clowdhaus
Report on deprecated API usage
Use case
Detecting and reporting on deprecated/removed Kubernetes API versions is one of the largest concerns of upgrading Kubernetes clusters. While users may be aware of what APIs are deprecated or removed, identifying if any of those APIs are in use in the cluster is a much more challenging task.
Solution/User Experience
Use the apiserve_requested_deprecated_apis metric to detect usage of deprecated APIs
- https://kubernetes.io/blog/2020/09/03/warnings/
- https://github.com/kubernetes/enhancements/tree/master/keps/sig-api-machinery/1693-warnings
- https://github.com/kube-rs/kube/issues/492 for implementation
Alternative solutions
- For now,
plutoorkubentare recommended to check for deprecated APIs- Add section on how those tools work, what to watch out for (asking the API Server is not trustworthy, scanning manifests directly is the most accurate)
- https://github.com/clowdhaus/r8s#r8s
In addition to the tools listed above, and the apiserve_requested_deprecated_apis metric, eksup should provide the ability to identify API calls made using a deprecated/removed API from the API server logs stored in CloudWatch
The results then would be composed of 3 parts
- Results from the last applied config
- Results from
apiserve_requested_deprecated_apismetrics - Results from API server cloudwatch logs (will have to determine how far back to search - 30 days, 60 days, configurable?)