tohjustin / kube-lineage Goto Github PK
View Code? Open in Web Editor NEWA CLI tool to display all dependencies or dependents of an object in a Kubernetes cluster.
License: Apache License 2.0
A CLI tool to display all dependencies or dependents of an object in a Kubernetes cluster.
License: Apache License 2.0
Thanks so much for your great work here!!!
It'd be so amazing if there were the ability to query by label for "multiple root elements". For example say we have multiple objects all correlated by label, but with their own lineage's below them. They are related and I'd like to view them all at the same time, with a single query.
kubectl lineage --selector app=my-awesome-app
as an example
Shorthand being -l
Query for elements that don't have owner-refs and define them as "roots" and apply the standard algorithm and render from there.
Thank you for this wonderful tool!
I saw that it lists PVs and PVCs as supported object relationship, but it doesn't seem to make any connection between PVs and PVCs (doesn't seem to follow claimRefs). This would be great to be able to connect PVs with the rest of the graph (including pods, etc.)!
Thank your very much for this great tool.
Could you please explain in the README (and/or in -h
) the difference between dependencies and dependents?
Are you sure "dependencies" is the correct term?
❯ k lineage cluster host-cluster -o=wide
NAME READY STATUS AGE RELATIONSHIPS
Cluster/host-cluster True 69d []
├── HCloudMachineTemplate/host-cluster-control-plane - 69d [OwnerReference]
├── HCloudMachineTemplate/host-cluster-md-0 - 69d [OwnerReference]
├── HetznerCluster/host-cluster - 69d [ControllerReference OwnerReference]
│ ├── Secret/hetzner - 69d [OwnerReference]
│ └── Secret/host-cluster-kubeconfig - 69d [OwnerReference]
With option -D
❯ k lineage -D Secret/host-cluster-kubeconfig
NAME READY STATUS AGE
Secret/host-cluster-kubeconfig - 69d
├── HetznerCluster/host-cluster - 69d
│ └── Cluster/host-cluster True 69d
└── KubeadmControlPlane/host-cluster-control-plane True 69d
└── Cluster/host-cluster True 69d
For me -D
looks like reverse-dependencies to me.
I see this output for my CRDs:
NAME READY STATUS AGE
ClusterStrong/clusterstrong - 6h15m
├── ClusterStrongRelease/hello-apalla-1-26-v6 True 6h15m
└── HelloClusterStrongRelease/hello-apalla-1-26-v6 - 6h15m
ClusterStrong/clusterstrong - 6h15m
├── ClusterStrongRelease/hello-apalla-1-26-v6 True 6h15m
└── HelloClusterStrongRelease/hello-apalla-1-26-v6 - 6h15m
├── HelloNodeImageRelease/hello-apalla-1-26-controlplaneamd64cloud-v5 - 6h15m
└── HelloNodeImageRelease/hello-apalla-1-26-workeramd64cloud-v5 - ly fetched new release tag hello-apalla-1-26-v6 29m
├── HelloNodeImageRelease/hello-apalla-1-26-controlplaneamd64cloud-v5 - 6h15m
└── HelloNodeImageRelease/hello-apalla-1-26-workeramd64cloud-v5 -
For some CRDs the Ready column is "True", but for some I see only "-".
If I use kubectl describe
I see that the Status.Ready is true (a non optional boolean).
Why does linage show "-" instead of "True"?
I have an event with a long text from time to time:
│ ├── Event/test-dfkhje-7wnxg.177a0a977f4c6837 - ControlPlaneUnhealthy: Waiting for control plane to pass preflight checks to continue reconciliation: Machine test-dfkhje-7wnxg-6snkf reports EtcdMemberHealthy condition is unknown (Failed to connect to the etcd pod on the test-dfkhje-control-plane-qhfkf-sszhr node: could not establish a connection to any etcd node: unable to create etcd client: context deadline exceeded) (x11) 5m15s
Since this means the whole column has this width, it has this drawback.
I can see it without line breaks by using a tiny font on the console (ctrl minus):
But as soon as I use a bigger font, the lines are ugly, because the age (last column) gets wrapped to the next line:
Feature request: break text if too long.
I scanned it in my cluster and a lot of cves came up in it
I removed them and also added it to build standalone binaries in the git action for amd and arm
I have my own fork if anyone needs it till its merged:
https://github.com/Avi-Robusta/kube-lineage/releases/tag/v2.0.2
Hey @tohjustin 👋 :)
I think I've experienced a bug and hope this report helps improving your wonderful tool.
Please let me know if you want more info or something else!
I've installed package-operator which brings its own CRDs which are strictly organized in a hierarchy.
After installation of the operator [1], there is a tree of objects, glued together by ownerReferences
that looks like this:
ClusterPackage/package-operator
-> ClusterObjectDeployment/package-operator
-> ClusterObjectSet/package-operator-$hash
-> Actual kubernetes objects
But some object relations are missing from kubectl-lineage's output. This is the output for kubectl lineage clusterpackage package-operator
:
NAME READY STATUS AGE
ClusterPackage/package-operator - 3m35s
└── ClusterObjectDeployment/package-operator - 3m34s
└── ClusterObjectSet/package-operator-56496479f6 - 3m33s
├── ClusterRole/package-operator-remote-phase-manager - 3m17s
├── ClusterRoleBinding/package-operator - 3m44s
├── CustomResourceDefinition/clusterobjectdeployments.package-operator.run - 3m37s
├── CustomResourceDefinition/clusterobjectsetphases.package-operator.run - 3m37s
├── CustomResourceDefinition/clusterobjectsets.package-operator.run - 3m37s
├── CustomResourceDefinition/clusterobjectslice.package-operator.run - 3m37s
├── CustomResourceDefinition/clusterobjecttemplates.package-operator.run - 3m37s
├── CustomResourceDefinition/clusterpackages.package-operator.run - 3m37s
├── CustomResourceDefinition/objectdeployments.package-operator.run - 3m37s
├── CustomResourceDefinition/objectsetphases.package-operator.run - 3m37s
├── CustomResourceDefinition/objectsets.package-operator.run - 3m37s
├── CustomResourceDefinition/objectslice.package-operator.run - 3m37s
├── CustomResourceDefinition/objecttemplates.package-operator.run - 3m37s
├── CustomResourceDefinition/packages.package-operator.run - 3m37s
└── Namespace/package-operator-system - 4m22s
I know that there is a missing ServiceAccount which I can reverse query for its dependencies with kubectl lineage -D -n package-operator-system ServiceAccount/package-operator
:
NAMESPACE NAME READY STATUS AGE
package-operator-system ServiceAccount/package-operator - 5m31s
├── ClusterObjectSet/package-operator-56496479f6 - 5m20s
│ └── ClusterObjectDeployment/package-operator - 5m21s
│ └── ClusterPackage/package-operator - 5m22s
├── ClusterRoleBinding/package-operator - 5m31s
│ ├── ClusterObjectSet/package-operator-56496479f6 - 5m20s
│ └── ClusterRole/cluster-admin - 6m56s
├── ClusterRoleBinding/system:basic-user - 6m56s
│ └── ClusterRole/system:basic-user - 6m56s
├── ClusterRoleBinding/system:discovery - 6m56s
│ └── ClusterRole/system:discovery - 6m56s
├── ClusterRoleBinding/system:public-info-viewer - 6m56s
│ └── ClusterRole/system:public-info-viewer - 6m56s
└── ClusterRoleBinding/system:service-account-issuer-discovery - 6m56s
└── ClusterRole/system:service-account-issuer-discovery - 6m56s
and also a deployment kubectl lineage -D -n package-operator-system Deployment/package-operator-manager
:
NAMESPACE NAME READY STATUS AGE
package-operator-system Deployment/package-operator-manager 1/1 11m
└── ClusterObjectSet/package-operator-56496479f6 - 11m
└── ClusterObjectDeployment/package-operator - 11m
└── ClusterPackage/package-operator - 11m
I'll link the Package
sources for reference [2]. The full list of missing dependent objects should be:
All objects have proper ownerReferences
set up. I've tried to include all relevant object manifest in the attached dump. [3]
[1]
kubectl apply -f https://github.com/package-operator/package-operator/releases/download/v1.6.5/self-bootstrap-job.yaml
[2] https://github.com/package-operator/package-operator/tree/v1.6.6/config/packages/package-operator
[3] package-operator-objectdump.tar.gz
Similar issue fixed in helm: helm/helm#6361
i love the plugin and use it alot! the one issue i have is that when running this on a long living object which either it or dependent objects have lots of historical events, the output is unclear and an event can and very often is tansient (for example waiting for PV etc.).
is it possible to have a flag that would allow filtering out resources shown in the tree something like:
kubectl lineage deployment/demo-app --exclude=events
or even one that would be specific to events:
kubectl lineage deployment/demo-app --exclude-events=true
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.