Skip to content

Commit 1105645

Browse files
agapoffagapoff
committed
Add -e key for excluding object names
1 parent e0f97f1 commit 1105645

File tree

2 files changed

+73
-42
lines changed

2 files changed

+73
-42
lines changed

README.md

Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -11,7 +11,7 @@ Nagios-style checks against Kubernetes API. Designed for usage with Nagios, Icin
1111
## Script usage
1212

1313
Usage $0 [-m <MODE>|-h] [-o <TIMEOUT>] [-H <APISERVER> [-T <TOKEN>|-t <TOKENFILE>]] [-K <KUBE_CONFIG>]
14-
[-N <NAMESPACE>] [-n <NAME>] [-w <WARN>] [-c <CRIT>] [-v]
14+
[-N <NAMESPACE>] [-n <NAME>] [-r <EXCLUDE>] [-E <EXCLUDENS>] [-w <WARN>] [-c <CRIT>] [-v]
1515

1616
Options are:
1717
-m MODE Which check to perform
@@ -21,7 +21,8 @@ Nagios-style checks against Kubernetes API. Designed for usage with Nagios, Icin
2121
-K KUBE_CONFIG Path to kube-config file for kubectl utility
2222
-N NAMESPACE Optional namespace for some modes. By default all namespaces will be used
2323
-n NAME Optional deployment name or pod app label depending on the mode being used. By default all objects will be checked
24-
-E EXCLUDENS Optional exclusion of Namespaces as List seperated by comma. Example: -E dynatrace,trivy,version-report
24+
-e EXCLUDE Optional exclusion of the objects names as a list of patterms seperated by comma. Example: -e redis,^testpod
25+
-E EXCLUDENS Optional exclusion of namespaces as a list of patterms seperated by comma. Example: -E test,^kube,^version-report$
2526
-o TIMEOUT Timeout in seconds; default is 15
2627
-w WARN Warning threshold for
2728
- TLS expiration days for TLS mode; default is 30

check_kubernetes.sh

Lines changed: 70 additions & 40 deletions
Original file line numberDiff line numberDiff line change
@@ -11,7 +11,7 @@
1111
usage() {
1212
cat <<- EOF
1313
Usage $0 [-m <MODE>|-h] [-o <TIMEOUT>] [-H <APISERVER> [-T <TOKEN>|-t <TOKENFILE>]] [-K <KUBE_CONFIG>]
14-
[-N <NAMESPACE>] [-n <NAME>] [-E <EXCLUDENS>] [-w <WARN>] [-c <CRIT>] [-v]
14+
[-N <NAMESPACE>] [-n <NAME>] [-r <EXCLUDE>] [-E <EXCLUDENS>] [-w <WARN>] [-c <CRIT>] [-v]
1515
1616
Options are:
1717
-m MODE Which check to perform
@@ -20,8 +20,9 @@ usage() {
2020
-t TOKENFILE Path to file with token in it
2121
-K KUBE_CONFIG Path to kube-config file for kubectl utility
2222
-N NAMESPACE Optional namespace for some modes. By default all namespaces will be used
23-
-n NAME Optional deployment name or pod app label depending on the mode being used. By default all objects will be checked
24-
-E EXCLUDENS Optional exclusion of Namespaces patterns as List seperated by comma. Example: -E test,^kube,^version-report$
23+
-n NAME Optional name of the object depending on the mode being used. By default all objects will be checked
24+
-e EXCLUDE Optional exclusion of the objects names as a list of patterms seperated by comma. Example: -e redis,^testpod
25+
-E EXCLUDENS Optional exclusion of namespaces as a list of patterms seperated by comma. Example: -E test,^kube,^version-report$
2526
-o TIMEOUT Timeout in seconds; default is 15
2627
-w WARN Warning threshold for
2728
- TLS expiration days for TLS mode; default is 30
@@ -61,7 +62,7 @@ usage() {
6162
exit 2
6263
}
6364

64-
VERSION="v1.5.2"
65+
VERSION="v1.5.3"
6566

6667
TIMEOUT=15
6768
unset NAME
@@ -71,7 +72,7 @@ die() {
7172
exit "${2:-2}"
7273
}
7374

74-
while getopts ":m:M:H:T:t:K:N:n:E:o:c:w:h:v" arg; do
75+
while getopts ":m:M:H:T:t:K:N:n:e:E:o:c:w:h:v" arg; do
7576
case $arg in
7677
h) usage ;;
7778
m) MODE="$OPTARG" ;;
@@ -83,6 +84,7 @@ while getopts ":m:M:H:T:t:K:N:n:E:o:c:w:h:v" arg; do
8384
K) export KUBECONFIG="$OPTARG" ;;
8485
N) NAMESPACE="$OPTARG" ;;
8586
n) NAME="$OPTARG" ;;
87+
e) EXCLUDE="$OPTARG" ;;
8688
E) EXCLUDENS="$OPTARG" ;;
8789
w) WARN="$OPTARG" ;;
8890
c) CRIT="$OPTARG" ;;
@@ -315,9 +317,8 @@ mode_tls() {
315317
jq -r ".items[] | select (.type==\"kubernetes.io/tls\")")
316318

317319
if [ "$NAME" ]; then
318-
namespaces=($(echo "$data" | \
319-
jq -r " select(.metadata.name==\"$NAME\") | \
320-
.metadata.namespace" | sort -u))
320+
namespaces=($(echo "$data" | jq -r "select(.metadata.name==\"$NAME\") | \
321+
.metadata.namespace" | sort -u))
321322
else
322323
namespaces=($(echo "$data" | jq -r ".metadata.namespace" | sort -u))
323324
fi
@@ -331,8 +332,13 @@ mode_tls() {
331332
if [ "$NAME" ]; then
332333
certs=("$NAME")
333334
else
334-
certs=($(echo "$data" | jq -r "select(.metadata.namespace==\"$ns\") | \
335-
.metadata.name"))
335+
if [ "$EXCLUDE" ]; then
336+
certs=($(echo "$data" | jq -r "select(.metadata.namespace==\"$ns\") | \
337+
.metadata.name" | grep -vE "${EXCLUDE//,/|}"))
338+
else
339+
certs=($(echo "$data" | jq -r "select(.metadata.namespace==\"$ns\") | \
340+
.metadata.name"))
341+
fi
336342
fi
337343
for cert in "${certs[@]}"; do
338344
notafter=$(echo "$data" | \
@@ -444,14 +450,17 @@ mode_pods() {
444450
for ns in "${namespaces[@]}"; do
445451
nsdata="$(echo "$data" | jq -c -r ".items[] | select(.metadata.namespace==\"$ns\")")"
446452
if [ "$NAME" ]; then
447-
pods=($(echo "$nsdata" | \
448-
jq -r "select(.status.reason!=\"Evicted\" \
449-
and .metadata.labels.app==\"$NAME\") | \
450-
.metadata.name"))
453+
pods=($(echo "$nsdata" | jq -r "select(.status.reason!=\"Evicted\" \
454+
and .metadata.labels.app==\"$NAME\") | \
455+
.metadata.name"))
451456
else
452-
pods=($(echo "$nsdata" | \
453-
jq -r "select(.status.reason!=\"Evicted\") | \
454-
.metadata.name"))
457+
if [ "$EXCLUDE" ]; then
458+
pods=($(echo "$nsdata" | jq -r "select(.status.reason!=\"Evicted\") | \
459+
.metadata.name" | grep -vE "${EXCLUDE//,/|}"))
460+
else
461+
pods=($(echo "$nsdata" | jq -r "select(.status.reason!=\"Evicted\") | \
462+
.metadata.name"))
463+
fi
455464
fi
456465
for pod in "${pods[@]}"; do
457466
containers=($(echo "$nsdata" | \
@@ -490,19 +499,17 @@ mode_pods() {
490499
done
491500

492501
if [ "$EXITCODE" = 0 ]; then
493-
if [ -z "$ns" ]; then
494-
OUTPUT="No pods found"
495-
EXITCODE="$MISSING_EXITCODE"
496-
else
497-
OUTPUT="OK. $count_ready pods ready, $count_succeeded pods succeeded, $count_failed pods not ready\n${OUTPUT}"
498-
fi
499-
else
500-
if [ "$EXITCODE" = 1 ]; then
501-
OUTPUT="WARNING. $count_ready pods ready, $count_succeeded pods succeeded, $count_failed pods not ready\n${OUTPUT}"
502+
if [ -z "$ns" ]; then
503+
OUTPUT="No pods found"
504+
EXITCODE="$MISSING_EXITCODE"
502505
else
503-
OUTPUT="ERROR. $count_ready pods ready, $count_succeeded pods succeeded, $count_failed pods not ready\n${OUTPUT}"
504-
fi
506+
OUTPUT="OK. $count_ready pods ready, $count_succeeded pods succeeded, $count_failed pods not ready\n${OUTPUT}"
505507
fi
508+
elif [ "$EXITCODE" = 1 ]; then
509+
OUTPUT="WARNING. $count_ready pods ready, $count_succeeded pods succeeded, $count_failed pods not ready\n${OUTPUT}"
510+
else
511+
OUTPUT="ERROR. $count_ready pods ready, $count_succeeded pods succeeded, $count_failed pods not ready\n${OUTPUT}"
512+
fi
506513
}
507514

508515
mode_deployments() {
@@ -533,7 +540,11 @@ mode_deployments() {
533540
if [ "$NAME" ]; then
534541
deps=("$NAME")
535542
else
536-
deps=($(echo "$nsdata" | jq -r ".name"))
543+
if [ "$EXCLUDE" ]; then
544+
deps=($(echo "$nsdata" | jq -r ".name" | grep -vE "${EXCLUDE//,/|}"))
545+
else
546+
deps=($(echo "$nsdata" | jq -r ".name"))
547+
fi
537548
fi
538549
for dep in "${deps[@]}"; do
539550
if [[ " ${availdeps[@]} " =~ " $dep " ]]; then
@@ -588,8 +599,13 @@ mode_daemonsets() {
588599
if [ "$NAME" ]; then
589600
daemonsets=("$NAME")
590601
else
591-
daemonsets=($(echo "$data" | jq -r ".items[] | select(.metadata.namespace==\"$ns\") | \
592-
.metadata.name"))
602+
if [ "$EXCLUDE" ]; then
603+
daemonsets=($(echo "$data" | jq -r ".items[] | select(.metadata.namespace==\"$ns\") | \
604+
.metadata.name" | grep -vE "${EXCLUDE//,/|}"))
605+
else
606+
daemonsets=($(echo "$data" | jq -r ".items[] | select(.metadata.namespace==\"$ns\") | \
607+
.metadata.name"))
608+
fi
593609
fi
594610
for ds in "${daemonsets[@]}"; do
595611
declare -A statusArr
@@ -652,9 +668,13 @@ mode_replicasets() {
652668
if [ "$NAME" ]; then
653669
replicasets=("$NAME")
654670
else
655-
replicasets=($(echo "$data" | \
656-
jq -r ".items[] | select(.metadata.namespace==\"$ns\") | \
657-
.metadata.name"))
671+
if [ "$EXCLUDE" ]; then
672+
replicasets=($(echo "$data" | jq -r ".items[] | select(.metadata.namespace==\"$ns\") | \
673+
.metadata.name" | grep -vE "${EXCLUDE//,/|}"))
674+
else
675+
replicasets=($(echo "$data" | jq -r ".items[] | select(.metadata.namespace==\"$ns\") | \
676+
.metadata.name"))
677+
fi
658678
fi
659679
for rs in "${replicasets[@]}"; do
660680
declare -A statusArr
@@ -713,9 +733,15 @@ mode_statefulsets() {
713733
if [ "$NAME" ]; then
714734
statefulsets=("$NAME")
715735
else
716-
statefulsets=($(echo "$data" | \
717-
jq -r ".items[] | select(.metadata.namespace==\"$ns\") | \
718-
.metadata.name"))
736+
if [ "$EXCLUDE" ]; then
737+
statefulsets=($(echo "$data" | \
738+
jq -r ".items[] | select(.metadata.namespace==\"$ns\") | \
739+
.metadata.name" | grep -vE "${EXCLUDE//,/|}"))
740+
else
741+
statefulsets=($(echo "$data" | \
742+
jq -r ".items[] | select(.metadata.namespace==\"$ns\") | \
743+
.metadata.name"))
744+
fi
719745
fi
720746
for sts in "${statefulsets[@]}"; do
721747
declare -A statusArr
@@ -780,9 +806,13 @@ mode_jobs() {
780806
if [ "$NAME" ]; then
781807
jobs=("$NAME")
782808
else
783-
jobs=($(echo "$data" | \
784-
jq -r ".items[] | select(.metadata.namespace==\"$ns\") | \
785-
.metadata.name"))
809+
if [ "$EXCLUDE" ]; then
810+
jobs=($(echo "$data" | jq -r ".items[] | select(.metadata.namespace==\"$ns\") | \
811+
.metadata.name" | grep -vE "${EXCLUDE//,/|}"))
812+
else
813+
jobs=($(echo "$data" | jq -r ".items[] | select(.metadata.namespace==\"$ns\") | \
814+
.metadata.name"))
815+
fi
786816
fi
787817
for job in "${jobs[@]}"; do
788818
((total_jobs++))

0 commit comments

Comments
 (0)