Skip to content

Commit

Permalink
refine inspectplan controller
Browse files Browse the repository at this point in the history
Signed-off-by: pixiake <[email protected]>
  • Loading branch information
pixiake committed Dec 18, 2024
1 parent b42b7c4 commit 0cc9141
Show file tree
Hide file tree
Showing 10 changed files with 53 additions and 43 deletions.
30 changes: 15 additions & 15 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@ KubeEye is a cloud-native cluster inspection tool specifically designed for Kube
Download the installation package from [Releases](https://github.com/kubesphere/kubeeye/releases), which includes Helm chart, demo rules, and images for offline installation.

```shell
VERSION=v1.0.0
VERSION=v1.0.3

wget https://github.com/kubesphere/kubeeye/releases/download/${VERSION}/kubeeye-offline-${VERSION}.tar.gz

Expand All @@ -35,12 +35,12 @@ helm upgrade --install kubeeye chart/kubeeye -n kubeeye-system --create-namespac

#### Import Inspect Rules

> The `rule` directory in the installation package provides demo rules, which can be customized according to specific needs.
> The `rules` directory in the installation package provides demo rules, which can be customized according to specific needs.
> Notice: Prometheus rules need to have the endpoint of Prometheus set in advance.
> Notice: PromQL rules need to have the endpoint of Prometheus set in advance.
```shell
kubectl apply -f rule
kubectl apply -f rules
```

#### Create Inspect Plan
Expand All @@ -55,7 +55,7 @@ metadata:
spec:
# The planned time for executing inspections only supports cron expressions. For example, '*/30 * * * ?' means that the inspection will be performed every 30 minutes.'
# If only a single inspection is required, then remove this parameter.
schedule: "*/30 * * * ?"
schedule: "* */12 * * ?"
# The maximum number of retained inspection results, if not filled in, will retain all.
maxTasks: 10
# Should the inspection plan be paused, applicable only to periodic inspections, true or false (default is false).
Expand All @@ -65,15 +65,15 @@ spec:
# Inspection rule list, used to associate corresponding inspection rules, please fill in the inspectRule name.
# Execute `kubectl get inspectrule` to view the inspection rules in the cluster.
ruleNames:
- name: inspect-rule-filter-file
- name: inspect-rule-node-info
- name: inspect-rule-node
- name: inspect-rule-sbnormalpodstatus
- name: inspect-rule-deployment
- name: inspect-rule-sysctl
- name: inspect-rule-prometheus
- name: inspect-rule-filechange
- name: inspect-rule-systemd
- name: configmap-inspect-rules
- name: cronjob-inspect-rules
- name: daemonset-inspect-rules
- name: deployment-inspect-rules
- name: event-inspect-rules
- name: job-inspect-rules
- name: node-inspect-rules
- name: pod-inspect-rules
- name: pod-state-inspect-rules
# nodeName: master
# nodeSelector:
# node-role.kubernetes.io/master: ""
Expand Down Expand Up @@ -118,4 +118,4 @@ http://<node address>:<node port>/kapis/kubeeye.kubesphere.io/v1alpha2/inspectre
* Systemd Service Status
* Node Basic Info
* File Content Inspection
* Service Connectivity
* Service Connectivity
30 changes: 15 additions & 15 deletions README_zh.md
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@ KubeEye 是为 Kubernetes 设计的云原生集群巡检工具,用于根据自
可从 [Releases](https://github.com/kubesphere/kubeeye/releases) 中下载安装包(其中包含helm chart,demo rules 以及 供离线环境部署的镜像)

```shell
VERSION=v1.0.0
VERSION=v1.0.3

wget https://github.com/kubesphere/kubeeye/releases/download/${VERSION}/kubeeye-offline-${VERSION}.tar.gz

Expand All @@ -35,12 +35,12 @@ helm upgrade --install kubeeye chart/kubeeye -n kubeeye-system --create-namespac

#### 导入规则

> 安装包中的rule目录下提供了demo规则,可根据需求自定义规则。
> 安装包中的 rules 目录下提供了 demo 规则,可根据需求自定义规则。
> 注意 prometheus 规则需提前为规则设置prometheus的endpoint
> 注意 promql 规则需提前为规则设置 prometheus 的 endpoint
```shell
kubectl apply -f rule
kubectl apply -f rules
```

#### 创建巡检计划
Expand All @@ -55,7 +55,7 @@ metadata:
spec:
# 需要执行检查的计划时间,仅支持cron表达式,例:"*/30 * * * ?"表示每30分钟执行一次巡检。
# 如果仅需单次巡检,则将该参数移除。
schedule: "*/30 * * * ?"
schedule: "* */12 * * ?"
# 巡检结果最大保留数量,不填写则是保留全部
maxTasks: 10
# 是否暂停巡检计划, 仅作用于周期巡检,true 或 flase (默认false)
Expand All @@ -65,15 +65,15 @@ spec:
# 巡检规则列表,用于关联对应的巡检规则,填写 inspectRule 名称
# 可通过 kubectl get inspectrule 查看集群中巡检规则
ruleNames:
- name: inspect-rule-filter-file
- name: inspect-rule-node-info
- name: inspect-rule-node
- name: inspect-rule-sbnormalpodstatus
- name: inspect-rule-deployment
- name: inspect-rule-sysctl
- name: inspect-rule-prometheus
- name: inspect-rule-filechange
- name: inspect-rule-systemd
- name: configmap-inspect-rules
- name: cronjob-inspect-rules
- name: daemonset-inspect-rules
- name: deployment-inspect-rules
- name: event-inspect-rules
- name: job-inspect-rules
- name: node-inspect-rules
- name: pod-inspect-rules
- name: pod-state-inspect-rules
# nodeName: master
# nodeSelector:
# node-role.kubernetes.io/master: ""
Expand Down Expand Up @@ -119,4 +119,4 @@ http://<node address>:<node port>/kapis/kubeeye.kubesphere.io/v1alpha2/inspectre
* Systemd 服务状态规则
* 节点基本信息规则
* 文件内容检查规则
* 服务连通性检查规则
* 服务连通性检查规则
22 changes: 16 additions & 6 deletions pkg/controllers/inspectplan_controller.go
Original file line number Diff line number Diff line change
Expand Up @@ -177,20 +177,31 @@ func (r *InspectPlanReconciler) Reconcile(ctx context.Context, req ctrl.Request)
now := time.Now()
scheduledTime := nextScheduledTimeDuration(schedule, plan.Status.LastScheduleTime)
if plan.Status.LastScheduleTime == nil || plan.Status.LastScheduleTime.Add(*scheduledTime).Before(now) {
oldPlan := plan.DeepCopy()

taskName, err := r.createInspectTask(plan, ctx)
if err != nil {
klog.Error("failed to create InspectTask.", err)
return ctrl.Result{}, err
}

plan.Status.NextScheduleTime = &metav1.Time{Time: schedule.Next(now)}
plan.Status.TaskNames = append(plan.Status.TaskNames, kubeeyev1alpha2.TaskNames{
Name: taskName,
TaskStatus: kubeeyev1alpha2.PhasePending,
})

r.cleanTask(ctx, plan)

r.Status().Patch(ctx, plan, client.MergeFrom(plan))
if err = r.updateStatus(ctx, plan, now, taskName); err != nil {
plan.Status.NextScheduleTime = &metav1.Time{Time: schedule.Next(now)}
plan.Status.LastScheduleTime = &metav1.Time{Time: now}
plan.Status.LastTaskName = taskName
plan.Status.LastTaskStatus = kubeeyev1alpha2.PhasePending

if err := r.Status().Patch(ctx, plan, client.MergeFrom(oldPlan)); err != nil {
klog.Error("failed to patch inspect plan status: ", err)
return ctrl.Result{}, err
}

return ctrl.Result{RequeueAfter: 3 * time.Second}, nil
} else {
nextScheduledTime := nextScheduledTimeDuration(schedule, &metav1.Time{Time: now})
Expand Down Expand Up @@ -291,7 +302,6 @@ func (r *InspectPlanReconciler) cleanTask(ctx context.Context, plan *kubeeyev1al
}
plan.Status.TaskNames = ConvertTaskStatus(tasks[len(tasks)-plan.Spec.MaxTasks:])
}

}
}
func (r *InspectPlanReconciler) updateStatus(ctx context.Context, plan *kubeeyev1alpha2.InspectPlan, now time.Time, taskName string) error {
Expand Down Expand Up @@ -353,7 +363,7 @@ func (r *InspectPlanReconciler) updateAddRuleReferNum(ctx context.Context, ruleN
for _, v := range ruleNames {
rule, err := r.KubeEyeFactory.V1alpha2().InspectRules().Lister().Get(v.Name)
if err != nil {
klog.Error(err, "Failed to get inspectRules")
klog.Error(err, " Failed to get inspectRules")
continue
}
rule.Labels = utils.MergeMap(rule.Labels, map[string]string{fmt.Sprintf("%s/%s", "kubeeye.kubesphere.io", plan.Name): plan.Name})
Expand Down Expand Up @@ -386,7 +396,7 @@ func (r *InspectPlanReconciler) updateSubRuleReferNum(ctx context.Context, ruleN
for _, v := range ruleNames {
rule, err := r.KubeEyeFactory.V1alpha2().InspectRules().Lister().Get(v.Name)
if err != nil {
klog.Error(err, "Failed to get inspectRules")
klog.Error(err, " Failed to get inspectRules")
continue
}
delete(rule.Labels, fmt.Sprintf("%s/%s", "kubeeye.kubesphere.io", plan.Name))
Expand Down
2 changes: 1 addition & 1 deletion sample/rules/kubeeye_filechange_inspect.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@
apiVersion: kubeeye.kubesphere.io/v1alpha2
kind: InspectRule
metadata:
name: inspect-rule-filechange
name: filechange-inspect-rules
spec:
fileChange:
- name: kubelet-config
Expand Down
2 changes: 1 addition & 1 deletion sample/rules/kubeeye_filterrule_inspect.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@
apiVersion: kubeeye.kubesphere.io/v1alpha2
kind: InspectRule
metadata:
name: inspect-rule-filter-file
name: filter-file-inspect-rules
spec:
fileFilter:
- name: systemLog
Expand Down
2 changes: 1 addition & 1 deletion sample/rules/kubeeye_nodeInfo_inspect.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@
apiVersion: kubeeye.kubesphere.io/v1alpha2
kind: InspectRule
metadata:
name: inspect-rule-node-info
name: node-info-inspect-rules
spec:
nodeInfo:
- name: Cpu
Expand Down
2 changes: 1 addition & 1 deletion sample/rules/kubeeye_promql_inspect.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@
apiVersion: kubeeye.kubesphere.io/v1alpha2
kind: InspectRule
metadata:
name: inspect-rule-prometheus
name: promql-inspect-rules
spec:
prometheusEndpoint: http://prometheus-k8s.kubesphere-monitoring-system.svc.cluster.local:9090
prometheus:
Expand Down
2 changes: 1 addition & 1 deletion sample/rules/kubeeye_services_connect_inspect.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@
apiVersion: kubeeye.kubesphere.io/v1alpha2
kind: InspectRule
metadata:
name: services-connect
name: services-connect-inspect-rules
spec:
serviceConnect:
- workspace: system-workspace
Expand Down
2 changes: 1 addition & 1 deletion sample/rules/kubeeye_sysctlrule_inspect.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@
apiVersion: kubeeye.kubesphere.io/v1alpha2
kind: InspectRule
metadata:
name: inspect-rule-sysctl
name: sysctl-inspect-rules
spec:
sysctl:
- name: net.ipv4.ip_forward
Expand Down
2 changes: 1 addition & 1 deletion sample/rules/kubeeye_systemd_inspect.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@
apiVersion: kubeeye.kubesphere.io/v1alpha2
kind: InspectRule
metadata:
name: inspect-rule-systemd
name: systemd-inspect-rules
spec:
systemd:
- name: docker
Expand Down

0 comments on commit 0cc9141

Please sign in to comment.