Easily check your cluster for use of deprecated APIs
Kubernetes 1.16 is slowly starting to roll out, not only across various managed Kubernetes offerings, and with that come a lot of API deprecations1.
Kube No Trouble (kubent) is a simple tool to check whether you're using any
of these API versions in your cluster and therefore should upgrade your
workloads first, before upgrading your Kubernetes cluster.
This tool will be able to detect deprecated APIs depending on how you deploy your resources, as we need the original manifest to be stored somewhere. In particular following tools are supported:
- file - local manifests in YAML or JSON
- kubectl - uses the
kubectl.kubernetes.io/last-applied-configurationannotation - Helm v2 - uses Tiller manifests stored in K8s Secrets or ConfigMaps
- Helm v3 - uses Helm manifests stored as Secrets or ConfigMaps directly in individual namespaces
Additional resources:
- Blog post on K8s deprecated APIs and introduction of kubent: Kubernetes: How to automatically detect and deal with deprecated APIs
Run sh -c "$(curl -sSL https://git.io/install-kubent)".
(The script will download latest version and unpack to /usr/local/bin).
Or download the latest release for your platform and unpack manually.
Configure Kubectl's current context to point to your cluster, kubent will
look for the kube .config file in standard locations (you can point it to custom
location using the -k switch).
kubent will collect resources from your cluster and report on found issuses.
Please note that you need to have sufficient permissions to read Secrets in the
cluster in order to use Helm* collectors.
$./kubent
6:25PM INF >>> Kube No Trouble `kubent` <<<
6:25PM INF Initializing collectors and retrieving data
6:25PM INF Retrieved 103 resources from collector name=Cluster
6:25PM INF Retrieved 132 resources from collector name="Helm v2"
6:25PM INF Retrieved 0 resources from collector name="Helm v3"
6:25PM INF Loaded ruleset name=deprecated-1-16.rego
6:25PM INF Loaded ruleset name=deprecated-1-20.rego
__________________________________________________________________________________________
>>> 1.16 Deprecated APIs <<<
------------------------------------------------------------------------------------------
KIND NAMESPACE NAME API_VERSION
Deployment default nginx-deployment-old apps/v1beta1
Deployment kube-system event-exporter-v0.2.5 apps/v1beta1
Deployment kube-system k8s-snapshots extensions/v1beta1
Deployment kube-system kube-dns extensions/v1beta1
__________________________________________________________________________________________
>>> 1.20 Deprecated APIs <<<
------------------------------------------------------------------------------------------
KIND NAMESPACE NAME API_VERSION
Ingress default test-ingress extensions/v1beta1You can list all the configuration options available using --help switch:
$./kubent -h
Usage of ./kubent:
-c, --cluster enable Cluster collector (default true)
-d, --debug enable debug logging
-f, --filename strings manifests to check
--helm2 enable Helm v2 collector (default true)
--helm3 enable Helm v3 collector (default true)
-k, --kubeconfig string path to the kubeconfig file (default "/Users/stepan/.kube/config")
-o, --output string output format - [text|json] (default "text")The simplest way to build kubent is:
# Clone the repository
git clone https://github.com/doitintl/kube-no-trouble.git
cd kube-no-trouble/
# We require statik for generating static embedded files
go get github.com/rakyll/statik
# Generate
go generate
# Build
go build -o bin/kubent cmd/kubent/main.goOtherwise there's Makefile
$ make
make
all Cean, build and pack
help Prints list of tasks
build Build binary
generate Go generate
pack Pack binaries with upx
release-artifacts Create release artifacts
clean Clean build artifactsPlease open any issues and/or PRs against github.com/doitintl/kube-no-trouble repository.
Feedback and contributions are always welcome!
Some future features ideas:
- Advice on correct replacement API version ?
- Output - pdf/html?
- Tests
- Lint