README
¶
Steadybit extension-kubernetes
A Steadybit extension implementation for Kubernetes.
Learn about the capabilities of this extension in our Reliability Hub.
Configuration
| Environment Variable | Helm value | Meaning | required | default |
|---|---|---|---|---|
STEADYBIT_EXTENSION_KUBERNETES_CLUSTER_NAME |
kubernetes.clusterName |
The name of the kubernetes cluster | yes | |
STEADYBIT_EXTENSION_DISABLE_DISCOVERY_EXCLUDES |
discovery.disableExcludes |
Ignore discovery excludes specified by steadybit.com/discovery-disabled |
false | false |
STEADYBIT_EXTENSION_LABEL_FILTER |
These labels will be ignored and not added to the discovered targets | false | controller-revision-hash,pod-template-generation,pod-template-hash |
|
STEADYBIT_EXTENSION_ACTIVE_ADVICE_LIST |
advice.enabled |
List of active advice definitions, default is all (*). You can define a list of active adviceDefinitionId. See UI -> Settings -> Extension -> Advice -> Column: ID | false | * |
STEADYBIT_EXTENSION_ADVICE_EXCLUDE_QUERY |
advice.excludeTargetQuery |
false | * |
|
STEADYBIT_EXTENSION_ADVICE_SINGLE_REPLICA_MIN_REPLICAS |
All targets matching this query will be excluded from advice generation. | Minimal required replicas for the "Redundant Pod" advice | false | 2 |
STEADYBIT_EXTENSION_DISCOVERY_ATTRIBUTES_EXCLUDES_CONTAINER |
discovery.attributes.excludes.container |
List of Target Attributes which will be excluded during container discovery. Checked by key equality and supporting trailing "*" | false | |
STEADYBIT_EXTENSION_DISCOVERY_ATTRIBUTES_EXCLUDES_DEPLOYMENT |
discovery.attributes.excludes.deployment |
List of Target Attributes which will be excluded during deployment discovery. Checked by key equality and supporting trailing "*" | false | |
STEADYBIT_EXTENSION_DISCOVERY_ATTRIBUTES_EXCLUDES_DAEMON_SET |
discovery.attributes.excludes.daemonSet |
List of Target Attributes which will be excluded during daemonSet discovery. Checked by key equality and supporting trailing "*" | false | |
STEADYBIT_EXTENSION_DISCOVERY_ATTRIBUTES_EXCLUDES_STATEFUL_SET |
discovery.attributes.excludes.statefulSet |
List of Target Attributes which will be excluded during statefulSet discovery. Checked by key equality and supporting trailing "*" | false | |
STEADYBIT_EXTENSION_DISCOVERY_ATTRIBUTES_EXCLUDES_POD |
discovery.attributes.excludes.pod |
List of Target Attributes which will be excluded during pod discovery. Checked by key equality and supporting trailing "*" | false | |
STEADYBIT_EXTENSION_DISCOVERY_DISABLED_REPLICA_SET |
discovery.disabled.replicaSet |
Disables discovery of ReplicaSets in favor of discovering Deployments, StatefulSets, DaemonSets, etc. | false | true |
STEADYBIT_EXTENSION_DISCOVERY_MAX_POD_COUNT |
discovery.maxPodCount |
Skip listing pods, containers and hosts for deployments, statefulsets, etc. if there are more then the given pods. | false | 50 |
STEADYBIT_EXTENSION_DISCOVERY_REFRESH_THROTTLE |
discovery.refreshThrottle |
Number of seconds between successive refreshes of the target data. | false | 20 |
STEADYBIT_EXTENSION_DISCOVERY_INFORMER_RESYNC |
Number of seconds until a full refresh of the internal kubernetes cache. | false | 600 | |
STEADYBIT_EXTENSION_NAMESPACE |
Release.Namespace |
The namespace of the extension. If env var is set, discovery is only discovering in that namespace | false | default |
The extension supports all environment variables provided by steadybit/extension-kit.
Permissions
The process requires access rights to interact with the Kubernetes API (permissions in helm chart).
The cluster role for the extension requires "read" permissions for different kind of workloads in the cluster. If the permission is not granted to a specific resource type, those will not be discovered and cannot be attacked.
To run the different attacks "write" permissions are required:
- Scale Deployment/StatefulSet/DaemonSet:
update,patchon the workload type - Rollout Restart Deployment:
patchondeployment - Delete Pod Attack:
deleteonpod - Crash Loop Pod:
createonpod/execalso needs to have anshandkillbinary in the target container
Installation
Kubernetes
Detailed information about agent and extension installation in kubernetes can also be found in our documentation.
Recommended (via agent helm chart)
All extensions provide a helm chart that is also integrated in the helm-chart of the agent.
The extension is installed by default when you install the agent.
You must provide additional values to configure this extension.
--set extension-kubernetes.kubernetes.clusterName=<NAME_OF_YOUR_CLUSTER> \
Additional configuration options can be found in the helm-chart of the extension.
Alternative (via own helm chart)
If you need more control, you can install the extension via its dedicated helm-chart.
helm repo add steadybit-extension-kubernetes https://steadybit.github.io/extension-kubernetes
helm repo update
helm upgrade steadybit-extension-kubernetes \
--install \
--wait \
--timeout 5m0s \
--create-namespace \
--namespace steadybit-agent \
--set kubernetes.clusterName=<NAME_OF_YOUR_CLUSTER> \
steadybit-extension-kubernetes/steadybit-extension-kubernetes
Advanced Configuration
enabling/disabling advice
You can disable any advice by setting the helm chart value --set advice.enabled={} or a list of advice ids you want to enable (e.g --set advice.enabled={com.steadybit.extension_kubernetes.advice.k8s-single-replica,com.steadybit.extension_kubernetes.advice.single-zone}).
excluding targets from advice generation
You can exclude targets from advice generation by specifying a target query in the chart value advice.excludeTargetQuery.
For example, to exclude all targets in the "kube-system" namespace you can set the value to k8s.namespace = "kube-system".
Extension registration
Make sure that the extension is registered with the agent. In most cases this is done automatically. Please refer to the documentation for more information about extension registration and how to verify.
mark resources as "do not discover"
to exclude a deployment / namespace / pod from discovery you can add the label "steadybit.com/discovery-disabled": "true" to the resource labels
Version and Revision
The version and revision of the extension:
- are printed during the startup of the extension
- are added as a Docker label to the image
- are available via the
version.txt/revision.txtfiles in the root of the image
Documentation
¶
There is no documentation for this package.
Source Files
Directories