U -_g1@sddlmZddlZddlZddlZddlmZmZmZm Z m Z dZ dZ dZ GdddeZGd d d eeZGd d d ee eZdS) ) translateN)Plugin RedHatPlugin DebianPlugin UbuntuPlugin PluginOpt)kubelet kubernetes)rzkube-apiserverz kube-proxyzkube-schedulerzkube-controller-manager)z/etc/kubernetes/admin.confc@seZdZdZdZdZdZddddd gZd gZd d d dgZ dddddddddddddddddd d!gZ d"d#d$d%gZ e d&d'd(d)e d*d'd+d)e d,d'd-d)e d.d'd/d)e d0d1e d2d3gZd4Zd5d6Zd7d8Zd9d:Zd;d<Zd=d>Zd?d@ZdAdBZdCS)D Kubernetesz+Kubernetes container orchestration platformr )Z containeriz/etc/kubernetesz /run/flannelz/var/lib/kubelet/config.yamlz"/var/lib/kubelet/kubeadm-flags.envz /var/lib/kubelet/*_manager_statez/etc/kubernetes/pkiz /var/log/pods/kube-system_etcd-*z*/var/log/pods/kube-system_kube-apiserver-*z3/var/log/pods/kube-system_kube-controller-manager-*z*/var/log/pods/kube-system_kube-scheduler-*eventsZ deploymentsZ ingressespodsZpvcservicesZ daemonsetsZ replicasetsZ endpointsZ statefulsetsZ configmapsZserviceaccountsZsecretsZjobsZcronjobsZ clusterrolesZclusterrolebindingsZ limitrangesZresourcequotasZscZpvZrolesZ rolebindingsallFz'collect all namespace output separately)defaultdescdescribez(collect describe output of all resourceskubelogsz4copy some kube-system pod logs without using the APIpodlogsz2capture stdout/stderr logs from pods using the APIpodlogs-filterz1only collect logs from pods matching this pattern)rZval_typerZkubectlcCsBtjdrdS|jD]&}||r|jd|7_q>qdS)N KUBECONFIGz --kubeconfig=)osenvirongetfiles path_existskube_cmd)selfZ_kconfr?/usr/lib/python3/dist-packages/sos/report/plugins/kubernetes.pyset_kubeconfigks    zKubernetes.set_kubeconfigcstfddjDS)z" Check if this is the master node c3s|]}|VqdSN)r).0frrr usz-Kubernetes.check_is_master..)anyrr$rr$rcheck_is_mastersszKubernetes.check_is_mastercsjjdr.jddddgsLdSdD]}jj d|dd qPd rjfd d j Ddd njfd d j Ddd j j ddd }|ddkr4dr4|d ddD]6}| }|sq|d}jj d|dd qjj dgdd jj ddd drjddgddS)NrrZKUBERNETES_HTTP_PROXYZKUBERNETES_HTTPS_PROXYZKUBERNETES_NO_PROXY)versionz config view cluster-infoZsubdirrcsg|]}jd|qS) get -o json rr"resr$rr sz$Kubernetes.setup..csg|]}jd|qS) get r-r.r$rrr0sz get nodesstatusrroutputz describe node z get -o json nodesz get --raw /metricszkubevirt-virtctlZvmsZvmiszvirtctl version) add_copy_spec config_filesZadd_forbidden_pathforbidden_paths get_optionkube_system_logsZ add_env_varr'add_cmd_outputrglobal_resourcescollect_cmd_output splitlinessplit is_installed resourcesextendcollect_per_resource_detailscollect_all_resources)rsubcmdZnodeslineZwordsZnoderr$rsetupwsn         zKubernetes.setupc Cs`|j|jddd}|ddd}dd|D}|D]}d |}|d r|jd |}|jD]"}|j|d |d |dql|drF|jd |}|jD]}|dkrq||d|}|ddkrdd|dddD} | D]@} |jd |}|j|d|d | d |d|dqq|dr<||q)r"nrrrr0s z;Kubernetes.collect_per_resource_details..z --namespace=rr,r) cluster-info/rr r1r2rcSsg|]}|dqSrG)r>)r"krrrr0sz describe /r)r<rr=r8r@r:exec_cmd _get_pod_logs) rZknsZ kn_outputZknspsZnspaceZknspk_cmdr/retZk_listitemrrrrBs@          z'Kubernetes.collect_per_resource_detailsc CsV|jd|}||d}|ddkrRt|d}|drTt|dnd}|dD]}|r~t||dd s~q`d |dd d |dd }d |dkr|dd D]>}|dd } |d } |j|jd|d| d| |dqd|dkr`|ddD]@}|dd } |d } |j|jd|d| d| |dqq`dS)Nr,z podsr2rr3ritemsZmetadatanamerJ namespacez /podlogs/Z containersspecr)z logs z -c r+ZinitContainers) rrMjsonloadsr8rrematchr:) rrTrOrPr ZregZpodZ_subdirZcontZpod_nameZ cont_namerrrrNs8      zKubernetes._get_pod_logscCs>|ds:|jd}|jD]}|j|d|ddqdS)z% Collect details about all resources rz get --all-namespaces=truer)r*r+N)r8rr@r:)rrOr/rrrrCs    z Kubernetes.collect_all_resourcescCsvd}||j|d||jdd|jd}||d}d}ddt|j|jd}||||dS)NzX(?P{\s*"name":\s*[^,]*(pass|pwd|key|token|cred|PASS|PWD|KEY)[^,]*,\s*"value":)[^}]*z\g "********"z^(|)zLS0tLS1CRUdJ[A-Za-z0-9+/=]+z***** SCRUBBED BASE64 PEM *****) Zdo_cmd_output_subrZdo_cmd_private_subjoinr6do_file_private_sublistrZdo_path_regex_sub)rZ env_regexpZpathexpZregexpZsubstrrrpostprocs   zKubernetes.postprocN)__name__ __module__ __qualname__Z short_descZ plugin_nameZprofilesZplugin_timeoutr6r7r9r@r;rstrZ option_listrr r'rFrBrNrCr_rrrrr &s E(! r cs4eZdZeZeZeZfddZ fddZ Z S)RedHatKubernetescs|drdStS)Nzopenshift-hyperkubeF)r?super check_enabledr$ __class__rrrf/s zRedHatKubernetes.check_enabledcs|tdSr!)r rerFr$rgrrrF5szRedHatKubernetes.setup) r`rarb KUBE_PACKAGESpackages KUBECONFIGSr KUBE_SVCSr rfrF __classcell__rrrgrrd's  rdcsHeZdZedZedZedZfddZ ddZ fdd Z Z S) UbuntuKubernetes)k8s)z#/root/cdk/cdk_addons_kubectl_configz4/var/snap/microk8s/current/credentials/client.config)zsnap.kubelet.daemonzsnap.kube-apiserver.daemonzsnap.kube-proxy.daemonzsnap.kube-scheduler.daemonz#snap.kube-controller-manager.daemonzcdk.master.auth-webhookcsP||drd|_n|dr2d|_||jddgtdS)NZmicrok8szmicrok8s kubectlroz k8s kubectlz/root/cdk/kubelet/config.yamlz!/root/cdk/audit/audit-policy.yaml)r r?r_canonical_kubernetesr6rArerFr$rgrrrFOs  zUbuntuKubernetes.setupc sz|jdddd}ddg}||d|d|d |d |d |d |d g|fdd|DdS)Nz snap.k8s.*)Zunitsroz/var/snap/k8s/commonr2rz/argsz/var/lib/k8s-dqlite/info.yamlz /var/lib/k8s-dqlite/cluster.yamlz'/var/lib/k8sd/state/truststore/k8s.yamlz&/var/lib/k8sd/state/database/info.yamlz)/var/lib/k8sd/state/database/cluster.yamlz/var/lib/k8sd/state/daemon.yamlcsg|]}d|qS)r)r)r"rDZk8s_cmdrrr0ssz:UbuntuKubernetes._canonical_kubernetes..)Z add_journalr5r:)rZ k8s_commonZ k8s_subcmdsrrqrrp^s$  z&UbuntuKubernetes._canonical_kubernetescst|ddS)Nz;/var/snap/k8s/common/var/lib/k8sd/state/truststore/k8s.yaml)rer_r]r$rgrrr_ws zUbuntuKubernetes.postproc) r`rarbrirjrkrrlr rFrpr_rmrrrgrrn:s  rn)ZfnmatchrrXrVrZsos.report.pluginsrrrrrrirlrkr rdrnrrrr s