kube-capacity icon indicating copy to clipboard operation
kube-capacity copied to clipboard

Published 20 hours ago verified publisher icon robscott

Feature Request: Add Option to Exclude Nodes and Avoid Node List API Call

Open M-JavadHeydarpour opened this issue 1 year ago • 1 comments

Problem Statement:

When using kubectl resource-capacity in an environment with namespace-scoped permissions, the command attempts to list nodes by calling the Kubernetes API (v1 list nodes). This causes issues for users who do not have permissions to access node resources, resulting in errors or incomplete outputs.

Example command:

kubectl resource-capacity --sort cpu.request --util --pods --sort cpu.request --pod-count --output table --namespace nginx
NODE         POD                                                         CPU REQUESTS   CPU LIMITS   CPU UTIL   MEMORY REQUESTS   MEMORY LIMITS   MEMORY UTIL   POD COUNT
*            *                                                           100m (0%)      200m (0%)    0m (0%)    256Mi (0%)        512Mi (0%)      0Mi (0%)      1/220
                                                                                                                                                                
eu-kube-w1   *                                                           100m (2%)      200m (5%)    2m (0%)    256Mi (1%)        512Mi (3%)      110Mi (0%)    1/110
eu-kube-w1   nginx-nginx-deployment-sample-deployment-55b768d7fd-2nk9l   100m (2%)      200m (5%)    2m (0%)    256Mi (1%)        512Mi (3%)      110Mi (0%)    
                                                                                                                                                                
eu-kube-m1   *                                                           0m (0%)        0m (0%)      0m (0%)    0Mi (0%)          0Mi (0%)        0Mi (0%)      0/110

In environments without node access, the command fails or cannot display the node-related information.

Feature Request:

  • Add an option to exclude node information from the output.
  • Prevent the command from making API calls to list nodes when this option is enabled.

This would allow users with namespace-scoped permissions to use kubectl resource-capacity without encountering permission errors.

Proposed Solution:

Introduce a flag (e.g., --exclude-nodes or --namespace-scope) that:

  • Omits node information from the output.
  • Skips any API calls that attempt to list or describe nodes.
  • Focuses solely on the resources within the specified namespace(s).

Benefits:

  • Enhances usability for users with limited permissions.
  • Aligns with Kubernetes' RBAC practices by respecting the user's scope.
  • Increases the tool's flexibility in various operational environments.

Additional Context:

Users operating in restricted environments (e.g., developers in a multi-tenant cluster) often have permissions only within certain namespaces. By avoiding unnecessary API calls that require cluster-wide permissions, the tool becomes more accessible and useful to a broader audience.

M-JavadHeydarpour avatar Oct 01 '24 08:10 M-JavadHeydarpour

+1 - I would love to see only --pods without nodes, especially when sorting by utilization or resource requests. My task in this context is to find "large pods" for right-sizing.

rofreytag avatar Apr 25 '25 21:04 rofreytag

+1 I would love this as well, im trying to use this tool clean up app's cpu requests "kube-capacity --pods --sort cpu.request" In a cluster with 6-9 worker nodes, the output listing with a list for each node makes its hard to read through for a top10 cpu request (basicly a built in option for "kube-capacity --pods --sort cpu.request | sort -n -r -k4")

SeraNoxa avatar Nov 12 '25 08:11 SeraNoxa