kaudit

Auditing tool for resources in Kubernetes.

App Def Working Group

The App Def working group has develop a guide line for labels and annotations here.

This project attempts to do two things:

JSON Spec

The app-def.json file in this repo defines the JSON Schema for labels and annotations.

Audit Tool

The kaudit tool accepts a JSON Schema config file and validates all objects in the workload API adhere adhere to the schema.

Usage

Installation

$ go get github.com/runyontr/kaudit

Deploy Samples

Execute the following from the command line to deploy two different deployments. The deployment foo are configured with the appropriate labels and annotations, where bar is missing all of the labels and annotations

Kubernetes 1.9.0+

$ kubectl apply -f ./deployments/1.9.0/

Kubernetes <1.9.0

$ kubectl apply -f ./deployments/1.8.0/

Validate

Validate there are two deployments

$ kubectl get deployments
NAME             DESIRED   CURRENT   UP-TO-DATE   AVAILABLE   AGE
bar-deployment   3         3         3            3           35m
foo-deployment   1         1         1            1           36m

running the kaudit command should demonstrate which labels and annotations are missing from which applications:

$ kaudit --spec app-def.json

deployments: 
bar-deployment:	Errors:
	 - app.kubernetes.io/name: app.kubernetes.io/name is required
	 - app.kubernetes.io/version: app.kubernetes.io/version is required
	 - app.kubernetes.io/deploy-manager: app.kubernetes.io/deploy-manager is required
foo-deployment:	Ok!
replicasets: 
bar-deployment-589f55cb9d:	Errors:
	 - app.kubernetes.io/name: app.kubernetes.io/name is required
	 - app.kubernetes.io/version: app.kubernetes.io/version is required
	 - app.kubernetes.io/deploy-manager: app.kubernetes.io/deploy-manager is required
foo-deployment-57fc95945b:	Errors:
	 - app.kubernetes.io/deploy-manager: app.kubernetes.io/deploy-manager is required
foo-deployment-744646dc5d:	Ok!
exit status 7

To compare against v1 resources (e.g. services, pods) use the following:

$ kaudit --spec app-def.json --version v1


pods: 
bar-deployment-589f55cb9d-qftz2:	Errors:
	 - app.kubernetes.io/name: app.kubernetes.io/name is required
	 - app.kubernetes.io/version: app.kubernetes.io/version is required
	 - app.kubernetes.io/deploy-manager: app.kubernetes.io/deploy-manager is required
bar-deployment-589f55cb9d-t5sm5:	Errors:
	 - app.kubernetes.io/name: app.kubernetes.io/name is required
	 - app.kubernetes.io/version: app.kubernetes.io/version is required
	 - app.kubernetes.io/deploy-manager: app.kubernetes.io/deploy-manager is required
bar-deployment-589f55cb9d-xdcms:	Errors:
	 - app.kubernetes.io/name: app.kubernetes.io/name is required
	 - app.kubernetes.io/version: app.kubernetes.io/version is required
	 - app.kubernetes.io/deploy-manager: app.kubernetes.io/deploy-manager is required
foo-deployment-744646dc5d-z25n5:	Ok!
services: 
kubernetes:	Errors:
	 - app.kubernetes.io/name: app.kubernetes.io/name is required
	 - app.kubernetes.io/version: app.kubernetes.io/version is required
	 - app.kubernetes.io/deploy-manager: app.kubernetes.io/deploy-manager is required
exit status 12

0x6b7966 / kaudit-1 Goto Github PK

kaudit-1's Introduction

kaudit

App Def Working Group

JSON Spec

Audit Tool

Usage

Installation

Deploy Samples

Kubernetes 1.9.0+

Kubernetes <1.9.0

Validate

kaudit-1's People

Contributors

Watchers

Recommend Projects

React

Vue.js

Typescript

TensorFlow

Django

Laravel

D3

Recommend Topics

javascript

web

server

Machine learning

Visualization

Game

Recommend Org

Facebook

Microsoft

Google

Alibaba

D3

Tencent

Jobs