diff --git a/README.md b/README.md index fcfbd0aa..b3b9212d 100644 --- a/README.md +++ b/README.md @@ -17,7 +17,7 @@ KubeEye is a cloud-native cluster inspection tool specifically designed for Kube Download the installation package from [Releases](https://github.com/kubesphere/kubeeye/releases), which includes Helm chart, demo rules, and images for offline installation. ```shell -VERSION=v1.0.0 +VERSION=v1.0.3 wget https://github.com/kubesphere/kubeeye/releases/download/${VERSION}/kubeeye-offline-${VERSION}.tar.gz @@ -35,12 +35,12 @@ helm upgrade --install kubeeye chart/kubeeye -n kubeeye-system --create-namespac #### Import Inspect Rules -> The `rule` directory in the installation package provides demo rules, which can be customized according to specific needs. +> The `rules` directory in the installation package provides demo rules, which can be customized according to specific needs. -> Notice: Prometheus rules need to have the endpoint of Prometheus set in advance. +> Notice: PromQL rules need to have the endpoint of Prometheus set in advance. ```shell -kubectl apply -f rule +kubectl apply -f rules ``` #### Create Inspect Plan @@ -55,7 +55,7 @@ metadata: spec: # The planned time for executing inspections only supports cron expressions. For example, '*/30 * * * ?' means that the inspection will be performed every 30 minutes.' # If only a single inspection is required, then remove this parameter. - schedule: "*/30 * * * ?" + schedule: "* */12 * * ?" # The maximum number of retained inspection results, if not filled in, will retain all. maxTasks: 10 # Should the inspection plan be paused, applicable only to periodic inspections, true or false (default is false). @@ -65,15 +65,15 @@ spec: # Inspection rule list, used to associate corresponding inspection rules, please fill in the inspectRule name. # Execute `kubectl get inspectrule` to view the inspection rules in the cluster. ruleNames: - - name: inspect-rule-filter-file - - name: inspect-rule-node-info - - name: inspect-rule-node - - name: inspect-rule-sbnormalpodstatus - - name: inspect-rule-deployment - - name: inspect-rule-sysctl - - name: inspect-rule-prometheus - - name: inspect-rule-filechange - - name: inspect-rule-systemd + - name: configmap-inspect-rules + - name: cronjob-inspect-rules + - name: daemonset-inspect-rules + - name: deployment-inspect-rules + - name: event-inspect-rules + - name: job-inspect-rules + - name: node-inspect-rules + - name: pod-inspect-rules + - name: pod-state-inspect-rules # nodeName: master # nodeSelector: # node-role.kubernetes.io/master: "" @@ -118,4 +118,4 @@ http://<node address>:<node port>/kapis/kubeeye.kubesphere.io/v1alpha2/inspectre * Systemd Service Status * Node Basic Info * File Content Inspection -* Service Connectivity \ No newline at end of file +* Service Connectivity diff --git a/README_zh.md b/README_zh.md index 97c14392..6460fd49 100644 --- a/README_zh.md +++ b/README_zh.md @@ -17,7 +17,7 @@ KubeEye 是为 Kubernetes 设计的云原生集群巡检工具,用于根据自 可从 [Releases](https://github.com/kubesphere/kubeeye/releases) 中下载安装包(其中包含helm chart,demo rules 以及 供离线环境部署的镜像) ```shell -VERSION=v1.0.0 +VERSION=v1.0.3 wget https://github.com/kubesphere/kubeeye/releases/download/${VERSION}/kubeeye-offline-${VERSION}.tar.gz @@ -35,12 +35,12 @@ helm upgrade --install kubeeye chart/kubeeye -n kubeeye-system --create-namespac #### 导入规则 -> 安装包中的rule目录下提供了demo规则,可根据需求自定义规则。 +> 安装包中的 rules 目录下提供了 demo 规则,可根据需求自定义规则。 -> 注意 prometheus 规则需提前为规则设置prometheus的endpoint。 +> 注意 promql 规则需提前为规则设置 prometheus 的 endpoint。 ```shell -kubectl apply -f rule +kubectl apply -f rules ``` #### 创建巡检计划 @@ -55,7 +55,7 @@ metadata: spec: # 需要执行检查的计划时间,仅支持cron表达式,例:"*/30 * * * ?"表示每30分钟执行一次巡检。 # 如果仅需单次巡检,则将该参数移除。 - schedule: "*/30 * * * ?" + schedule: "* */12 * * ?" # 巡检结果最大保留数量,不填写则是保留全部 maxTasks: 10 # 是否暂停巡检计划, 仅作用于周期巡检,true 或 flase (默认false) @@ -65,15 +65,15 @@ spec: # 巡检规则列表,用于关联对应的巡检规则,填写 inspectRule 名称 # 可通过 kubectl get inspectrule 查看集群中巡检规则 ruleNames: - - name: inspect-rule-filter-file - - name: inspect-rule-node-info - - name: inspect-rule-node - - name: inspect-rule-sbnormalpodstatus - - name: inspect-rule-deployment - - name: inspect-rule-sysctl - - name: inspect-rule-prometheus - - name: inspect-rule-filechange - - name: inspect-rule-systemd + - name: configmap-inspect-rules + - name: cronjob-inspect-rules + - name: daemonset-inspect-rules + - name: deployment-inspect-rules + - name: event-inspect-rules + - name: job-inspect-rules + - name: node-inspect-rules + - name: pod-inspect-rules + - name: pod-state-inspect-rules # nodeName: master # nodeSelector: # node-role.kubernetes.io/master: "" @@ -119,4 +119,4 @@ http://<node address>:<node port>/kapis/kubeeye.kubesphere.io/v1alpha2/inspectre * Systemd 服务状态规则 * 节点基本信息规则 * 文件内容检查规则 -* 服务连通性检查规则 \ No newline at end of file +* 服务连通性检查规则 diff --git a/pkg/controllers/inspectplan_controller.go b/pkg/controllers/inspectplan_controller.go index 37214aa4..f0ba7b26 100644 --- a/pkg/controllers/inspectplan_controller.go +++ b/pkg/controllers/inspectplan_controller.go @@ -177,20 +177,31 @@ func (r *InspectPlanReconciler) Reconcile(ctx context.Context, req ctrl.Request) now := time.Now() scheduledTime := nextScheduledTimeDuration(schedule, plan.Status.LastScheduleTime) if plan.Status.LastScheduleTime == nil || plan.Status.LastScheduleTime.Add(*scheduledTime).Before(now) { + oldPlan := plan.DeepCopy() + taskName, err := r.createInspectTask(plan, ctx) if err != nil { klog.Error("failed to create InspectTask.", err) return ctrl.Result{}, err } - plan.Status.NextScheduleTime = &metav1.Time{Time: schedule.Next(now)} + plan.Status.TaskNames = append(plan.Status.TaskNames, kubeeyev1alpha2.TaskNames{ + Name: taskName, + TaskStatus: kubeeyev1alpha2.PhasePending, + }) r.cleanTask(ctx, plan) - r.Status().Patch(ctx, plan, client.MergeFrom(plan)) - if err = r.updateStatus(ctx, plan, now, taskName); err != nil { + plan.Status.NextScheduleTime = &metav1.Time{Time: schedule.Next(now)} + plan.Status.LastScheduleTime = &metav1.Time{Time: now} + plan.Status.LastTaskName = taskName + plan.Status.LastTaskStatus = kubeeyev1alpha2.PhasePending + + if err := r.Status().Patch(ctx, plan, client.MergeFrom(oldPlan)); err != nil { + klog.Error("failed to patch inspect plan status: ", err) return ctrl.Result{}, err } + return ctrl.Result{RequeueAfter: 3 * time.Second}, nil } else { nextScheduledTime := nextScheduledTimeDuration(schedule, &metav1.Time{Time: now}) @@ -291,7 +302,6 @@ func (r *InspectPlanReconciler) cleanTask(ctx context.Context, plan *kubeeyev1al } plan.Status.TaskNames = ConvertTaskStatus(tasks[len(tasks)-plan.Spec.MaxTasks:]) } - } } func (r *InspectPlanReconciler) updateStatus(ctx context.Context, plan *kubeeyev1alpha2.InspectPlan, now time.Time, taskName string) error { @@ -353,7 +363,7 @@ func (r *InspectPlanReconciler) updateAddRuleReferNum(ctx context.Context, ruleN for _, v := range ruleNames { rule, err := r.KubeEyeFactory.V1alpha2().InspectRules().Lister().Get(v.Name) if err != nil { - klog.Error(err, "Failed to get inspectRules") + klog.Error(err, " Failed to get inspectRules") continue } rule.Labels = utils.MergeMap(rule.Labels, map[string]string{fmt.Sprintf("%s/%s", "kubeeye.kubesphere.io", plan.Name): plan.Name}) @@ -386,7 +396,7 @@ func (r *InspectPlanReconciler) updateSubRuleReferNum(ctx context.Context, ruleN for _, v := range ruleNames { rule, err := r.KubeEyeFactory.V1alpha2().InspectRules().Lister().Get(v.Name) if err != nil { - klog.Error(err, "Failed to get inspectRules") + klog.Error(err, " Failed to get inspectRules") continue } delete(rule.Labels, fmt.Sprintf("%s/%s", "kubeeye.kubesphere.io", plan.Name)) diff --git a/sample/rules/kubeeye_filechange_inspect.yaml b/sample/rules/kubeeye_filechange_inspect.yaml index 7ed9371b..d485bf15 100644 --- a/sample/rules/kubeeye_filechange_inspect.yaml +++ b/sample/rules/kubeeye_filechange_inspect.yaml @@ -3,7 +3,7 @@ apiVersion: kubeeye.kubesphere.io/v1alpha2 kind: InspectRule metadata: - name: inspect-rule-filechange + name: filechange-inspect-rules spec: fileChange: - name: kubelet-config diff --git a/sample/rules/kubeeye_filterrule_inspect.yaml b/sample/rules/kubeeye_filterrule_inspect.yaml index fc3d089f..fff3835a 100644 --- a/sample/rules/kubeeye_filterrule_inspect.yaml +++ b/sample/rules/kubeeye_filterrule_inspect.yaml @@ -3,7 +3,7 @@ apiVersion: kubeeye.kubesphere.io/v1alpha2 kind: InspectRule metadata: - name: inspect-rule-filter-file + name: filter-file-inspect-rules spec: fileFilter: - name: systemLog diff --git a/sample/rules/kubeeye_nodeInfo_inspect.yaml b/sample/rules/kubeeye_nodeInfo_inspect.yaml index f1122f12..7a7b09b7 100644 --- a/sample/rules/kubeeye_nodeInfo_inspect.yaml +++ b/sample/rules/kubeeye_nodeInfo_inspect.yaml @@ -3,7 +3,7 @@ apiVersion: kubeeye.kubesphere.io/v1alpha2 kind: InspectRule metadata: - name: inspect-rule-node-info + name: node-info-inspect-rules spec: nodeInfo: - name: Cpu diff --git a/sample/rules/kubeeye_promql_inspect.yaml b/sample/rules/kubeeye_promql_inspect.yaml index d932cebf..67022096 100644 --- a/sample/rules/kubeeye_promql_inspect.yaml +++ b/sample/rules/kubeeye_promql_inspect.yaml @@ -3,7 +3,7 @@ apiVersion: kubeeye.kubesphere.io/v1alpha2 kind: InspectRule metadata: - name: inspect-rule-prometheus + name: promql-inspect-rules spec: prometheusEndpoint: http://prometheus-k8s.kubesphere-monitoring-system.svc.cluster.local:9090 prometheus: diff --git a/sample/rules/kubeeye_services_connect_inspect.yaml b/sample/rules/kubeeye_services_connect_inspect.yaml index 5b73d800..1ff0a853 100644 --- a/sample/rules/kubeeye_services_connect_inspect.yaml +++ b/sample/rules/kubeeye_services_connect_inspect.yaml @@ -3,7 +3,7 @@ apiVersion: kubeeye.kubesphere.io/v1alpha2 kind: InspectRule metadata: - name: services-connect + name: services-connect-inspect-rules spec: serviceConnect: - workspace: system-workspace diff --git a/sample/rules/kubeeye_sysctlrule_inspect.yaml b/sample/rules/kubeeye_sysctlrule_inspect.yaml index 8e2f0dca..dfb32e15 100644 --- a/sample/rules/kubeeye_sysctlrule_inspect.yaml +++ b/sample/rules/kubeeye_sysctlrule_inspect.yaml @@ -3,7 +3,7 @@ apiVersion: kubeeye.kubesphere.io/v1alpha2 kind: InspectRule metadata: - name: inspect-rule-sysctl + name: sysctl-inspect-rules spec: sysctl: - name: net.ipv4.ip_forward diff --git a/sample/rules/kubeeye_systemd_inspect.yaml b/sample/rules/kubeeye_systemd_inspect.yaml index be746646..38ed290d 100644 --- a/sample/rules/kubeeye_systemd_inspect.yaml +++ b/sample/rules/kubeeye_systemd_inspect.yaml @@ -3,7 +3,7 @@ apiVersion: kubeeye.kubesphere.io/v1alpha2 kind: InspectRule metadata: - name: inspect-rule-systemd + name: systemd-inspect-rules spec: systemd: - name: docker