Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings
This repository was archived by the owner on Apr 8, 2022. It is now read-only.

Watch k8s events and trigger Handlers

License

NotificationsYou must be signed in to change notification settings

vmware-archive/kubewatch

Repository files navigation

VMware has made the difficult decision to stop driving this project and therefore we will no longer actively respond to issues or pull requests. The project will be externally maintained in the following fork:https://github.com/robusta-dev/kubewatch

Thank You.

Build StatusGo Report CardGoDocLicense

kubewatch is a Kubernetes watcher that currently publishes notification to available collaboration hubs/notification channels. Run it in your k8s cluster, and you will get event notifications through webhooks.

Usage

$ kubewatch -hKubewatch: A watcher for Kuberneteskubewatch is a Kubernetes watcher that publishes notificationsto Slack/hipchat/mattermost/flock channels. It watches the clusterfor resource changes and notifies them through webhooks.supported webhooks: - slack - hipchat - mattermost - flock - webhook - smtpUsage:  kubewatch [flags]  kubewatch [command]Available Commands:  config      modify kubewatch configuration  resource    manage resources to be watched  version     print versionFlags:  -h, --help   help for kubewatchUse "kubewatch [command] --help" for more information about a command.

Install

Cluster Installation

Using helm:

When you have helm installed in your cluster, use the following setup:

helm install --name kubewatch bitnami/kubewatch --set='rbac.create=true,slack.channel=#YOUR_CHANNEL,slack.token=xoxb-YOUR_TOKEN,resourcesToWatch.pod=true,resourcesToWatch.daemonset=true'

You may also provide a values file instead:

rbac:create:trueresourcesToWatch:deployment:falsereplicationcontroller:falsereplicaset:falsedaemonset:falseservices:truepod:truejob:falsenode:falseclusterrole:trueserviceaccount:truepersistentvolume:falsenamespace:falsesecret:falseconfigmap:falseingress:falseslack:channel:'#YOUR_CHANNEL'token:'xoxb-YOUR_TOKEN'

And use that:

$helm upgrade --install kubewatch bitnami/kubewatch --values=values-file.yml

Using kubectl:

In order to run kubewatch in a Kubernetes cluster quickly, the easiest way is for you to create aConfigMap to hold kubewatch configuration.

An example is provided atkubewatch-configmap.yaml, do not forget to update your own slack channel and token parameters. Alternatively, you could use secrets.

Create k8s configmap:

$kubectl create -f kubewatch-configmap.yaml

Create thePod directly, or create your own deployment:

$kubectl create -f kubewatch.yaml

Akubewatch container will be created along withkubectl sidecar container in order to reach the API server.

Once the Pod is running, you will start seeing Kubernetes events in your configured Slack channel. Here is a screenshot:

slack

To modify what notifications you get, update thekubewatch ConfigMap and turn on and off (true/false) resources:

resource:  deployment: false  replicationcontroller: false  replicaset: false  daemonset: false  services: true  pod: true  job: false  node: false  clusterrole: false  serviceaccount: false  persistentvolume: false  namespace: false  secret: false  configmap: false  ingress: false

Working with RBAC

Kubernetes Engine clusters running versions 1.6 or higher introduced Role-Based Access Control (RBAC). We can createServiceAccount for it to work with RBAC.

$kubectl create -f kubewatch-service-account.yaml

If you do not have permission to create it, you need to become an admin first. For example, in GKE you would run:

$ kubectl create clusterrolebinding cluster-admin-binding --clusterrole=cluster-admin --user=REPLACE_EMAIL_HERE

Editkubewatch.yaml, and create a new field underspec withserviceAccountName: kubewatch, you can achieve this by running:

$sed -i'/spec:/a\ \ serviceAccountName: kubewatch' kubewatch.yaml

Then just createpod as usual with:

$kubectl create -f kubewatch.yaml

Local Installation

Using go package installer:

#Download and install kubewatch$go get -u github.com/bitnami-labs/kubewatch#Configure the notification channel$kubewatch config add slack --channel<slack_channel> --token<slack_token>#Add resources to be watched$kubewatch resource add --po --svcINFO[0000] resource svc configuredINFO[0000] resource po configured#start kubewatch server$kubewatchINFO[0000] Starting kubewatch controller                 pkg=kubewatch-serviceINFO[0000] Starting kubewatch controller                 pkg=kubewatch-podINFO[0000] Processing add to service: default/kubernetes  pkg=kubewatch-serviceINFO[0000] Processing add to service: kube-system/tiller-deploy  pkg=kubewatch-serviceINFO[0000] Processing add to pod: kube-system/tiller-deploy-69ffbf64bc-h8zxm  pkg=kubewatch-podINFO[0000] Kubewatch controller synced and ready         pkg=kubewatch-serviceINFO[0000] Kubewatch controller synced and ready         pkg=kubewatch-pod

Using Docker:

To Run Kubewatch Container interactively, place the config file in$HOME/.kubewatch.yaml location and use the following command.

docker run --rm -it --network host -v $HOME/.kubewatch.yaml:/root/.kubewatch.yaml -v $HOME/.kube/config:/opt/bitnami/kubewatch/.kube/config --name <container-name> bitnami/kubewatch

Example:

$ docker run --rm -it --network host -v $HOME/.kubewatch.yaml:/root/.kubewatch.yaml -v $HOME/.kube/config:/opt/bitnami/kubewatch/.kube/config --name kubewatch-app bitnami/kubewatch==> Writing config file...INFO[0000] Starting kubewatch controller                 pkg=kubewatch-serviceINFO[0000] Starting kubewatch controller                 pkg=kubewatch-podINFO[0000] Starting kubewatch controller                 pkg=kubewatch-deploymentINFO[0000] Starting kubewatch controller                 pkg=kubewatch-namespaceINFO[0000] Processing add to namespace: kube-node-lease  pkg=kubewatch-namespaceINFO[0000] Processing add to namespace: kube-public      pkg=kubewatch-namespaceINFO[0000] Processing add to namespace: kube-system      pkg=kubewatch-namespaceINFO[0000] Processing add to namespace: default          pkg=kubewatch-namespace....

To Demonise Kubewatch container use

$ docker run --rm -d --network host -v $HOME/.kubewatch.yaml:/root/.kubewatch.yaml -v $HOME/.kube/config:/opt/bitnami/kubewatch/.kube/config --name kubewatch-app bitnami/kubewatch

Configure

Kubewatch supportsconfig command for configuration. Config file will be saved at$HOME/.kubewatch.yaml

$ kubewatch config -hconfig command allows admin setup his own configuration for running kubewatchUsage:  kubewatch config [flags]  kubewatch config [command]Available Commands:  add         add webhook config to .kubewatch.yaml  test        test handler config present in .kubewatch.yaml  view        view .kubewatch.yamlFlags:  -h, --help   help for configUse "kubewatch config [command] --help" for more information about a command.

Example:

slack:

  • Create aslack Bot

  • Edit the Bot to customize its name, icon and retrieve the API token (it starts withxoxb-).

  • Invite the Bot into your channel by typing:/invite @name_of_your_bot in the Slack message area.

  • Add Api token to kubewatch config using the following steps

    $kubewatch config add slack --channel<slack_channel> --token<slack_token>

    You have an altenative choice to set your SLACK token, channel via environment variables:

    $export KW_SLACK_TOKEN='XXXXXXXXXXXXXXXX'$export KW_SLACK_CHANNEL='#channel_name'

flock:

  • Create aflock bot.

  • Add flock webhook url to config using the following command.

    $kubewatch config add flock --url<flock_webhook_url>

    You have an altenative choice to set your FLOCK URL

    $export KW_FLOCK_URL='https://api.flock.com/hooks/sendMessage/XXXXXXXX'

Testing Config

To test the handler config by send test messages use the following command.

$ kubewatch config test -hTests handler configs present in .kubewatch.yaml by sending test messagesUsage:  kubewatch config test [flags]Flags:  -h, --help   help for test

Example:

$ kubewatch config testTesting Handler configs from .kubewatch.yaml2019/06/03 12:29:23 Message successfully sent to channel ABCD at 1559545162.000100

Viewing config

To view the entire config file$HOME/.kubewatch.yaml use the following command.

$ kubewatch config viewContents of .kubewatch.yamlhandler:  slack:    token: xoxb-xxxxx-yyyy-zzz    channel: kube-watch  hipchat:    token: ""    room: ""    url: ""  mattermost:    channel: ""    url: ""    username: ""  flock:    url: ""  webhook:    url: ""resource:  deployment: false  replicationcontroller: false  replicaset: false  daemonset: false  services: false  pod: true  job: false  node: false  clusterrole: false  serviceaccount: false  persistentvolume: false  namespace: false  secret: false  configmap: false  ingress: falsenamespace: ""

Resources

To manage the resources being watched, use the following command, changes will be saved to$HOME/.kubewatch.yaml.

$ kubewatch resource -hmanage resources to be watchedUsage:  kubewatch resource [flags]  kubewatch resource [command]Available Commands:  add         adds specific resources to be watched  remove      remove specific resources being watchedFlags:      --clusterrole   watch for cluster roles      --cm            watch for plain configmaps      --deploy        watch for deployments      --ds            watch for daemonsets  -h, --help          help for resource      --ing           watch for ingresses      --job           watch for jobs      --node          watch for Nodes      --ns            watch for namespaces      --po            watch for pods      --pv            watch for persistent volumes      --rc            watch for replication controllers      --rs            watch for replicasets      --sa            watch for service accounts      --secret        watch for plain secrets      --svc           watch for servicesUse "kubewatch resource [command] --help" for more information about a command.

Add/Remove resource:

$ kubewatch resource add -hadds specific resources to be watchedUsage:  kubewatch resource add [flags]Flags:  -h, --help   help for addGlobal Flags:      --clusterrole   watch for cluster roles      --cm            watch for plain configmaps      --deploy        watch for deployments      --ds            watch for daemonsets      --ing           watch for ingresses      --job           watch for jobs      --node          watch for Nodes      --ns            watch for namespaces      --po            watch for pods      --pv            watch for persistent volumes      --rc            watch for replication controllers      --rs            watch for replicasets      --sa            watch for service accounts      --secret        watch for plain secrets      --svc           watch for services

Example:

#rc, po and svc will be watched$kubewatch resource add --rc --po --svc#rc, po and svc will be stopped from being watched$kubewatch resource remove --rc --po --svc

Build

Using go

Clone the repository anywhere:

$git clone https://github.com/bitnami-labs/kubewatch.git$cd kubewatch$go build

or

You can also use the Makefile directly:

$make build

Prerequisites

  • You need to haveGo (v1.5 or later) installed. Make sure to set$GOPATH

Using Docker

$make docker-image$docker imagesREPOSITORY          TAG                 IMAGE ID            CREATED              SIZEkubewatch           latest              919896d3cd90        3 minutes ago       27.9MB

Prerequisites

  • you need to havedocker installed.

Contribution

Refer to thecontribution guidelines to get started.

About

Watch k8s events and trigger Handlers

Topics

Resources

License

Security policy

Stars

Watchers

Forks

Packages

No packages published

Contributors31

Languages

[8]ページ先頭
©2009-2025 Movatter.jp