From 5c2e49cb9fe68f98e0df10b3b27bef7e18c6e953 Mon Sep 17 00:00:00 2001 From: Xingyu Wang Date: Thu, 27 Feb 2020 10:29:42 +0800 Subject: [PATCH] PRF @geekpi --- ...0 Scan Kubernetes for errors with KRAWL.md | 186 +++++++++--------- 1 file changed, 92 insertions(+), 94 deletions(-) diff --git a/translated/tech/20200210 Scan Kubernetes for errors with KRAWL.md b/translated/tech/20200210 Scan Kubernetes for errors with KRAWL.md index dae3043217..ef33fd24c8 100644 --- a/translated/tech/20200210 Scan Kubernetes for errors with KRAWL.md +++ b/translated/tech/20200210 Scan Kubernetes for errors with KRAWL.md @@ -1,6 +1,6 @@ [#]: collector: (lujun9972) [#]: translator: (geekpi) -[#]: reviewer: ( ) +[#]: reviewer: (wxy) [#]: publisher: ( ) [#]: url: ( ) [#]: subject: (Scan Kubernetes for errors with KRAWL) @@ -9,25 +9,25 @@ 使用 KRAWL 扫描 Kubernetes 错误 ====== -用 KRAWL 脚本来标识 Kubernetes pod 和容器中的错误。 + +> 用 KRAWL 脚本来识别 Kubernetes Pod 和容器中的错误。 + ![Ship captain sailing the Kubernetes seas][1] -当你使用 Kubernetes 运行容器时,你通常会发现它们堆积。这是设计使然。它是容器的优点之一:每当需要新的容器时,它们启动成本都很低。你可以使用前端(如 OpenShift 或 OKD)来管理 pod 和容器。这些工具使可视化设置变得容易,并且它具有一组丰富的用于快速交互的命令。 +当你使用 Kubernetes 运行容器时,你通常会发现它们堆积在一起。这是设计使然。它是容器的优点之一:每当需要新的容器时,它们启动成本都很低。你可以使用前端工具(如 OpenShift 或 OKD)来管理 Pod 和容器。这些工具使可视化设置变得容易,并且它具有一组丰富的用于快速交互的命令。 -如果管理容器的平台不符合你的要求,你也可以仅使用 Kubernetes 工具链获取这些信息,但这需要大量命令才能全面了解复杂环境。出于这个原因,我编写了 [KRAWL][2],这是一个简单的脚本,可用于扫描 Kubernetes 集群命名空间下的 pod 和容器,并在发现任何事件时,显示事件的输出。它也可用作为 Kubernetes 插件使用。这是获取大量有用信息的快速简便方法。 - -### 预先条件 - - * 必须安装 kubectl。 - * 集群的 kubeconfig 配置必须在它的默认位置 ($HOME/.kube/config) 或已被导出。 +如果管理容器的平台不符合你的要求,你也可以仅使用 Kubernetes 工具链获取这些信息,但这需要大量命令才能全面了解复杂环境。出于这个原因,我编写了 [KRAWL][2],这是一个简单的脚本,可用于扫描 Kubernetes 集群命名空间下的 Pod 和容器,并在发现任何事件时,显示事件的输出。它也可用作为 Kubernetes 插件使用。这是获取大量有用信息的快速简便方法。 +### 先决条件 + * 必须安装 `kubectl`。 + * 集群的 kubeconfig 配置必须在它的默认位置(`$HOME/.kube/config`)或已被导出到环境变量(`KUBECONFIG=/path/to/kubeconfig`)。 ### 使用 ``` -`$ ./krawl` +$ ./krawl ``` ![KRAWL script][3] @@ -38,20 +38,20 @@ ``` #!/bin/bash # AUTHOR: Abhishek Tamrakar -# EMAIL: [abhishek.tamrakar08@gmail.com][4] +# EMAIL: abhishek.tamrakar08@gmail.com # LICENSE: Copyright (C) 2018 Abhishek Tamrakar # -#  Licensed under the Apache License, Version 2.0 (the "License"); -#  you may not use this file except in compliance with the License. -#  You may obtain a copy of the License at +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at # -#       +# http://www.apache.org/licenses/LICENSE-2.0 # -#   Unless required by applicable law or agreed to in writing, software -#   distributed under the License is distributed on an "AS IS" BASIS, -#   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -#   See the License for the specific language governing permissions and -#   limitations under the License. +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. ## #define the variables KUBE_LOC=~/.kube/config @@ -66,102 +66,102 @@ normal=$(tput sgr0) # wrapper for printing info messages info() { -  printf '\n\e[34m%s\e[m: %s\n' "INFO" "$@" + printf '\n\e[34m%s\e[m: %s\n' "INFO" "$@" } # cleanup when all done cleanup() { -  rm -f results.csv + rm -f results.csv } # just check if the command we are about to call is available checkcmd() { -  #check if command exists -  local cmd=$1 -  if [ -z "${!cmd}" ] -  then -    printf '\n\e[31m%s\e[m: %s\n' "ERROR"  "check if $1 is installed !!!" -    exit 1 -  fi + #check if command exists + local cmd=$1 + if [ -z "${!cmd}" ] + then + printf '\n\e[31m%s\e[m: %s\n' "ERROR" "check if $1 is installed !!!" + exit 1 + fi } get_namespaces() { -  #get namespaces -  namespaces=( \ -          $($KUBECTL get namespaces --ignore-not-found=true | \ -          $AWK '/Active/ {print $1}' \ -          ORS=" ") \ -          ) + #get namespaces + namespaces=( \ + $($KUBECTL get namespaces --ignore-not-found=true | \ + $AWK '/Active/ {print $1}' \ + ORS=" ") \ + ) #exit if namespaces are not found if [ ${#namespaces[@]} -eq 0 ] then -  printf '\n\e[31m%s\e[m: %s\n' "ERROR"  "No namespaces found!!" -  exit 1 + printf '\n\e[31m%s\e[m: %s\n' "ERROR" "No namespaces found!!" + exit 1 fi } #get events for pods in errored state get_pod_events() { -  printf '\n' -  if [ ${#ERRORED[@]} -ne 0 ] -  then -      info "${#ERRORED[@]} errored pods found." -      for CULPRIT in ${ERRORED[@]} -      do -        info "POD: $CULPRIT" -        info -        $KUBECTL get events \ -        --field-selector=involvedObject.name=$CULPRIT \ -        -ocustom-columns=LASTSEEN:.lastTimestamp,REASON:.reason,MESSAGE:.message \ -        --all-namespaces \ -        --ignore-not-found=true -      done -  else -      info "0 pods with errored events found." -  fi + printf '\n' + if [ ${#ERRORED[@]} -ne 0 ] + then + info "${#ERRORED[@]} errored pods found." + for CULPRIT in ${ERRORED[@]} + do + info "POD: $CULPRIT" + info + $KUBECTL get events \ + --field-selector=involvedObject.name=$CULPRIT \ + -ocustom-columns=LASTSEEN:.lastTimestamp,REASON:.reason,MESSAGE:.message \ + --all-namespaces \ + --ignore-not-found=true + done + else + info "0 pods with errored events found." + fi } #define the logic get_pod_errors() { -  printf "%s %s %s\n" "NAMESPACE,POD_NAME,CONTAINER_NAME,ERRORS" > results.csv -  printf "%s %s %s\n" "---------,--------,--------------,------" >> results.csv -  for NAMESPACE in ${namespaces[@]} -  do -    while IFS=' ' read -r POD CONTAINERS -    do -      for CONTAINER in ${CONTAINERS//,/ } -      do -        COUNT=$($KUBECTL logs --since=1h --tail=20 $POD -c $CONTAINER -n $NAMESPACE 2>/dev/null| \ -        $GET -c '^error|Error|ERROR|Warn|WARN') -        if [ $COUNT -gt 0 ] -        then -            STATE=("${STATE[@]}" "$NAMESPACE,$POD,$CONTAINER,$COUNT") -        else -        #catch pods in errored state -            ERRORED=($($KUBECTL get pods -n $NAMESPACE --no-headers=true | \ -                awk '!/Running/ {print $1}' ORS=" ") \ -                ) -        fi -      done -    done< <($KUBECTL get pods -n $NAMESPACE --ignore-not-found=true -o=custom-columns=NAME:.metadata.name,CONTAINERS:.spec.containers[*].name --no-headers=true) -  done -  printf "%s\n" ${STATE[@]:-None} >> results.csv -  STATE=() + printf "%s %s %s\n" "NAMESPACE,POD_NAME,CONTAINER_NAME,ERRORS" > results.csv + printf "%s %s %s\n" "---------,--------,--------------,------" >> results.csv + for NAMESPACE in ${namespaces[@]} + do + while IFS=' ' read -r POD CONTAINERS + do + for CONTAINER in ${CONTAINERS//,/ } + do + COUNT=$($KUBECTL logs --since=1h --tail=20 $POD -c $CONTAINER -n $NAMESPACE 2>/dev/null| \ + $GET -c '^error|Error|ERROR|Warn|WARN') + if [ $COUNT -gt 0 ] + then + STATE=("${STATE[@]}" "$NAMESPACE,$POD,$CONTAINER,$COUNT") + else + #catch pods in errored state + ERRORED=($($KUBECTL get pods -n $NAMESPACE --no-headers=true | \ + awk '!/Running/ {print $1}' ORS=" ") \ + ) + fi + done + done< <($KUBECTL get pods -n $NAMESPACE --ignore-not-found=true -o=custom-columns=NAME:.metadata.name,CONTAINERS:.spec.containers[*].name --no-headers=true) + done + printf "%s\n" ${STATE[@]:-None} >> results.csv + STATE=() } #define usage for seprate run usage() { -cat << EOF +cat << EOF -  USAGE: "${0##*/} </path/to/kube-config>(optional)" + USAGE: "${0##*/} (optional)" -  This program is a free software under the terms of Apache 2.0 License. -  COPYRIGHT (C) 2018 Abhishek Tamrakar + This program is a free software under the terms of Apache 2.0 License. + COPYRIGHT (C) 2018 Abhishek Tamrakar EOF exit 0 @@ -173,17 +173,17 @@ checkcmd KUBECTL # #set the ground if [ $# -lt 1 ]; then -  if [ ! -e ${KUBE_LOC} -a ! -s ${KUBE_LOC} ] -  then -    info "A readable kube config location is required!!" -    usage -  fi + if [ ! -e ${KUBE_LOC} -a ! -s ${KUBE_LOC} ] + then + info "A readable kube config location is required!!" + usage + fi elif [ $# -eq 1 ] then -  export KUBECONFIG=$1 + export KUBECONFIG=$1 elif [ $# -gt 1 ] then -  usage + usage fi #play get_namespaces @@ -191,7 +191,7 @@ get_pod_errors printf '\n%40s\n' 'KRAWL' printf '%s\n' '---------------------------------------------------------------------------------' -printf '%s\n' '  Krawl is a command line utility to scan pods and prints name of errored pods   ' +printf '%s\n' ' Krawl is a command line utility to scan pods and prints name of errored pods ' printf '%s\n\n' ' +and containers within. To use it as kubernetes plugin, please check their page ' printf '%s\n' '=================================================================================' @@ -199,9 +199,7 @@ cat results.csv | sed 's/,/,|/g'| column -s ',' -t get_pod_events ``` -* * * - -_此文最初发布在 [KRAWL 的 GitHub 仓库][2]下的 README 中,并被或许重用。_ +此文最初发布在 [KRAWL 的 GitHub 仓库][2]下的 README 中,并被或许重用。 -------------------------------------------------------------------------------- @@ -210,7 +208,7 @@ via: https://opensource.com/article/20/2/kubernetes-scanner 作者:[Abhishek Tamrakar][a] 选题:[lujun9972][b] 译者:[geekpi](https://github.com/geekpi) -校对:[校对者ID](https://github.com/校对者ID) +校对:[wxy](https://github.com/wxy) 本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出