用 KRAWL 脚本来识别 Kubernetes Pod 和容器中的错误。
当你使用 Kubernetes 运行容器时,你通常会发现它们堆积在一起。这是设计使然。它是容器的优点之一:每当需要新的容器时,它们启动成本都很低。你可以使用前端工具(如 OpenShift 或 OKD)来管理 Pod 和容器。这些工具使可视化设置变得容易,并且它具有一组丰富的用于快速交互的命令。
如果管理容器的平台不符合你的要求,你也可以仅使用 Kubernetes 工具链获取这些信息,但这需要大量命令才能全面了解复杂环境。出于这个原因,我编写了 KRAWL,这是一个简单的脚本,可用于扫描 Kubernetes 集群命名空间下的 Pod 和容器,并在发现任何事件时,显示事件的输出。它也可用作为 Kubernetes 插件使用。这是获取大量有用信息的快速简便方法。
先决条件
- 必须安装
kubectl
。 - 集群的 kubeconfig 配置必须在它的默认位置(
$HOME/.kube/config
)或已被导出到环境变量(KUBECONFIG=/path/to/kubeconfig
)。
使用
$ ./krawl
脚本
#!/bin/bash
# AUTHOR: Abhishek Tamrakar
# EMAIL: abhishek.tamrakar08@gmail.com
# LICENSE: Copyright (C) 2018 Abhishek Tamrakar
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
##
#define the variables
KUBE_LOC=~/.kube/config
#define variables
KUBECTL=$(which kubectl)
GET=$(which egrep)
AWK=$(which awk)
red=$(tput setaf 1)
normal=$(tput sgr0)
# define functions
# wrapper for printing info messages
info()
{
printf '\n\e[34m%s\e[m: %s\n' "INFO" "$@"
}
# cleanup when all done
cleanup()
{
rm -f results.csv
}
# just check if the command we are about to call is available
checkcmd()
{
#check if command exists
local cmd=$1
if [ -z "${!cmd}" ]
then
printf '\n\e[31m%s\e[m: %s\n' "ERROR" "check if $1 is installed !!!"
exit 1
fi
}
get_namespaces()
{
#get namespaces
namespaces=( \
$($KUBECTL get namespaces --ignore-not-found=true | \
$AWK '/Active/ {print $1}' \
ORS=" ") \
)
#exit if namespaces are not found
if [ ${#namespaces[@]} -eq 0 ]
then
printf '\n\e[31m%s\e[m: %s\n' "ERROR" "No namespaces found!!"
exit 1
fi
}
#get events for pods in errored state
get_pod_events()
{
printf '\n'
if [ ${#ERRORED[@]} -ne 0 ]
then
info "${#ERRORED[@]} errored pods found."
for CULPRIT in ${ERRORED[@]}
do
info "POD: $CULPRIT"
info
$KUBECTL get events \
--field-selector=involvedObject.name=$CULPRIT \
-ocustom-columns=LASTSEEN:.lastTimestamp,REASON:.reason,MESSAGE:.message \
--all-namespaces \
--ignore-not-found=true
done
else
info "0 pods with errored events found."
fi
}
#define the logic
get_pod_errors()
{
printf "%s %s %s\n" "NAMESPACE,POD_NAME,CONTAINER_NAME,ERRORS" > results.csv
printf "%s %s %s\n" "---------,--------,--------------,------" >> results.csv
for NAMESPACE in ${namespaces[@]}
do
while IFS=' ' read -r POD CONTAINERS
do
for CONTAINER in ${CONTAINERS//,/ }
do
COUNT=$($KUBECTL logs --since=1h --tail=20 $POD -c $CONTAINER -n $NAMESPACE 2>/dev/null| \
$GET -c '^error|Error|ERROR|Warn|WARN')
if [ $COUNT -gt 0 ]
then
STATE=("${STATE[@]}" "$NAMESPACE,$POD,$CONTAINER,$COUNT")
else
#catch pods in errored state
ERRORED=($($KUBECTL get pods -n $NAMESPACE --no-headers=true | \
awk '!/Running/ {print $1}' ORS=" ") \
)
fi
done
done results.csv
STATE=()
}
#define usage for seprate run
usage()
{
cat