Skip to main content
Join the official 2019 Python Developers SurveyStart the survey!

Run formal check of Kubernetes configurations using Poodle AI planner

Project description

kubectl-val

License PyPI version Build Status

Overview

kubernetes evicts

kubectl-val is a formal validator for whole kubernetes clusters' configurations using AI planning. It is written in pure Python and translated to PDDL using poodle.

kubectl-val implements a simplified kubernetes model using an object-oriented state machine and searches for any scenario that may lead to a 'failure'. Failures are currently defined as Service having no associated running pods. Other definitions are also possible and are currently work in progress.

Quick Start

Requirements

kubectl-val is written in modern Python and requires Python 3.7+, so please be prepared that if your default script installation uses older Python versions you may have to manually specify the interpreter for the script.

Installation

$ pip install kubectl-val

kubectl-val comes as a simple kubectl plugin, so a working kubectl is a requirement if you want to access real cluster. If you do not have kubectl you can use it just as standalone shell command kubectl-val instead of kubectl val ...

Usage

Checking if creating a resource won't break anything

To try it against sample "broken" kubernetes configurations, use -d option to supply a folder with a collection of Kubernetes resources' stored from kubectl get <...> -o=yaml > <...>.yaml, and try to create a new resource with -f, e.g.:

$ cd examples/daemonset-eviction
$ kubectl val -d cluster-dump/ -f daemonset_create.yaml

Checking a Kubernetes configuration for correctness

Invoking kubectl val without -f will run a check of current configuration and (hopefully) find no issues, as the configuration is already running.

$ kubectl val -d cluster-dump/

Checking live cluster

Before checking the cluster you should first "dump" all of current resources into a "cluster dump" folder:

mkdir my-cluster-dump
cd my-cluster-dump
kubectl get nodes --all-namespaces -o=yaml > nodes.yaml
kubectl get pods --all-namespaces -o=yaml > pods.yaml
kubectl get services --all-namespaces -o=yaml > services.yaml
kubectl get priority --all-namespaces -o=yaml > priority.yaml
...

After you have the dump folder, you can continue with a check described above.

Architecture

To search for a failure scenario, kubectl-val builds a model representation of the current cluster state that it reads from the files created by kubectl get -o=yaml. The constructed model is sent to PDDL planner and the resulting solution is then interpreted as a failure scenario and sent back to console as YAML-encoded scenario steps.

Scenario output can later be used by the pipeline operator to aid with decision making - e.g. whether stop the deployment, log the event to the dashboard, etc.

kubectl-val also calculates the probability of the scenario by multiplying the probability associated with every step.

kubectl-val architecture

kubectl-val depends on a configured PDDL AI-planning poodlesolver running as http service. By default it uses a cloud solver hosted by CriticalHop. poodlesolver comes with poodle python library and installs automatically when kubectl-val is installed via pip install. To run a local solver, please refer to poodle documentation.

Build from source

git clone https://github.com/criticalhop/kubectl-val
cd kubectl-val
poetry install

Specifying solver location

By default kubectl-val uses a hosted solver. You can learn how to run you local solver by checking poodle repository.

Vision

The goal for the project is to create an intent-driven, self-healing Kubernetes configuration system that will abstract the cluster manager from error-prone manual tweaking.

Project Status

kubectl-val is a developer preview and currently supports a subset of resource/limits validation and partial label match validation.

We invite you to follow @criticalhop on Twitter and to chat with the team at #kubectl-val on freenode. If you have any questions or suggestions - feel free to open a github issue or contact andrew@criticalhop.com directly.

For enterprise enquiries, use the form on CriticalHop website: criticalhop.com/demo or write us an email at info@criticalhop.com

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Files for kubectl-val, version 0.1.3
Filename, size File type Python version Upload date Hashes
Filename, size kubectl_val-0.1.3-py3-none-any.whl (26.7 kB) File type Wheel Python version py3 Upload date Hashes View hashes
Filename, size kubectl-val-0.1.3.tar.gz (21.6 kB) File type Source Python version None Upload date Hashes View hashes

Supported by

Elastic Elastic Search Pingdom Pingdom Monitoring Google Google BigQuery Sentry Sentry Error logging AWS AWS Cloud computing DataDog DataDog Monitoring Fastly Fastly CDN SignalFx SignalFx Supporter DigiCert DigiCert EV certificate StatusPage StatusPage Status page