a >h1@sddlmZddlZddlZddlZddlmZmZmZm Z m Z dZ dZ dZ GdddeZGd d d eeZGd d d ee eZdS) ) translateN)Plugin RedHatPlugin DebianPlugin UbuntuPlugin PluginOpt)kubelet kubernetes)rzkube-apiserverz kube-proxyzkube-schedulerzkube-controller-manager)z/etc/kubernetes/admin.confc @seZdZdZdZdZdZgdZdgZgdZ gdZ gd Z e d d d d e dd dd e dd dd e dd dd e dde ddgZdZddZddZddZdd Zd!d"Zd#d$Zd%d&Zd'S)( Kubernetesz+Kubernetes container orchestration platformr ) containeri)z/etc/kubernetesz /run/flannelz/var/lib/kubelet/config.yamlz"/var/lib/kubelet/kubeadm-flags.envz /var/lib/kubelet/*_manager_statez/etc/kubernetes/pki)z /var/log/pods/kube-system_etcd-*z*/var/log/pods/kube-system_kube-apiserver-*z3/var/log/pods/kube-system_kube-controller-manager-*z*/var/log/pods/kube-system_kube-scheduler-*)eventsZ deploymentsZ ingressespodsZpvcservicesZ daemonsetsZ replicasetsZ endpointsZ statefulsetsZ configmapsZserviceaccountsZsecretsZjobsZcronjobsZ clusterrolesZclusterrolebindingsZ limitrangesZresourcequotas)ZscZpvZrolesZ rolebindingsallFz'collect all namespace output separately)defaultdescdescribez(collect describe output of all resourceskubelogsz4copy some kube-system pod logs without using the APIpodlogsz2capture stdout/stderr logs from pods using the APIpodlogs-filterz1only collect logs from pods matching this pattern)rZval_typerZkubectlcCsBtjdrdS|jD]&}||r|jd|7_q>qdS)N KUBECONFIGz --kubeconfig=)osenvirongetfiles path_existskube_cmd)selfZ_kconfrA/usr/lib/python3.9/site-packages/sos/report/plugins/kubernetes.pyset_kubeconfigks    zKubernetes.set_kubeconfigcstfddjDS)z" Check if this is the master node c3s|]}|VqdSN)r).0frrr uz-Kubernetes.check_is_master..)anyrr%rr%r check_is_mastersszKubernetes.check_is_mastercsjjdr.jgdsHdSdD]}jj d|ddqLdrjfdd j Dddnjfd d j Dddj j d dd}|d d kr0dr0|d ddD]6}| }|s q|d }jj d|ddqjj dgddjj ddddrjddgddS)Nr)rZKUBERNETES_HTTP_PROXYZKUBERNETES_HTTPS_PROXYZKUBERNETES_NO_PROXY)versionz config view cluster-infoZsubdirrcsg|]}jd|qS) get -o json rr#resr%rr sz$Kubernetes.setup..csg|]}jd|qS) get r/r0r%rr r2sz get nodesstatusrroutputz describe node z get -o json nodesz get --raw /metricszkubevirt-virtctlZvmsZvmiszvirtctl version) add_copy_spec config_filesZadd_forbidden_pathforbidden_paths get_optionkube_system_logsZ add_env_varr)add_cmd_outputrglobal_resourcescollect_cmd_output splitlinessplit is_installed resourcesextendcollect_per_resource_detailscollect_all_resources)rsubcmdZnodeslinewordsZnoderr%r setupwsd         zKubernetes.setupc Cs`|j|jddd}|ddd}dd|D}|D]}d |}|d r|jd |}|jD]"}|j|d |d |dql|drF|jd |}|jD]}|dkrq||d|}|ddkrdd|dddD} | D]@} |jd |}|j|d|d | d |d|dqq|dr<||q.z --namespace=rr.r+ cluster-info/rr r3r4rcSsg|]}|dqSrJ)r@)r#krrr r2r'z describe /r)r>rr?r:rBr<exec_cmd _get_pod_logs) rZknsZ kn_outputZknspsZnspaceZknspk_cmdr1retZk_listitemrrr rDs@          z'Kubernetes.collect_per_resource_detailsc CsV|jd|}||d}|ddkrRt|d}|drTt|dnd}|dD]}|r~t||dd s~q`d |dd d |dd }d |dvr|dd D]>}|dd } |d } |j|jd|d| d| |dqd|dvr`|ddD]@}|dd } |d } |j|jd|d| d| |dqq`dS)Nr.z podsr4rr5ritemsmetadatanamerM namespacez /podlogs/Z containersspecr+z logs z -c r-ZinitContainers) rrPjsonloadsr:rrematchr<) rrXrRrSr ZregZpodZ_subdirZcontZpod_nameZ cont_namerrr rQsP       zKubernetes._get_pod_logscCs>|ds:|jd}|jD]}|j|d|ddqdS)z% Collect details about all resources rz get --all-namespaces=truer+r,r-N)r:rrBr<)rrRr1rrr rEs    z Kubernetes.collect_all_resourcescCsvd}||j|d||jdd|jd}||d}d}ddt|j|jd}||||dS)NzX(?P{\s*"name":\s*[^,]*(pass|pwd|key|token|cred|PASS|PWD|KEY)[^,]*,\s*"value":)[^}]*z\g "********"z^(|)zLS0tLS1CRUdJ[A-Za-z0-9+/=]+z***** SCRUBBED BASE64 PEM *****) Zdo_cmd_output_subrZdo_cmd_private_subjoinr8do_file_private_sublistrZdo_path_regex_sub)rZ env_regexpZpathexpZregexpsubstrrr postprocs   zKubernetes.postprocN)__name__ __module__ __qualname__Z short_descZ plugin_nameZprofilesZplugin_timeoutr8r9r;rBr=rstrZ option_listrr!r)rIrDrQrErdrrrr r &sD E(! r cs4eZdZeZeZeZfddZ fddZ Z S)RedHatKubernetescs|drdStS)Nzopenshift-hyperkubeF)rAsuper check_enabledr% __class__rr rk/s zRedHatKubernetes.check_enabledcs|tdSr")r!rjrIr%rlrr rI5szRedHatKubernetes.setup) rerfrg KUBE_PACKAGESpackages KUBECONFIGSr KUBE_SVCSrrkrI __classcell__rrrlr ri's  ricsHeZdZedZedZedZfddZ ddZ fdd Z Z S) UbuntuKubernetes)k8s)z#/root/cdk/cdk_addons_kubectl_configz4/var/snap/microk8s/current/credentials/client.config)zsnap.kubelet.daemonzsnap.kube-apiserver.daemonzsnap.kube-proxy.daemonzsnap.kube-scheduler.daemonz#snap.kube-controller-manager.daemonzcdk.master.auth-webhookcsP||drd|_n|dr2d|_||jddgtdS)NZmicrok8szmicrok8s kubectlrtz k8s kubectlz/root/cdk/kubelet/config.yamlz!/root/cdk/audit/audit-policy.yaml)r!rAr_canonical_kubernetesr8rCrjrIr%rlrr rIOs  zUbuntuKubernetes.setupc sz|jdddd}ddg}||d|d|d |d |d |d |d g|fdd|DdS)Nz snap.k8s.*)Zunitsrtz/var/snap/k8s/commonr4rz/argsz/var/lib/k8s-dqlite/info.yamlz /var/lib/k8s-dqlite/cluster.yamlz'/var/lib/k8sd/state/truststore/k8s.yamlz&/var/lib/k8sd/state/database/info.yamlz)/var/lib/k8sd/state/database/cluster.yamlz/var/lib/k8sd/state/daemon.yamlcsg|]}d|qS)r+r)r#rFZk8s_cmdrr r2ssz:UbuntuKubernetes._canonical_kubernetes..)Z add_journalr7r<)rZ k8s_commonZ k8s_subcmdsrrvr ru^s$  z&UbuntuKubernetes._canonical_kubernetescst|ddS)Nz;/var/snap/k8s/common/var/lib/k8sd/state/truststore/k8s.yaml)rjrdrar%rlrr rdws zUbuntuKubernetes.postproc) rerfrgrnrorprrqrrIrurdrrrrrlr rs:s  rs)fnmatchrr\rZrZsos.report.pluginsrrrrrrnrqrpr rirsrrrr  s