Add example of ConfigMap monitoring #131
Comments
|
There was a similar question: #22 The example of a config: P.S. I think it is a good idea for a new example! |
diafour
added
enhancement
|
Hi @diafour Thanks for marking this as good first issue . I would love to work on this and file a PR. let me know what exactly you want me to do ? A bit more description will be helpful . |
|
This issue is to create a new example. There are examples to monitor Pods, Namespaces, Secrets: I have several scenarios in mind:
|
|
Config maps can be monitored the same way as in pods example: oper.yml ---
apiVersion: v1
kind: Namespace
metadata:
name: oper
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: oper
namespace: oper
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: oper
namespace: oper
rules:
- apiGroups: [""]
resources: ["pods"]
verbs: ["get", "watch", "list"]
- apiGroups: [""]
resources: ["configmaps"]
verbs: ["get", "watch", "list"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: oper
namespace: oper
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: oper
subjects:
- kind: ServiceAccount
name: oper
namespace: oper
---
apiVersion: v1
kind: ConfigMap
metadata:
name: oper
namespace: oper
data:
entrypoint.sh: |
#!/usr/bin/env bash
# https://docs.microsoft.com/en-us/powershell/scripting/install/installing-powershell-core-on-linux?view=powershell-7.1#installation-via-direct-download---alpine-39-and-310
apk add --no-cache ca-certificates less ncurses-terminfo-base krb5-libs libgcc libintl libssl1.1 libstdc++ tzdata userspace-rcu zlib icu-libs curl
apk -X https://dl-cdn.alpinelinux.org/alpine/edge/main add --no-cache lttng-ust
curl -s -L https://github.com/PowerShell/PowerShell/releases/download/v7.1.3/powershell-7.1.3-linux-alpine-x64.tar.gz -o /tmp/powershell.tar.gz
mkdir -p /opt/microsoft/powershell/7
tar zxf /tmp/powershell.tar.gz -C /opt/microsoft/powershell/7
chmod +x /opt/microsoft/powershell/7/pwsh
ln -s /opt/microsoft/powershell/7/pwsh /usr/bin/pwsh
# https://github.com/flant/shell-operator/blob/master/Dockerfile#L40
exec /sbin/tini -- /shell-operator start
oper.ps1: |
#!/usr/bin/env pwsh
if ($args[0] -eq '--config') {
Write-Host '
configVersion: v1
kubernetes:
- apiVersion: v1
kind: Pod
executeHookOnEvent: ["Added"]
- apiVersion: v1
kind: ConfigMap
executeHookOnEvent: ["Added", "Deleted", "Modified"]
'
} else {
$items = Get-Content $env:BINDING_CONTEXT_PATH | ConvertFrom-Json
foreach($item in $items) {
$event = $item.watchEvent
$kind = $item.object.kind
$name = $item.object.metadata.name
Write-Host "$kind $name $event"
}
}
---
apiVersion: v1
kind: Pod
metadata:
name: oper
namespace: oper
spec:
serviceAccountName: oper
volumes:
- name: oper
configMap:
name: oper
defaultMode: 0755
containers:
- name: oper
image: flant/shell-operator:latest
command:
- /entrypoint.sh
imagePullPolicy: IfNotPresent
volumeMounts:
- name: oper
subPath: oper.ps1
mountPath: /hooks/oper.ps1
- name: oper
subPath: entrypoint.sh
mountPath: /entrypoint.shNow you can run it: kubectl apply -f oper.ymlAnd watch what will happen: kubectl -n oper logs oper | grep '^{' | grep stdout | jq -r ".msg"
ConfigMap ingress-controller-leader-nginx Modified
ConfigMap hello Added
ConfigMap ingress-controller-leader-nginx Modified
ConfigMap ingress-controller-leader-nginx Modified
Pod demo-1625304780-pp66g Added
ConfigMap ingress-controller-leader-nginx Modified
ConfigMap ingress-controller-leader-nginx Modified
ConfigMap hello DeletedTo cleanup, just delete namespace, e.g. |
monitored configMaps too.
{ "configVersion":"v1", "kubernetes":[ { "apiVersion": "events.k8s.io/v1beta1", "kind": "Event", "namespace": { "nameSelector": { "matchNames": ["example-monitor-events"] } }, "fieldSelector": { "matchExpressions": [ { "field": "metadata.namespace", "operator": "Equals", "value": "example-monitor-events" } ] } } ] }monitored only activity of pods
The text was updated successfully, but these errors were encountered: