kubectl-explorer
kubectl-explorer copied to clipboard
Pscheidl
Detects orphan configmaps and secrets in a Kubernetes cluster
KubExplorer
Warning: Proof of concept. Feedback is much welcome.
Discovers and prints out any Configmaps and Secrets not linked to any of the following resources:
- Deployments,
- ReplicaSets,
- StatefulSets,
- DaemonSets,
- Jobs,
- CronJobs,
- ReplicationControllers,
- Pods,
- Ingresses,
- ServiceAccounts.
Running
Pre-compiled x86_64-unknown-linux-gnu binaries are available. For other platforms, compilation is an easy, but necessary step.
- Install Rust
- Simply invoke
cargo run -- -h(add the--releaseflag for optimal performance) to obtain instructions.
> cargo run -- -h
KubEx - Kubernetes Explorer 0.1.0
Pavel Pscheidl <[email protected]>
Discovers unused ConfigMaps and Secrets
USAGE:
kubex [OPTIONS]
FLAGS:
-h, --help Prints help information
-V, --version Prints version information
OPTIONS:
-k, --kubeconfig <PATH_TO_KUBECONFIG> Path to a KUBECONFIG file. When not set, env is used.
-n, --namespace <NAMESPACE> Namespace to search in.
-o, --output <OUTPUT> Output format. YAML by default. [default: yaml] [possible values: yaml,
json]
E.g. cargo run --release -- -k /etc/rancher/k3s/k3s.yaml -n default -o json to explicitly specify the KUBECONFIG and the namespace.
If KUBECONFIG is not specified, the KUBECONFIG env variable is looked for. When not found, an error is thrown.
If namespace is not defined, the default namespace from KUBECONFIG is used.
Testing
Run tests using cargo test. Tests require:
- Running Kubernetes cluster with supported API version
1_19, KUBECONFIGenvironment variable set.
An easy way to obtain a Kubernetes cluster is k3s.io - curl -sfL https://get.k3s.io | sh -. After
installation, export KUBECONFIG=/etc/rancher/k3s/k3s.yaml and make sure to chown or chmod the $KUBECONFIG file
for current user to be able to read it.
Pscheidl