From 70cc29add56419ca0a5e4d33b24979c7f60e5085 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Mon, 30 Oct 2023 11:52:08 -0400 Subject: [PATCH] Codebundle index update. (#233) Co-authored-by: stewartshea@users.noreply.github.com --- README.md | 5 +- SUMMARY.md | 39 ++-- .../k8s-ingress-gce-healthcheck/meta.yaml | 207 ++++++++++++++++++ codebundles/k8s-podresources-health/meta.yaml | 4 +- libraries/.docs/CLI.md | 15 +- 5 files changed, 240 insertions(+), 30 deletions(-) create mode 100644 codebundles/k8s-ingress-gce-healthcheck/meta.yaml diff --git a/README.md b/README.md index e9652228..4d36da29 100644 --- a/README.md +++ b/README.md @@ -1,5 +1,5 @@ -Troubleshooting Tasks in Codecollection: **103** -Codebundles in Codecollection: **36** +Troubleshooting Tasks in Codecollection: **108** +Codebundles in Codecollection: **37** ![](docs/GitHub_Banner.jpg) @@ -64,6 +64,7 @@ Run the codebundle | [Kubernetes FluxCD HelmRelease TaskSet](https://github.com/runwhen-contrib/rw-cli-codecollection/blob/main/codebundles/k8s-fluxcd-helm-health/runbook.robot) | `Kubernetes`, `AKS`, `EKS`, `GKE`, `OpenShift`, `FluxCD` | `List all available FluxCD Helmreleases`, `Fetch Installed FluxCD Helmrelease Versions`, `Fetch Mismatched FluxCD HelmRelease Version`, `Fetch FluxCD HelmRelease Error Messages`, `Check for Available Helm Chart Updates` | This codebundle runs a series of tasks to identify potential helm release issues related to Flux managed Helm objects. [Docs](https://docs.runwhen.com/public/v/cli-codecollection/k8s-fluxcd-helm-health) | | [Kubernetes FluxCD Kustomization TaskSet](https://github.com/runwhen-contrib/rw-cli-codecollection/blob/main/codebundles/k8s-fluxcd-kustomization-health/runbook.robot) | `Kubernetes`, `AKS`, `EKS`, `GKE`, `OpenShift`, `FluxCD` | `List all available Kustomization objects`, `Get details for unready Kustomizations` | This codebundle runs a series of tasks to identify potential Kustomization issues related to Flux managed Kustomization objects. [Docs](https://docs.runwhen.com/public/v/cli-codecollection/k8s-fluxcd-kustomization-health) | | [Kubernetes Image Check](https://github.com/runwhen-contrib/rw-cli-codecollection/blob/main/codebundles/k8s-image-check/runbook.robot) | `Kubernetes`, `AKS`, `EKS`, `GKE`, `OpenShift` | `Check Image Rollover Times In Namespace`, `List Images and Tags for Every Container in Running Pods`, `List Images and Tags for Every Container in Failed Pods`, `List ImagePullBackOff Events and Test Path and Tags` | This taskset provides detailed information about the images used in a Kubernetes namespace. [Docs](https://docs.runwhen.com/public/v/cli-codecollection/k8s-image-check) | +| [Kubernetes Ingress GCE & GCP HTTP Load Balancer Healthcheck](https://github.com/runwhen-contrib/rw-cli-codecollection/blob/main/codebundles/k8s-ingress-gce-healthcheck/runbook.robot) | `Kubernetes`, `GKE`, `GCE`, `GCP` | `Search For GCE Ingress Warnings in GKE`, `Identify Unhealthy GCE HTTP Ingress Backends`, `Validate GCP HTTP Load Balancer Configurations`, `Fetch Network Error Logs from GCP Operations Manager for Ingress Backends`, `Review GCP Operations Logging Dashboard` | Troubleshoot GCE Ingress Resources related to GCP HTTP Load Balancer in GKE [Docs](https://docs.runwhen.com/public/v/cli-codecollection/k8s-ingress-gce-healthcheck) | | [Kubernetes Ingress Healthcheck](https://github.com/runwhen-contrib/rw-cli-codecollection/blob/main/codebundles/k8s-ingress-healthcheck/runbook.robot) | `Kubernetes`, `AKS`, `EKS`, `GKE`, `OpenShift` | `Fetch Ingress Object Health in Namespace` | Triages issues related to a ingress objects and services. [Docs](https://docs.runwhen.com/public/v/cli-codecollection/k8s-ingress-healthcheck) | | [Kubernetes Jenkins Healthcheck](https://github.com/runwhen-contrib/rw-cli-codecollection/blob/main/codebundles/k8s-jenkins-healthcheck/runbook.robot) | `Kubernetes`, `AKS`, `EKS`, `GKE`, `OpenShift`, `Jenkins` | `Query The Jenkins Kubernetes Workload HTTP Endpoint`, `Query For Stuck Jenkins Jobs` | This taskset collects information about perstistent volumes and persistent volume claims to validate health or help troubleshoot potential issues. [Docs](https://docs.runwhen.com/public/v/cli-codecollection/k8s-jenkins-healthcheck) | | [Kubernetes Labeled Pod Count](https://github.com/runwhen-contrib/rw-cli-codecollection/blob/main/codebundles/k8s-labeledpods-healthcheck/sli.robot) | `Kubernetes`, `AKS`, `EKS`, `GKE`, `OpenShift` | `Measure Number of Running Pods with Label` | This codebundle fetches the number of running pods with the set of provided labels, letting you measure the number of running pods. [Docs](https://docs.runwhen.com/public/v/cli-codecollection/k8s-labeledpods-healthcheck) | diff --git a/SUMMARY.md b/SUMMARY.md index dcadd4cb..e739128f 100644 --- a/SUMMARY.md +++ b/SUMMARY.md @@ -1,34 +1,35 @@ # Summary ## Codebundles -* [k8s-jenkins-healthcheck](codebundles/k8s-jenkins-healthcheck/README.md) -* [k8s-namespace-healthcheck](codebundles/k8s-namespace-healthcheck/README.md) -* [k8s-pvc-healthcheck](codebundles/k8s-pvc-healthcheck/README.md) -* [k8s-vault-healthcheck](codebundles/k8s-vault-healthcheck/README.md) +* [k8s-deployment-healthcheck](codebundles/k8s-deployment-healthcheck/README.md) * [k8s-fluxcd-helm-health](codebundles/k8s-fluxcd-helm-health/README.md) -* [k8s-image-check](codebundles/k8s-image-check/README.md) -* [k8s-daemonset-healthcheck](codebundles/k8s-daemonset-healthcheck/README.md) -* [k8s-statefulset-healthcheck](codebundles/k8s-statefulset-healthcheck/README.md) -* [k8s-argocd-application-health](codebundles/k8s-argocd-application-health/README.md) -* [curl-http-ok](codebundles/curl-http-ok/README.md) -* [gcloud-node-preempt](codebundles/gcloud-node-preempt/README.md) -* [k8s-artifactory-health](codebundles/k8s-artifactory-health/README.md) +* [k8s-argocd-helm-health](codebundles/k8s-argocd-helm-health/README.md) +* [k8s-certmanager-healthcheck](codebundles/k8s-certmanager-healthcheck/README.md) +* [gcloud-log-inspection](codebundles/gcloud-log-inspection/README.md) * [k8s-serviceaccount-check](codebundles/k8s-serviceaccount-check/README.md) -* [curl-gmp-kong-ingress-inspection](codebundles/curl-gmp-kong-ingress-inspection/README.md) * [k8s-chaos-flux](codebundles/k8s-chaos-flux/README.md) -* [curl-gmp-nginx-ingress-inspection](codebundles/curl-gmp-nginx-ingress-inspection/README.md) +* [curl-http-ok](codebundles/curl-http-ok/README.md) * [aws-eks-node-reboot](codebundles/aws-eks-node-reboot/README.md) -* [k8s-argocd-helm-health](codebundles/k8s-argocd-helm-health/README.md) -* [k8s-ingress-healthcheck](codebundles/k8s-ingress-healthcheck/README.md) +* [k8s-argocd-application-health](codebundles/k8s-argocd-application-health/README.md) +* [curl-gmp-nginx-ingress-inspection](codebundles/curl-gmp-nginx-ingress-inspection/README.md) +* [k8s-daemonset-healthcheck](codebundles/k8s-daemonset-healthcheck/README.md) +* [curl-gmp-kong-ingress-inspection](codebundles/curl-gmp-kong-ingress-inspection/README.md) +* [k8s-artifactory-health](codebundles/k8s-artifactory-health/README.md) * [k8s-redis-healthcheck](codebundles/k8s-redis-healthcheck/README.md) * [k8s-fluxcd-kustomization-health](codebundles/k8s-fluxcd-kustomization-health/README.md) -* [gcloud-log-inspection](codebundles/gcloud-log-inspection/README.md) -* [k8s-certmanager-healthcheck](codebundles/k8s-certmanager-healthcheck/README.md) -* [k8s-deployment-healthcheck](codebundles/k8s-deployment-healthcheck/README.md) +* [k8s-image-check](codebundles/k8s-image-check/README.md) * [aws-cloudwatch-overused-ec2](codebundles/aws-cloudwatch-overused-ec2/README.md) +* [k8s-statefulset-healthcheck](codebundles/k8s-statefulset-healthcheck/README.md) +* [k8s-ingress-gce-healthcheck](codebundles/k8s-ingress-gce-healthcheck/README.md) +* [k8s-vault-healthcheck](codebundles/k8s-vault-healthcheck/README.md) +* [k8s-jenkins-healthcheck](codebundles/k8s-jenkins-healthcheck/README.md) +* [k8s-pvc-healthcheck](codebundles/k8s-pvc-healthcheck/README.md) +* [k8s-ingress-healthcheck](codebundles/k8s-ingress-healthcheck/README.md) +* [gcloud-node-preempt](codebundles/gcloud-node-preempt/README.md) +* [k8s-namespace-healthcheck](codebundles/k8s-namespace-healthcheck/README.md) ## Keywords +* [CLI](libraries/.docs/CLI.md) * [stdout_parser](libraries/.docs/stdout_parser.md) * [cli_utils](libraries/.docs/cli_utils.md) * [json_parser](libraries/.docs/json_parser.md) -* [CLI](libraries/.docs/CLI.md) diff --git a/codebundles/k8s-ingress-gce-healthcheck/meta.yaml b/codebundles/k8s-ingress-gce-healthcheck/meta.yaml new file mode 100644 index 00000000..6befef72 --- /dev/null +++ b/codebundles/k8s-ingress-gce-healthcheck/meta.yaml @@ -0,0 +1,207 @@ +commands: +- command: INGRESS_NAME=${INGRESS}; NAMESPACE=${NAMESPACE}; CONTEXT=${CONTEXT}; kubectl + get events -n $NAMESPACE --context $CONTEXT --field-selector involvedObject.kind=Ingress,involvedObject.name=$INGRESS_NAME,type!=Normal; + for SERVICE_NAME in $(kubectl get ingress $INGRESS_NAME -n $NAMESPACE --context + $CONTEXT -o=jsonpath='{.spec.rules[*].http.paths[*].backend.service.name}'); do + kubectl get events -n $NAMESPACE --context $CONTEXT --field-selector involvedObject.kind=Service,involvedObject.name=$SERVICE_NAME,type!=Normal; + done + doc_links: ' + + - [Kubernetes Documentation for ''kubectl get events'' command](https://kubernetes.io/docs/reference/generated/kubectl/kubectl-commands#get-events){:target="_blank"} + + - [Kubernetes Documentation for ''kubectl get ingress'' command](https://kubernetes.io/docs/reference/generated/kubectl/kubectl-commands#get-ingress){:target="_blank"} + + - [Kubernetes Concepts: Ingress](https://kubernetes.io/docs/concepts/services-networking/ingress/){:target="_blank"}' + explanation: "\n\nThis command checks events for an Ingress and any related Services.\ + \ It takes Ingress name, Namespace, and Context as parameters in order to better\ + \ control the scope of what Kubernetes resources are being observed. \n\nThe first\ + \ portion of the command uses the kubectl get events command to look up any non-normal\ + \ events related to the specified Ingress. Then, it enumerates through each related\ + \ Service using a jsonpath query and executes the same kubectl get events command\ + \ on each service in order to check for any additional associated events." + multi_line_details: "\n\n#gather environment variables \nINGRESS_NAME=${INGRESS}\n\ + NAMESPACE=${NAMESPACE}\nCONTEXT=${CONTEXT}\n\n#get the events related to the ingress\ + \ object\nkubectl get events -n $NAMESPACE --context $CONTEXT \\\n --field-selector\ + \ \\\n involvedObject.kind=Ingress,\\\n involvedObject.name=$INGRESS_NAME,\\\ + \n type!=Normal\n\n#loop through the services associated with the ingress\n\ + for SERVICE_NAME in $(kubectl get ingress $INGRESS_NAME -n $NAMESPACE --context\ + \ $CONTEXT \\\n -o=jsonpath='{.spec.rules[*].http.paths[*].backend.service.name}');\ + \ \ndo \n\n #for each service, get the events related to that service object\ + \ \n kubectl get events -n $NAMESPACE --context $CONTEXT \\\n --field-selector\ + \ \\\n involvedObject.kind=Service,\\\n involvedObject.name=$SERVICE_NAME,\\\ + \n type!=Normal\ndone" + name: search_for_gce_ingress_warnings_in_gke +- command: 'INGRESS_NAME=${INGRESS}; NAMESPACE=${NAMESPACE}; CONTEXT=${CONTEXT}; kubectl + get ingress $INGRESS_NAME -n $NAMESPACE --context $CONTEXT -o=json | jq -r ''.metadata.annotations["ingress.kubernetes.io/backends"] + | fromjson | to_entries[] | select(.value != "HEALTHY") | "Backend: " + .key + + " Status: " + .value''' + doc_links: ' + + - [Kubernetes Ingress Documentation](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.17/#ingress-v1-networking-k8s-io){:target="_blank"} + + - [jq documentation for JSON manipulation](https://stedolan.github.io/jq/){:target="_blank"} + + - [The official jq manual](https://www.manpagez.com/man/1/jq/){:target="_blank"}' + explanation: ' + + + This command is used to obtain the statuses of all backends associated with a + specific Kubernetes ingress. It uses kubectl, which is a command line tool to + work with Kubernetes objects, and passes in some variables such as $INGRESS, $NAMESPACE, + and $CONTEXT. The output is then further processed by jq, a command line JSON + processor, to obtain the backend key and status value. This can be useful to check + if any backend related to an Ingress is unhealthy or not.' + multi_line_details: "\n\n# First set up environment variables for the ingress name,\ + \ namespace, and context\nINGRESS_NAME=${INGRESS}\nNAMESPACE=${NAMESPACE}\nCONTEXT=${CONTEXT}\n\ + \n# Get all of the annotations from the ingress \n# This command uses kubectl\ + \ to communicate with your kubernetes cluster. For more info see here: https://kubernetes.io/docs/reference/kubectl/overview/\n\ + ingressAnnotations=$(kubectl get ingress $INGRESS_NAME -n $NAMESPACE --context\ + \ $CONTEXT -o=json) \n\n# Massage the output using json tools to figure out which\ + \ backend status is not healthy\n# jq is a tool for processing json input (more\ + \ info here: https://stedolan.github.io/jq/tutorial/)\nbackendStatus=$(echo $ingressAnnotations\ + \ | jq -r '.metadata.annotations[\"ingress.kubernetes.io/backends\"] | fromjson\ + \ | to_entries[] | select(.value != \"HEALTHY\") | \"Backend: \" + .key + \" Status:\ + \ \" + .value') \n\necho ${backendStatus}" + name: identify_unhealthy_gce_http_ingress_backends +- command: 'INGRESS_NAME=${INGRESS}; NAMESPACE=${NAMESPACE}; CONTEXT=${CONTEXT}; GCP_PROJECT_ID=${GCP_PROJECT_ID};for + backend in $(kubectl get ingress $INGRESS_NAME -n $NAMESPACE --context $CONTEXT + -o=json | jq -r ''.metadata.annotations["ingress.kubernetes.io/backends"] | fromjson + | to_entries[] | select(.value != "HEALTHY") | .key''); do echo "Backend: \${backend}" + && gcloud auth activate-service-account --key-file=$GOOGLE_APPLICATION_CREDENTIALS + && gcloud logging read ''severity="ERROR" AND resource.type="gce_network" AND + protoPayload.resourceName=~"''\${backend}''"'' --freshness=1d --limit=50 --project + "$GCP_PROJECT_ID" --format=json | jq ''[.[] | {timestamp: .timestamp, ip: .protoPayload.request.networkEndpoints[].ipAddress, + message: .protoPayload.response.error.message}] | group_by(.message) | map(max_by(.timestamp)) + | .[] | (.timestamp + " | IP: " + .ip + " | Error: " + .message)''; done' + doc_links: ' + + - [Kubernetes Documentation - Ingress](https://kubernetes.io/docs/concepts/services-networking/ingress/){:target="_blank"} + + - [jq - Command Line JSON Processor](https://stedolan.github.io/jq/){:target="_blank"} + + - [Google Cloud gcloud logging read Command Reference](https://cloud.google.com/sdk/gcloud/reference/logging/read){:target="_blank"} + + - [Google JSON Key file information](https://cloud.google.com/iam/docs/creating-managing-service-account-keys#sa-key-json-file){:target="_blank"}' + explanation: "\n\nThis command is for troubleshooting Ingress resources within Kubernetes.\ + \ It uses the GCP Project ID, Ingress NAME, NAMESPACE and CONTEXT provided to\ + \ output error messages related to backends that aren't HEALTHY. It first makes\ + \ sure that the service account for GCloud can be used with 'gcloud auth activate-service-acccount'\ + \ and then it reads the errors using GCloud logging with 'gcloud logging read'.\ + \ The command is filtered to severity ERROR, about a network of type \u2018gce_network\u2019\ + , associated with backend provided by the Ingress resource, and is limited to\ + \ entries of the last day. Finally, 'jq' is used to output the timestamp, IP address,\ + \ and error message related to each backend specified in the Ingress resources." + multi_line_details: " \n\n# Get name of ingress resource and namespace it's in,\ + \ along with context and GCP project ID \nINGRESS_NAME=${INGRESS}\nNAMESPACE=${NAMESPACE}\n\ + CONTEXT=${CONTEXT}\nGCP_PROJECT_ID=${GCP_PROJECT_ID}\n\n# Use kubectl to get a\ + \ json file that contains annotations about the ingress (metadata about the resources)\ + \ \nJSON=$(kubectl get ingress $INGRESS_NAME -n $NAMESPACE --context $CONTEXT\ + \ -o=json)\n\n# Extract backends from JSON using jq to parse it\nBACKENDS=$(echo\ + \ $JSON | jq -r '.metadata.annotations[\"ingress.kubernetes.io/backends\"] | fromjson\ + \ | to_entries[] | select(.value != \"HEALTHY\") | .key') \n\n# Iterate over each\ + \ backend\nfor backend in $BACKENDS; do \n # Print out the backend name for\ + \ reference\n echo \"Backend: \\${backend}\"\n \n # Authenticate with\ + \ gcloud\n gcloud auth activate-service-account --key-file=$GOOGLE_APPLICATION_CREDENTIALS\n\ + \n # Fetch error log entries from logging API for the past day\n ERROR_LOGS=$(gcloud\ + \ logging read 'severity=\"ERROR\" AND resource.type=\"gce_network\" AND protoPayload.resourceName=~\"\ + '$backend'\"' --freshness=1d --limit=50 --project \"$GCP_PROJECT_ID\" --format=json)\n\ + \n # Parse each log entry in logs returned by logging API, and print out relevant\ + \ information\n LOGS=$(echo $ERROR_LOGS | jq '[.[] | {timestamp: .timestamp,\ + \ ip: .protoPayload.request.networkEndpoints[].ipAddress, message: .protoPayload.response.error.message}]\ + \ | group_by(.message) | map(max_by(.timestamp)) | .[] | (.timestamp + \" | IP:\ + \ \" + .ip + \" | Error: \" + .message)') \ndone" + name: fetch_network_error_logs_from_gcp_operations_manager_for_ingress_backends +- command: INGRESS=${INGRESS}; NAMESPACE=${NAMESPACE}; CONTEXT=${CONTEXT}; FORWARDING_RULE=$(kubectl + get ingress $INGRESS -n $NAMESPACE --context $CONTEXT -o=jsonpath='{.metadata.annotations.ingress\.kubernetes\.io/forwarding-rule}') + && URL_MAP=$(kubectl get ingress $INGRESS -n $NAMESPACE --context $CONTEXT -o=jsonpath='{.metadata.annotations.ingress\.kubernetes\.io/url-map}') + && TARGET_PROXY=$(kubectl get ingress $INGRESS -n $NAMESPACE --context $CONTEXT + -o=jsonpath='{.metadata.annotations.ingress\.kubernetes\.io/target-proxy}') && + LOG_QUERY="resource.type=\"http_load_balancer\" AND resource.labels.forwarding_rule_name=\"$FORWARDING_RULE\" + AND resource.labels.target_proxy_name=\"$TARGET_PROXY\" AND resource.labels.url_map_name=\"$URL_MAP\"" + && ENCODED_LOG_QUERY=$(echo $LOG_QUERY | sed -e 's| |%20|g' -e 's|"|%22|g' -e + 's|(|%28|g' -e 's|)|%29|g' -e 's|=|%3D|g' -e 's|/|%2F|g') && GCP_LOGS_URL="https://console.cloud.google.com/logs/query;query=$ENCODED_LOG_QUERY?project=$GCP_PROJECT_ID" + && echo $GCP_LOGS_URL + doc_links: ' + + - [Documentation for Kubernetes ingress](https://kubernetes.io/docs/concepts/services-networking/ingress/){:target="_blank"} + + - [Documentation for jsonpath query language](https://kubernetes.io/docs/reference/kubectl/jsonpath/){:target="_blank"} + + - [Documentation for Google Cloud Platform Logs Viewer](https://cloud.google.com/logging/docs/view/overview){:target="_blank"}' + explanation: "\n\nThe command above allows you to get the GCP logging URL for a\ + \ specific Kubernetes Ingress resource. It retrieves the associated Forwarding\ + \ Rule, URL Map and Target Proxy annotations to build the query string that will\ + \ point to the GCP Logging URL. The command can be simplified as follows:\n\n\ + 1. Retrieve the Ingress name, namespace, and context from environment variables.\ + \ \n2. Use `kubectl` to extract the references to the associated Forwarding Rule,\ + \ URL Map, and Target Proxy annotations.\n3. Prepare the log query by encoding\ + \ it and replacing spaces (\u201C \u201D), double quotes (\u201C\"\u2019), parentheses\ + \ (\"(\" and \")\"), and certain symbols such as equal sign (\"=\") and slash\ + \ (\"/\") with the corresponding encoded characters (%20, %22, %28, %29, %3D,\ + \ and %2F respectively).\n4. Construct the GCP Logging URL by combining the encoded\ + \ query with the project ID.\n5. Output the GCP Logging URL." + multi_line_details: "\n\n#This command is to retrieve and output the Google Cloud\ + \ Logs URL of a Kubernetes Ingress. It has been split into several lines for enhanced\ + \ readability.\n#We first store the variables for the namespace, context and ingress\ + \ in seperate variables:\nINGRESS=${INGRESS}\nNAMESPACE=${NAMESPACE}\nCONTEXT=${CONTEXT}\n\ + \n#We use the kubectl command to retrieve the forwarding-rule, url-map and target-proxy\ + \ of the ingress defined by the variables from above\nFORWARDING_RULE=$(kubectl\ + \ get ingress $INGRESS -n $NAMESPACE --context $CONTEXT -o=jsonpath='{.metadata.annotations.ingress\\\ + .kubernetes\\.io/forwarding-rule}')\nURL_MAP=$(kubectl get ingress $INGRESS -n\ + \ $NAMESPACE --context $CONTEXT -o=jsonpath='{.metadata.annotations.ingress\\\ + .kubernetes\\.io/url-map}')\nTARGET_PROXY=$(kubectl get ingress $INGRESS -n $NAMESPACE\ + \ --context $CONTEXT -o=jsonpath='{.metadata.annotations.ingress\\.kubernetes\\\ + .io/target-proxy}')\n\n#We then assemble a string which contains the log query\ + \ we want to execute against Google Cloud Logs.\nLOG_QUERY=\"resource.type=\\\"\ + http_load_balancer\\\" AND resource.labels.forwarding_rule_name=\\\"$FORWARDING_RULE\\\ + \" AND resource.labels.target_proxy_name=\\\"$TARGET_PROXY\\\" AND resource.labels.url_map_name=\\\ + \"$URL_MAP\\\"\"\n\n#Google Cloud logs requires certain characters in its URL\ + \ strings to be URL encoded, so that it can correctly decode and interpret them.\ + \ As such, we encode our query string as an URL. \nENCODED_LOG_QUERY=$(echo $LOG_QUERY\ + \ | sed -e 's| |%20|g' -e 's|\"|%22|g' -e 's|(|%28|g' -e 's|)|%29|g' -e 's|=|%3D|g'\ + \ -e 's|/|%2F|g')\n\n#We assemble the complete URL for the log query.\nGCP_LOGS_URL=\"\ + https://console.cloud.google.com/logs/query;query=$ENCODED_LOG_QUERY?project=$GCP_PROJECT_ID\"\ + \n\n#Finally, we output the URL\necho $GCP_LOGS_URL" + name: review_gcp_operations_logging_dashboard +- command: INGRESS=${INGRESS}; NAMESPACE=${NAMESPACE}; CONTEXT=${CONTEXT}; QUERY="resource.type=\"gce_network\"" + && for backend in $(kubectl get ingress $INGRESS -n $NAMESPACE --context $CONTEXT + -o=json | jq -r '.metadata.annotations["ingress.kubernetes.io/backends"] | fromjson + | to_entries[] | select(.value != "HEALTHY") | .key'); do QUERY="$QUERY AND protoPayload.resourceName=~\"$backend\""; + done && ENCODED_QUERY=$(echo $QUERY | jq -sRr @uri) && DASHBOARD_URL="https://console.cloud.google.com/logs/query;query=$ENCODED_QUERY?project=$GCP_PROJECT_ID" + && echo $DASHBOARD_URL + doc_links: ' + + - [Kubectl documentation](https://kubernetes.io/docs/reference/generated/kubectl/kubectl-commands){:target="_blank"} + + - [Google Cloud Platform logs documentation](https://cloud.google.com/logging/docs/){:target="_blank"} + + - [JSON manipulation with jq](https://stedolan.github.io/jq/){:target="_blank"}' + explanation: ' + + + This command allows you to get the URL of a logs dashboard on the Google Cloud + Platform (GCP). It is used to view Kubernetes Ingress logs for a specific namespace + in a given context. The first part checks the annotations field of an Ingress + object and collects all the resources (typically GCE Networks) associated with + it. This set of resource names is then added to a query which is then encoded + and appended to the dashboard URL, including the GCP project ID. Finally, the + URL is printed to the console.' + multi_line_details: "\n\n# Define environmental variables for ease of use and for\ + \ more clarity\nINGRESS=\"${INGRESS}\"\nNAMESPACE=\"${NAMESPACE}\" \nCONTEXT=\"\ + ${CONTEXT}\"\nQUERY=\"resource.type=\\\"gce_network\\\"\"\n\n# Use kubectl to\ + \ get the ingress that was specified through the environmental variable $INGRESS\n\ + # Add a namespace to this appendant (set through environmental variable $KUBERNETES)\n\ + # Use the context that is set through the environmental variable $CONTEXT\n# Create\ + \ an output as json\nbackend=$(kubectl get ingress ${INGRESS} -n ${NAMESPACE}\ + \ --context ${CONTEXT} -o=json)\n\n# Use jq to query the data inside backend,\ + \ so we create a list of backends that have value different than 'HEALTHY'\nfor\ + \ backend in $(echo ${backend} | jq -r '.metadata.annotations[\"ingress.kubernetes.io/backends\"\ + ] | fromjson | to_entries[] | select(.value != \"HEALTHY\") | .key'); do\n #\ + \ Append the new fetched backend to the initial created query\n QUERY=\"$QUERY\ + \ AND protoPayload.resourceName=~\\\"$backend\\\"\";\ndone\n\n# Echo out the final\ + \ query in a URI encoded format\nENCODED_QUERY=$(echo $QUERY | jq -sRr @uri)\n\ + \n# Get the GCP project ID from the existing environmental variable $GCP_PROJECT_ID\n\ + # Create a Dashboard URL that can be used to search query logs in the Google Cloud\ + \ Platform Console\nDASHBOARD_URL=\"https://console.cloud.google.com/logs/query;query=${ENCODED_QUERY}?project=${GCP_PROJECT_ID}\"\ + \n\n# Echo out the final URL that can be used in the browser\necho ${DASHBOARD_URL}" + name: review_gcp_operations_logging_dashboard diff --git a/codebundles/k8s-podresources-health/meta.yaml b/codebundles/k8s-podresources-health/meta.yaml index d3f3f8f5..9c4d31b9 100644 --- a/codebundles/k8s-podresources-health/meta.yaml +++ b/codebundles/k8s-podresources-health/meta.yaml @@ -66,9 +66,7 @@ commands: - [Kubernetes Documentation - Kubernetes labels](https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/){:target="_blank"} - - [Kubernetes Documentation - Field Selector Syntax](https://kubernetes.io/docs/reference/generated/kubectl/kubectl-commands#field-selectors){:target="_blank"} - - - [Shell Scripting Tutorial - Understanding jq](https://www.shellscript.sh/jq.html){:target="_blank"}' + - [Kubernetes Documentation - Field Selector Syntax](https://kubernetes.io/docs/reference/generated/kubectl/kubectl-commands#field-selectors){:target="_blank"}' explanation: ' diff --git a/libraries/.docs/CLI.md b/libraries/.docs/CLI.md index cf6dd17c..4b8b20d5 100644 --- a/libraries/.docs/CLI.md +++ b/libraries/.docs/CLI.md @@ -25,12 +25,13 @@ Deletes the shell history up to this point and returns it as a string for displa #### execute\_command ```python -def execute_command(cmd: str, - service: platform.Service = None, - request_secrets: list[ - platform.ShellServiceRequestSecret] = None, - env: dict = None, - files: dict = None) -> platform.ShellServiceResponse +def execute_command( + cmd: str, + service: platform.Service = None, + request_secrets: list[platform.ShellServiceRequestSecret] = None, + env: dict = None, + files: dict = None, + timeout_seconds: int = 60) -> platform.ShellServiceResponse ``` Handle split between shellservice command and local process discretely. @@ -61,6 +62,7 @@ def run_bash_file(bash_file: str, env: dict = None, include_in_history: bool = True, cmd_overide: str = "", + timeout_seconds: int = 60, **kwargs) -> platform.ShellServiceResponse ``` @@ -93,6 +95,7 @@ def run_cli(cmd: str, optional_namespace: str = "", optional_context: str = "", include_in_history: bool = True, + timeout_seconds: int = 60, **kwargs) -> platform.ShellServiceResponse ```