analysis

package
v4.2.0-alpha.0+incompa... Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Aug 2, 2019 License: Apache-2.0 Imports: 14 Imported by: 0

Documentation

Index

Constants

View Source
const (
	// HPAMissingScaleRefError denotes an error where a Horizontal Pod Autoscaler does not have a reference to an object to scale
	HPAMissingScaleRefError = "HPAMissingScaleRef"
	// HPAMissingCPUTargetError denotes an error where a Horizontal Pod Autoscaler does not have a CPU target to scale by.
	// Currently, the only supported scale metric is CPU utilization, so without this metric an HPA is useless.
	HPAMissingCPUTargetError = "HPAMissingCPUTarget"
	// HPAOverlappingScaleRefWarning denotes a warning where a Horizontal Pod Autoscaler scales an object that is scaled by some other object as well
	HPAOverlappingScaleRefWarning = "HPAOverlappingScaleRef"
)
View Source
const (
	CrashLoopingPodError = "CrashLoopingPod"
	RestartingPodWarning = "RestartingPod"

	RestartThreshold = 5
	// TODO: if you change this, you must change the messages below.
	RestartRecentDuration = 10 * time.Minute
)
View Source
const (
	UnmountableSecretWarning    = "UnmountableSecret"
	MissingSecretWarning        = "MissingSecret"
	MissingLivenessProbeWarning = "MissingLivenessProbe"
)
View Source
const (
	DuelingReplicationControllerWarning = "DuelingReplicationControllers"
)

Variables

This section is empty.

Functions

func CheckForUnmountableSecrets

func CheckForUnmountableSecrets(g osgraph.Graph, podSpecNode *kubegraph.PodSpecNode) []*kubegraph.SecretNode

CheckForUnmountableSecrets checks to be sure that all the referenced secrets are mountable (by service account)

func CheckMissingMountedSecrets

func CheckMissingMountedSecrets(g osgraph.Graph, podSpecNode *kubegraph.PodSpecNode) []*kubegraph.SecretNode

CheckMissingMountedSecrets checks to be sure that all the referenced secrets are present (not synthetic)

func ContainerRestartedRecently

func ContainerRestartedRecently(status corev1.ContainerStatus, now metav1.Time) bool

func FindDuelingReplicationControllers

func FindDuelingReplicationControllers(g osgraph.Graph, f osgraph.Namer) []osgraph.Marker

func FindHPASpecsMissingCPUTargets

func FindHPASpecsMissingCPUTargets(graph osgraph.Graph, namer osgraph.Namer) []osgraph.Marker

FindHPASpecsMissingCPUTargets scans the graph in search of HorizontalPodAutoscalers that are missing a CPU utilization target. As of right now, the only metric that HPAs can use to scale pods is the CPU utilization, so if a HPA is missing this target it is effectively useless.

func FindHPASpecsMissingScaleRefs

func FindHPASpecsMissingScaleRefs(graph osgraph.Graph, namer osgraph.Namer) []osgraph.Marker

FindHPASpecsMissingScaleRefs finds all Horizontal Pod Autoscalers whose scale reference points to an object that doesn't exist or that the client does not have the permission to see.

func FindMissingLivenessProbes

func FindMissingLivenessProbes(g osgraph.Graph, f osgraph.Namer, setProbeCommand string) []osgraph.Marker

FindMissingLivenessProbes inspects all PodSpecs for missing liveness probes and generates a list of non-duplicate markers

func FindMissingSecrets

func FindMissingSecrets(g osgraph.Graph, f osgraph.Namer) []osgraph.Marker

FindMissingSecrets inspects all PodSpecs for any Secret reference that is a synthetic node (not a pre-existing node in the graph)

func FindOverlappingHPAs

func FindOverlappingHPAs(graph osgraph.Graph, namer osgraph.Namer) []osgraph.Marker

FindOverlappingHPAs scans the graph in search of HorizontalPodAutoscalers that are attempting to scale the same set of pods. This can occur in two ways:

  • 1. label selectors for two ReplicationControllers/DeploymentConfigs/etc overlap
  • 2. multiple HorizontalPodAutoscalers are attempting to scale the same ReplicationController/DeploymentConfig/etc

Case 1 is handled by deconflicting the area of influence of ReplicationControllers/DeploymentConfigs/etc, and therefore we can assume that it will be handled before this step. Therefore, we are only concerned with finding HPAs that are trying to scale the same resources.

The algorithm that is used to implement this check is described as follows:

  • create a sub-graph containing only HPA nodes and other nodes that can be scaled, as well as any scaling edges or other edges used to connect between objects that can be scaled
  • for every resulting edge in the new sub-graph, create an edge in the reverse direction
  • find the shortest paths between all HPA nodes in the graph
  • shortest paths connecting two horizontal pod autoscalers are used to create markers for the graph

func FindRestartingPods

func FindRestartingPods(g osgraph.Graph, f osgraph.Namer, logsCommandName, securityPolicyCommandPattern string) []osgraph.Marker

FindRestartingPods inspects all Pods to see if they've restarted more than the threshold. logsCommandName is the name of the command that should be invoked to see pod logs. securityPolicyCommandPattern is a format string accepting two replacement variables for fmt.Sprintf - 1, the namespace of the current pod, 2 the service account of the pod.

func FindUnmountableSecrets

func FindUnmountableSecrets(g osgraph.Graph, f osgraph.Namer) []osgraph.Marker

FindUnmountableSecrets inspects all PodSpecs for any Secret reference that isn't listed as mountable by the referenced ServiceAccount

Types

This section is empty.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL