https://github.com/kubesphere/kubeeye

KubeEye aims to find various problems on Kubernetes, such as application misconfiguration, unhealthy cluster components and node problems.
https://github.com/kubesphere/kubeeye

cluster-analysis k8s kubeeye kubernetes observability

Last synced: 4 days ago
JSON representation

KubeEye aims to find various problems on Kubernetes, such as application misconfiguration, unhealthy cluster components and node problems.

• Host: GitHub
• URL: https://github.com/kubesphere/kubeeye
• Owner: kubesphere
• License: apache-2.0
• Created: 2020-11-07T18:12:40.000Z (almost 4 years ago)
• Default Branch: release-1.0
• Last Pushed: 2024-04-10T07:55:35.000Z (7 months ago)
• Last Synced: 2024-04-13T21:43:10.235Z (7 months ago)
• Topics: cluster-analysis, k8s, kubeeye, kubernetes, observability
• Language: Go
• Homepage: https://kubesphere.io
• Size: 204 MB
• Stars: 783
• Watchers: 17
• Forks: 130
• Open Issues: 25
• Metadata Files:
  • Readme: README.md
  • Contributing: CONTRIBUTING.md
  • License: LICENSE
  • Roadmap: docs/roadmap.md

Awesome Lists containing this project

• awesome-observability - KubeEye - KubeEye aims to find various problems on Kubernetes, such as application misconfiguration(using Polaris), cluster components unhealthy and node problems(using Node-Problem-Detector). (3. Collect / Events & Problems)
• go-awesome - KubeEye - detects various issues on Kubernetes through configuration rules (Open source library / Cluster Management)
• awesome-hacking-lists - kubesphere/kubeeye - KubeEye aims to find various problems on Kubernetes, such as application misconfiguration, unhealthy cluster components and node problems. (Go)
• awesome-ops - kubesphere/kubeeye - 2.0|804|2020-11-07|2024-09-25 | KubeEye 是为 Kubernetes 设计的巡检工具，用于发现 Kubernetes 资源（使用 OPA ）、集群组件、集群节点（使用Node-Problem-Detector）等配置是否符合最佳实践，对于不符合最佳实践的，将给出修改建议。 | (K8S-Tools)

README

        










> English | [中文](README_zh.md)

KubeEye is a cloud-native cluster inspection tool specifically designed for Kubernetes, capable of identifying issues and risks within the Kubernetes cluster based on custom rules.

## QuickStart

### Installation

Download the installation package from [Releases](https://github.com/kubesphere/kubeeye/releases), which includes Helm chart, demo rules, and images for offline installation.

```shell

VERSION=v1.0.0

wget https://github.com/kubesphere/kubeeye/releases/download/${VERSION}/kubeeye-offline-${VERSION}.tar.gz

tar -zxvf kubeeye-offline-${VERSION}.tar.gz

cd kubeeye-offline-${VERSION}

# offline installation, please import the images in the 'images' folder into the local container repository yourself and modify the images repo in `chart/kubeeye/values.yaml`.

helm upgrade --install kubeeye chart/kubeeye -n kubeeye-system --create-namespace

```

### Usage

#### Import Inspect Rules

   

> The `rule` directory in the installation package provides demo rules, which can be customized according to specific needs.

> Notice： Prometheus rules need to have the endpoint of Prometheus set in advance.

```shell

kubectl apply -f rule

```

#### Create Inspect Plan

Configure inspection plans on demand.

```shell

cat > plan.yaml << EOF

apiVersion: kubeeye.kubesphere.io/v1alpha2

kind: InspectPlan

metadata:

  name: inspectplan

spec:

  # The planned time for executing inspections only supports cron expressions. For example, '*/30 * * * ?' means that the inspection will be performed every 30 minutes.'

  # If only a single inspection is required, then remove this parameter.

  schedule: "*/30 * * * ?"

  # The maximum number of retained inspection results, if not filled in, will retain all.

  maxTasks: 10 

  # Should the inspection plan be paused, applicable only to periodic inspections, true or false (default is false).

  suspend: false

  # Inspection timeout, default 10 minutes.

  timeout: 10m

  # Inspection rule list, used to associate corresponding inspection rules, please fill in the inspectRule name.

  # Execute `kubectl get inspectrule` to view the inspection rules in the cluster.

  ruleNames:

    - name: inspect-rule-filter-file

    - name: inspect-rule-node-info

    - name: inspect-rule-node

    - name: inspect-rule-sbnormalpodstatus 

    - name: inspect-rule-deployment

    - name: inspect-rule-sysctl

    - name: inspect-rule-prometheus

    - name: inspect-rule-filechange

    - name: inspect-rule-systemd

  # nodeName: master

  # nodeSelector:

  #   node-role.kubernetes.io/master: ""        

  # Multi-cluster inspection (currently only supports multi-cluster inspection in KubeSphere)

  # clusterName: 

  # - name: host

EOF

kubectl apply -f plan.yaml

```

#### Obtaining Inspection Reports

##### Check Inspection Results

```shell

# View the name of the inspection result for inspection report download.

kubectl get inspectresult

```

###### Command

```shell

## Get the address and port of kubeeye-apiserver service.

kubectl get svc -n kubeeye-system kubeeye-apiserver -o custom-columns=CLUSTER-IP:.spec.clusterIP,PORT:.spec.ports[*].port

## Download the inspection report, and please replace <> with the actual information obtained from the environment.

curl http://:9090/kapis/kubeeye.kubesphere.io/v1alpha2/inspectresults/\?type\=html -o inspectReport.html

## After downloading, you can use a browser to open the HTML file for viewing.

```

###### Web Console

```shell

## Create a nodePort type svc for kubeeye-apiserver.

kubectl -n kubeeye-system expose deploy kubeeye-apiserver --port=9090 --type=NodePort --name=ke-apiserver-node-port

## Enter the inspection report URL in the browser to view, and remember to replace <> with the actual information obtained from the environment.

http://:/kapis/kubeeye.kubesphere.io/v1alpha2/inspectresults/?type=html

```

## Supported Rules List

* OPA 

* PromQL 

* File Change

* Kernel Parameter Configuration

* Systemd Service Status

* Node Basic Info

* File Content Inspection

* Service Connectivity