Documentation ¶
Index ¶
- Constants
- func CheckForUnmountableSecrets(g osgraph.Graph, podSpecNode *kubegraph.PodSpecNode) []*kubegraph.SecretNode
- func CheckMissingMountedSecrets(g osgraph.Graph, podSpecNode *kubegraph.PodSpecNode) []*kubegraph.SecretNode
- func ContainerRestartedRecently(status corev1.ContainerStatus, now metav1.Time) bool
- func FindDuelingReplicationControllers(g osgraph.Graph, f osgraph.Namer) []osgraph.Marker
- func FindHPASpecsMissingCPUTargets(graph osgraph.Graph, namer osgraph.Namer) []osgraph.Marker
- func FindHPASpecsMissingScaleRefs(graph osgraph.Graph, namer osgraph.Namer) []osgraph.Marker
- func FindMissingLivenessProbes(g osgraph.Graph, f osgraph.Namer, setProbeCommand string) []osgraph.Marker
- func FindMissingSecrets(g osgraph.Graph, f osgraph.Namer) []osgraph.Marker
- func FindOverlappingHPAs(graph osgraph.Graph, namer osgraph.Namer) []osgraph.Marker
- func FindRestartingPods(g osgraph.Graph, f osgraph.Namer, ...) []osgraph.Marker
- func FindUnmountableSecrets(g osgraph.Graph, f osgraph.Namer) []osgraph.Marker
Constants ¶
const ( // HPAMissingScaleRefError denotes an error where a Horizontal Pod Autoscaler does not have a reference to an object to scale HPAMissingScaleRefError = "HPAMissingScaleRef" // HPAMissingCPUTargetError denotes an error where a Horizontal Pod Autoscaler does not have a CPU target to scale by. // Currently, the only supported scale metric is CPU utilization, so without this metric an HPA is useless. HPAMissingCPUTargetError = "HPAMissingCPUTarget" // HPAOverlappingScaleRefWarning denotes a warning where a Horizontal Pod Autoscaler scales an object that is scaled by some other object as well HPAOverlappingScaleRefWarning = "HPAOverlappingScaleRef" )
const ( CrashLoopingPodError = "CrashLoopingPod" RestartingPodWarning = "RestartingPod" RestartThreshold = 5 // TODO: if you change this, you must change the messages below. RestartRecentDuration = 10 * time.Minute )
const ( UnmountableSecretWarning = "UnmountableSecret" MissingSecretWarning = "MissingSecret" MissingLivenessProbeWarning = "MissingLivenessProbe" )
const (
DuelingReplicationControllerWarning = "DuelingReplicationControllers"
)
Variables ¶
This section is empty.
Functions ¶
func CheckForUnmountableSecrets ¶
func CheckForUnmountableSecrets(g osgraph.Graph, podSpecNode *kubegraph.PodSpecNode) []*kubegraph.SecretNode
CheckForUnmountableSecrets checks to be sure that all the referenced secrets are mountable (by service account)
func CheckMissingMountedSecrets ¶
func CheckMissingMountedSecrets(g osgraph.Graph, podSpecNode *kubegraph.PodSpecNode) []*kubegraph.SecretNode
CheckMissingMountedSecrets checks to be sure that all the referenced secrets are present (not synthetic)
func ContainerRestartedRecently ¶
func ContainerRestartedRecently(status corev1.ContainerStatus, now metav1.Time) bool
func FindHPASpecsMissingCPUTargets ¶
FindHPASpecsMissingCPUTargets scans the graph in search of HorizontalPodAutoscalers that are missing a CPU utilization target. As of right now, the only metric that HPAs can use to scale pods is the CPU utilization, so if a HPA is missing this target it is effectively useless.
func FindHPASpecsMissingScaleRefs ¶
FindHPASpecsMissingScaleRefs finds all Horizontal Pod Autoscalers whose scale reference points to an object that doesn't exist or that the client does not have the permission to see.
func FindMissingLivenessProbes ¶
func FindMissingLivenessProbes(g osgraph.Graph, f osgraph.Namer, setProbeCommand string) []osgraph.Marker
FindMissingLivenessProbes inspects all PodSpecs for missing liveness probes and generates a list of non-duplicate markers
func FindMissingSecrets ¶
FindMissingSecrets inspects all PodSpecs for any Secret reference that is a synthetic node (not a pre-existing node in the graph)
func FindOverlappingHPAs ¶
FindOverlappingHPAs scans the graph in search of HorizontalPodAutoscalers that are attempting to scale the same set of pods. This can occur in two ways:
- 1. label selectors for two ReplicationControllers/DeploymentConfigs/etc overlap
- 2. multiple HorizontalPodAutoscalers are attempting to scale the same ReplicationController/DeploymentConfig/etc
Case 1 is handled by deconflicting the area of influence of ReplicationControllers/DeploymentConfigs/etc, and therefore we can assume that it will be handled before this step. Therefore, we are only concerned with finding HPAs that are trying to scale the same resources.
The algorithm that is used to implement this check is described as follows:
- create a sub-graph containing only HPA nodes and other nodes that can be scaled, as well as any scaling edges or other edges used to connect between objects that can be scaled
- for every resulting edge in the new sub-graph, create an edge in the reverse direction
- find the shortest paths between all HPA nodes in the graph
- shortest paths connecting two horizontal pod autoscalers are used to create markers for the graph
func FindRestartingPods ¶
func FindRestartingPods(g osgraph.Graph, f osgraph.Namer, logsCommandName, securityPolicyCommandPattern string) []osgraph.Marker
FindRestartingPods inspects all Pods to see if they've restarted more than the threshold. logsCommandName is the name of the command that should be invoked to see pod logs. securityPolicyCommandPattern is a format string accepting two replacement variables for fmt.Sprintf - 1, the namespace of the current pod, 2 the service account of the pod.
Types ¶
This section is empty.