Kubernetes

The Kubernetes check performs requests on Kubernetes resources such as Pods to get the desired information.

junit.yaml
apiVersion: canaries.flanksource.com/v1
kind: Canary
metadata:
  name: kube-system-checks
spec:
  interval: 30
  kubernetes:
    - namespace: kube-system
      name: kube-system
      kind: Pod
      # ready: true
      # resource:
      #   labelSelector: k8s-app=kube-dns
      namespaceSelector:
        name: default
      display:
        expr: |
          dyn(results).
          map(i, i.Object).
          filter(i, !k8s.isHealthy(i)).
          map(i, "%s/%s -> %s".format([i.metadata.namespace, i.metadata.name, k8s.getHealth(i).message])).join('\n')
      test:
        expr: dyn(results).all(x, k8s.isHealthy(x))

Field	Description	Scheme
`kind*`	Kubernetes object kind	`string`
`name*`	Name of the check, must be unique within the canary	`string`
`healthy`	Fail the check if any resources are unhealthy	`boolean`
`ignore`	Ignore the specified resources from the fetched resources. Can be a glob pattern.	[]glob
`namespace`	Failing checks will be placed in this namespace, useful if you have shared namespaces
`namespaceSelector`	Namespace of the Kubernetes object	ResourceSelector
`ready`	Fail the check if any resources are not ready	`boolean`
`resource`	Queries resources related to specified Kubernetes object	ResourceSelector
`description`	Description for the check	`string`
`display`	Expression to change the formatting of the display	`Expression`
`icon`	Icon for overwriting default icon on the dashboard	Icon
`labels`	Labels for check	map[string]string
`metrics`	Metrics to export from	`[]Metrics`
`test`	Evaluate whether a check is healthy	`Expression`
`transform`	Transform data from a check into multiple individual checks	`Expression`
`kubeconfig`	Path to a kubeconfig on disk, or a reference to an existing secret	EnvVar

Healthy

Using healthy: true is functionally equivalent to the test expression above:

apiVersion: canaries.flanksource.com/v1
kind: Canary
metadata:
  name: kube-system-checks
spec:
  interval: 30
  kubernetes:
    - namespace: kube-system
      name: kube-system
      kind: Pod
      healthy: true
      resource:
        labelSelector: k8s-app=kube-dns
      namespaceSelector:
        name: kube-system
      display:
        expr: |
          dyn(results).
          map(i, i.Object).
          filter(i, !k8s.isHealthy(i)).
          map(i, "%s/%s -> %s".format([i.metadata.namespace, i.metadata.name, k8s.getHealth(i).message])).join('\n')

See the CEL Kubernetes docs for more details on the k8s.isHealthy and other functions available

Ready

Similar to the healthy flag, there's also a ready flag which is functionally equivalent to having the following test expression

dyn(results).all(x, k8s.isReady(x))

Checking for certificate readiness

junit.yaml
apiVersion: canaries.flanksource.com/v1
kind: Canary
metadata:
  name: cert-manager
spec:
  schedule: "@every 15m"
  kubernetes:
    - name: cert-manager-check
      kind: Certificate
      test:
        expr: |
          dyn(results).
          map(i, i.Object).
          filter(i, i.status.conditions[0].status != "True").size() == 0
      display:
        expr: |
          dyn(results).
          map(i, i.Object).
          filter(i, i.status.conditions[0].status != "True").
          map(i, "%s/%s -> %s".format([i.metadata.namespace, i.metadata.name, i.status.conditions[0].message])).join('\n')

Kubernetes

Healthy​

Ready​

Healthy

Ready