Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/kubesphere/kubeeye

KubeEye aims to find various problems on Kubernetes, such as application misconfiguration, unhealthy cluster components and node problems.
https://github.com/kubesphere/kubeeye

cluster-analysis k8s kubeeye kubernetes observability

Last synced: 7 days ago
JSON representation

KubeEye aims to find various problems on Kubernetes, such as application misconfiguration, unhealthy cluster components and node problems.

Awesome Lists containing this project

README

        


> English | [中文](README_zh.md)

KubeEye is a cloud-native cluster inspection tool specifically designed for Kubernetes, capable of identifying issues and risks within the Kubernetes cluster based on custom rules.

## QuickStart

### Installation
Download the installation package from [Releases](https://github.com/kubesphere/kubeeye/releases), which includes Helm chart, demo rules, and images for offline installation.

```shell
VERSION=v1.0.0

wget https://github.com/kubesphere/kubeeye/releases/download/${VERSION}/kubeeye-offline-${VERSION}.tar.gz

tar -zxvf kubeeye-offline-${VERSION}.tar.gz

cd kubeeye-offline-${VERSION}

# offline installation, please import the images in the 'images' folder into the local container repository yourself and modify the images repo in `chart/kubeeye/values.yaml`.

helm upgrade --install kubeeye chart/kubeeye -n kubeeye-system --create-namespace

```

### Usage

#### Import Inspect Rules

> The `rule` directory in the installation package provides demo rules, which can be customized according to specific needs.

> Notice: Prometheus rules need to have the endpoint of Prometheus set in advance.

```shell
kubectl apply -f rule
```

#### Create Inspect Plan

Configure inspection plans on demand.
```shell
cat > plan.yaml << EOF
apiVersion: kubeeye.kubesphere.io/v1alpha2
kind: InspectPlan
metadata:
name: inspectplan
spec:
# The planned time for executing inspections only supports cron expressions. For example, '*/30 * * * ?' means that the inspection will be performed every 30 minutes.'
# If only a single inspection is required, then remove this parameter.
schedule: "*/30 * * * ?"
# The maximum number of retained inspection results, if not filled in, will retain all.
maxTasks: 10
# Should the inspection plan be paused, applicable only to periodic inspections, true or false (default is false).
suspend: false
# Inspection timeout, default 10 minutes.
timeout: 10m
# Inspection rule list, used to associate corresponding inspection rules, please fill in the inspectRule name.
# Execute `kubectl get inspectrule` to view the inspection rules in the cluster.
ruleNames:
- name: inspect-rule-filter-file
- name: inspect-rule-node-info
- name: inspect-rule-node
- name: inspect-rule-sbnormalpodstatus
- name: inspect-rule-deployment
- name: inspect-rule-sysctl
- name: inspect-rule-prometheus
- name: inspect-rule-filechange
- name: inspect-rule-systemd
# nodeName: master
# nodeSelector:
# node-role.kubernetes.io/master: ""
# Multi-cluster inspection (currently only supports multi-cluster inspection in KubeSphere)
# clusterName:
# - name: host
EOF

kubectl apply -f plan.yaml
```

#### Obtaining Inspection Reports
##### Check Inspection Results
```shell
# View the name of the inspection result for inspection report download.
kubectl get inspectresult
```
###### Command
```shell
## Get the address and port of kubeeye-apiserver service.
kubectl get svc -n kubeeye-system kubeeye-apiserver -o custom-columns=CLUSTER-IP:.spec.clusterIP,PORT:.spec.ports[*].port

## Download the inspection report, and please replace <> with the actual information obtained from the environment.
curl http://:9090/kapis/kubeeye.kubesphere.io/v1alpha2/inspectresults/\?type\=html -o inspectReport.html

## After downloading, you can use a browser to open the HTML file for viewing.
```
###### Web Console
```shell
## Create a nodePort type svc for kubeeye-apiserver.
kubectl -n kubeeye-system expose deploy kubeeye-apiserver --port=9090 --type=NodePort --name=ke-apiserver-node-port

## Enter the inspection report URL in the browser to view, and remember to replace <> with the actual information obtained from the environment.
http://:/kapis/kubeeye.kubesphere.io/v1alpha2/inspectresults/?type=html
```
## Supported Rules List
* OPA
* PromQL
* File Change
* Kernel Parameter Configuration
* Systemd Service Status
* Node Basic Info
* File Content Inspection
* Service Connectivity