A relational TypeScript SDK for querying Kubernetes resources in any cluster, either on-prem or in any cloud.
Users write a program using the relational query SDK, and then run them with the pulumi query
subcommand of the Pulumi CLI. There are many
examples. This one finds all distinct versions of MySQL running in your cluster:
import * as kq from "@pulumi/query-kubernetes";
// Find all distinct versions of MySQL running in your cluster.
const mySqlVersions = kq
.list("v1", "Pod")
.flatMap(pod => pod.spec.containers)
.map(container => container.image)
.filter(imageName => imageName.includes("mysql"))
.distinct();
mySqlVersions.forEach(console.log);pulumi query will inspect your local kubeconfig file for the active context, and run the query
programmatically against the resources in the cluster it points to.
Operations:
- Which applications are scheduled on nodes that report high memory pressure? (See example.)
- What is the difference between the last two rollouts of a Deployment? (See example.)
- Which applications are currently emitting logs that contain the text "ERROR:", and why?
Security and Compliance:
- Which Service Accounts have access to this Secret?
- Which CertificateSigningRequests were approved this week, and what are they being used for? (See example.)
Governance:
- Which Services are publicly exposed to the Internet?
- How many distinct versions of the mysql container are running in all of my clusters? (See example.)
- Pulumi CLI version > 1.5.0.
The directory sdk/nodejs/examples/list contains many example queries.
cd sdk/nodejs/examples/list
yarn installNow from that directory, you can run pulumi query. The default example prints
a simple report of all namespaces live in the cluster of your active $KUBECONFIG context.
PULUMI_DEBUG_COMMANDS=true pulumi queryOnce you've done this, have a look at the examples directory, which contains many more interesting
sample queries which you can modify to your uses.
![@dependabot[bot]](https://avatars.githubusercontent.com/in/29110?s=64&v=4){kind=small}