containers on a node consuming space should be cleaned up periodically using garbage collection/some other mechanism.
  • Checking if there are too many services of type “LoadBalancer”, creating equivalent public facing LBs in cloud provider and can be potentially replaced with an Ingress Controller

Roadmap

How to Contribute

About

Kube-checker checks your Kubernetes cluster and provides recommendations and best practices

Topics

kubernetes golang validation best-practices kubernetes-cluster kube-checker

Resources

Readme
Activity
Custom properties

Stars

9 stars

Watchers

5 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •  

Languages