用 KRAWL 脚本来识别 Kubernetes Pod 和容器中的错误。

当你使用 Kubernetes 运行容器时，你通常会发现它们堆积在一起。这是设计使然。它是容器的优点之一：每当需要新的容器时，它们启动成本都很低。你可以使用前端工具（如 OpenShift 或 OKD）来管理 Pod 和容器。这些工具使可视化设置变得容易，并且它具有一组丰富的用于快速交互的命令。

如果管理容器的平台不符合你的要求，你也可以仅使用 Kubernetes 工具链获取这些信息，但这需要大量命令才能全面了解复杂环境。出于这个原因，我编写了 KRAWL，这是一个简单的脚本，可用于扫描 Kubernetes 集群命名空间下的 Pod 和容器，并在发现任何事件时，显示事件的输出。它也可用作为 Kubernetes 插件使用。这是获取大量有用信息的快速简便方法。

先决条件

• 必须安装 kubectl。
• 集群的 kubeconfig 配置必须在它的默认位置（$HOME/.kube/config）或已被导出到环境变量（KUBECONFIG=/path/to/kubeconfig）。

使用

1. $ ./krawl

KRAWL script

脚本

1. #!/bin/bash
2. # AUTHOR: Abhishek Tamrakar
3. # EMAIL: abhishek.tamrakar08@gmail.com
4. # LICENSE: Copyright (C) 2018 Abhishek Tamrakar
5. #
6. # Licensed under the Apache License, Version 2.0 (the "License");
7. # you may not use this file except in compliance with the License.
8. # You may obtain a copy of the License at
9. #
10. # http://www.apache.org/licenses/LICENSE-2.0
11. #
12. # Unless required by applicable law or agreed to in writing, software
13. # distributed under the License is distributed on an "AS IS" BASIS,
14. # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15. # See the License for the specific language governing permissions and
16. # limitations under the License.
17. ##
18. #define the variables
19. KUBE_LOC=~/.kube/config
20. #define variables
21. KUBECTL=$(which kubectl)
22. GET=$(which egrep)
23. AWK=$(which awk)
24. red=$(tput setaf 1)
25. normal=$(tput sgr0)
26. # define functions
27.  
28. # wrapper for printing info messages
29. info()
30. {
31. printf '\n\e[34m%s\e[m: %s\n' "INFO" "$@"
32. }
33.  
34. # cleanup when all done
35. cleanup()
36. {
37. rm -f results.csv
38. }
39.  
40. # just check if the command we are about to call is available
41. checkcmd()
42. {
43. #check if command exists
44. local cmd=$1
45. if [ -z "${!cmd}" ]
46. then
47. printf '\n\e[31m%s\e[m: %s\n' "ERROR" "check if $1 is installed !!!"
48. exit 1
49. fi
50. }
51.  
52. get_namespaces()
53. {
54. #get namespaces
55. namespaces=( \
56. $($KUBECTL get namespaces --ignore-not-found=true | \
57. $AWK '/Active/ {print $1}' \
58. ORS=" ") \
59. )
60. #exit if namespaces are not found
61. if [ ${#namespaces[@]} -eq 0 ]
62. then
63. printf '\n\e[31m%s\e[m: %s\n' "ERROR" "No namespaces found!!"
64. exit 1
65. fi
66. }
67.  
68. #get events for pods in errored state
69. get_pod_events()
70. {
71. printf '\n'
72. if [ ${#ERRORED[@]} -ne 0 ]
73. then
74. info "${#ERRORED[@]} errored pods found."
75. for CULPRIT in ${ERRORED[@]}
76. do
77. info "POD: $CULPRIT"
78. info
79. $KUBECTL get events \
80. --field-selector=involvedObject.name=$CULPRIT \
81. -ocustom-columns=LASTSEEN:.lastTimestamp,REASON:.reason,MESSAGE:.message \
82. --all-namespaces \
83. --ignore-not-found=true
84. done
85. else
86. info "0 pods with errored events found."
87. fi
88. }
89.  
90. #define the logic
91. get_pod_errors()
92. {
93. printf "%s %s %s\n" "NAMESPACE,POD_NAME,CONTAINER_NAME,ERRORS" > results.csv
94. printf "%s %s %s\n" "---------,--------,--------------,------" >> results.csv
95. for NAMESPACE in ${namespaces[@]}
96. do
97. while IFS=' ' read -r POD CONTAINERS
98. do
99. for CONTAINER in ${CONTAINERS//,/ }
100. do
101. COUNT=$($KUBECTL logs --since=1h --tail=20 $POD -c $CONTAINER -n $NAMESPACE 2>/dev/null| \
102. $GET -c '^error|Error|ERROR|Warn|WARN')
103. if [ $COUNT -gt 0 ]
104. then
105. STATE=("${STATE[@]}" "$NAMESPACE,$POD,$CONTAINER,$COUNT")
106. else
107. #catch pods in errored state
108. ERRORED=($($KUBECTL get pods -n $NAMESPACE --no-headers=true | \
109. awk '!/Running/ {print $1}' ORS=" ") \
110. )
111. fi
112. done
113. done< <($KUBECTL get pods -n $NAMESPACE --ignore-not-found=true -o=custom-columns=NAME:.metadata.name,CONTAINERS:.spec.containers[*].name --no-headers=true)
114. done
115. printf "%s\n" ${STATE[@]:-None} >> results.csv
116. STATE=()
117. }
118. #define usage for seprate run
119. usage()
120. {
121. cat << EOF
122.  
123. USAGE: "${0##*/} </path/to/kube-config>(optional)"
124.  
125. This program is a free software under the terms of Apache 2.0 License.
126. COPYRIGHT (C) 2018 Abhishek Tamrakar
127.  
128. EOF
129. exit 0
130. }
131.  
132. #check if basic commands are found
133. trap cleanup EXIT
134. checkcmd KUBECTL
135. #
136. #set the ground
137. if [ $# -lt 1 ]; then
138. if [ ! -e ${KUBE_LOC} -a ! -s ${KUBE_LOC} ]
139. then
140. info "A readable kube config location is required!!"
141. usage
142. fi
143. elif [ $# -eq 1 ]
144. then
145. export KUBECONFIG=$1
146. elif [ $# -gt 1 ]
147. then
148. usage
149. fi
150. #play
151. get_namespaces
152. get_pod_errors
153.  
154. printf '\n%40s\n' 'KRAWL'
155. printf '%s\n' '---------------------------------------------------------------------------------'
156. printf '%s\n' ' Krawl is a command line utility to scan pods and prints name of errored pods '
157. printf '%s\n\n' ' +and containers within. To use it as kubernetes plugin, please check their page '
158. printf '%s\n' '================================================================================='
159.  
160. cat results.csv | sed 's/,/,|/g'| column -s ',' -t
161. get_pod_events

此文最初发布在 KRAWL 的 GitHub 仓库下的 README 中，并被或许重用。

via: https://opensource.com/article/20/2/kubernetes-scanner