kor icon indicating copy to clipboard operation
kor copied to clipboard

Published 20 hours ago verified publisher icon yonahd

Find Empty namespaces

Open yonahd opened this issue 1 year ago • 12 comments

Find namespaces with no resources

yonahd avatar Sep 27 '23 19:09 yonahd

hey @yonahd I would like to work on that, please. Is it fair to say that we call a namespace empty if there are not resources in there at all? is that correct?

liornoy avatar Oct 12 '23 11:10 liornoy

Yes. It should be with no resources except for the default service account

yonahd avatar Oct 12 '23 12:10 yonahd

Thanks, I already started working on this, and on my Kind cluster there is an auto-generated "kube-root-ca.crt' configmap that we might also want to add as an exception. wdyt?

liornoy avatar Oct 12 '23 12:10 liornoy

I see we even have a exceptionconfigmaps var for it

liornoy avatar Oct 12 '23 12:10 liornoy

Thanks, I already started working on this, and on my Kind cluster there is an auto-generated "kube-root-ca.crt' configmap that we might also want to add as an exception. wdyt?

Yes. This is default as well

yonahd avatar Oct 12 '23 13:10 yonahd

Hi @yonahd, I'd like to address this issue. Are the default resources, such as the service account and kube-root-ca.crt configmap, consistent across Kubernetes distributions? If so, can we determine whether a namespace is unused by checking for the presence of these default resources, and concluding that it is unused if there are no additional resources in that namespace?

roopeshsn avatar Dec 16 '23 15:12 roopeshsn

Hi @yonahd, I'd like to address this issue. Are the default resources, such as the service account and kube-root-ca.crt configmap, consistent across Kubernetes distributions? If so, can we determine whether a namespace is unused by checking for the presence of these default resources, and concluding that it is unused if there are no additional resources in that namespace?

This is consistent. We want to take an approach similar to https://github.com/corneliusweig/ketall/tree/master

yonahd avatar Dec 16 '23 16:12 yonahd

I took time to view the implementation of Ketall. It constructs a slice of resource names with the API resources ([configmaps endpoints pods ...]). It creates a new resource builder from the kubernetes/cli-runtime package, passes the slice, and calls the methods Do().Object() which prints the resources from all the namespaces or from a specific namespace when the --namespace=<namespace> flag is passed.

Do you want me to see the logic of Do().Object() @yonahd?

roopeshsn avatar Dec 19 '23 07:12 roopeshsn

The thing I am confused about is that though we find all the resource types, create a builder from cli-runtime, and pass the resource types it will return an object with all the namespaced and default resources in a namespace. How it will be useful to find an unused namespace?

roopeshsn avatar Dec 19 '23 07:12 roopeshsn

@roopeshsn We don't find all resources. We don't even interact with all of them. The user can know which namespace he can consider empty(and avoid thinking its used by the default resources) and delete it. Not sure I completely understand the question

yonahd avatar Dec 26 '23 20:12 yonahd

@roopeshsn We don't find all resources. We don't even interact with all of them. The user can know which namespace he can consider empty(and avoid thinking its used by the default resources) and delete it. Not sure I completely understand the question

Exactly! Ketall finds the namespace resources using the cli-runtime package. How does that implementation help to find an unused namespace? However, we need to check and conclude a namespace is empty if it contains only default resources. @yonahd

roopeshsn avatar Dec 28 '23 05:12 roopeshsn

The above PR is still WIP - lacks parallel namespace processing and unit tests

isindir avatar Apr 28 '24 11:04 isindir