mrueg
Repos
170
Followers
101
Following
131

Add-on agent to generate and expose cluster-level metrics.

4144
1510

Kube-router, a turnkey solution for Kubernetes networking.

1974
406

Production-Grade Container Scheduling and Management

94049
32966

Prometheus community Helm charts

3297
3653

[MIRROR] Official Gentoo ebuild repository

1740
1659

Prometheus Exporter for Netcup Server Control Panel (SCP)

2
1

Events

Created at 8 hours ago
Support verticalpodautoscaler v1

What would you like to be added: Support verticalpodautoscalers/v1

Why is this needed: Since vertical pod autoscalers CRD has been updated from v1beta2 to v1, kube-state-metrics should support new version of API. (release note)

Describe the solution you'd like Generate client codes from version v1 and modify the dependencies. The legacy client dependency is v1beta2, below is one of them I found. https://github.com/kubernetes/kube-state-metrics/blob/41eea36f69efd9824836089aae67d308111f4e01/internal/store/builder.go#L38

Additional context

Created at 1 day ago
Support verticalpodautoscaler v1

We decided to deprecate built-in VPA support in v2.7.0, please consider using Custom Resource State configurations instead. See https://github.com/kubernetes/kube-state-metrics/issues/1790 https://github.com/kubernetes/kube-state-metrics/pull/1835

Created at 1 day ago
Replace CLI toolkit

Currently we're using pflag to parse arguments. This comes with a certain simplicity, a more sophisticated toolkit like viper/cobra or others would allow users to use other methods to configure KSM as well. In particular an idea, that came up for the CustomResource Collector is to use EnvironmentVariables or a Configuration File based approach.

Created at 1 day ago
Replace CLI toolkit

I think this issue is resolved. Thanks for your work @rexagod

Created at 1 day ago
getting an imagepullbackoff error

As I am applying the the files in kube-state-metrics/examples/standard, i am getting a 'imagepullbackoff' error for the kube-state-metrics pod. Is anyone else encountering this issue?

Created at 1 day ago
getting an imagepullbackoff error

no response, feel free to reopen if this is still an issue.

Created at 1 day ago
"LabelFromKey" not avaliable

v2.7.0 has been released, feel free to reopen if this is not resolved.

Created at 1 day ago
"LabelFromKey" not avaliable

labelFromKey does not work when I use the config below

kube-state-metrics --port=8880 --telemetry-port=8881 --kubeconfig=/config --custom-resource-state-config-file=/crsm.yaml

crsm.yaml

kind: CustomResourceStateMetrics
spec:
  resources:
    - groupVersionKind:
        group: bbb
        kind: "xxx"
        version: "v1alpha1"
      labelsFromPath:
        name: [metadata, name]
      metrics:
        - name: "np"
          help: "xxx"
          each:
            type: Gauge
            gauge:
              path: [status, nodeProgress]
              # does not work
              labelFromKey: type

CR looks like:

apiVersion: bbb/v1alpha1
kind: xxx
  ...
  ...
  ...
status:
  np:
    key1: 100
    key2: 100

I got :

kube_bbb_v1alpha1_xxx_np{name="aaa"} 100
kube_bbb_v1alpha1_xxx_np{name="aaa"} 100

instead of

kube_bbb_v1alpha1_xxx_np{name="aaa",type="key1"} 100
kube_bbb_v1alpha1_xxx_np{name="aaa",type="key2"} 100

After checking the source code and changing

https://github.com/kubernetes/kube-state-metrics/blob/a3a509acdff1f525c3ca2ff76344d0cedafd8a60/pkg/customresourcestate/registry_factory.go#L156-L160

to

 return &compiledGauge{ 
 	compiledCommon: *cc, 
 	ValueFrom:      valueFromPath, 
 	NilIsZero:      m.Gauge.NilIsZero, 
	LabelFromKey:   m.Gauge.LabelFromKey,
 }, nil 

I get the result I want.

I wonder whether this is intentional or there are other solutions that do not need to modify the source code.

Created at 1 day ago
Image scanning has detected CVE-2022-1996

What happened: Image scanning has detected critical vulnerability CVE-2022-1996

What you expected to happen: 0 critical vulnerabilities

How to reproduce it (as minimally and precisely as possible):

trivy image --ignore-unfixed --exit-code 1 --severity CRITICAL registry.k8s.io/kube-state-metrics/kube-state-metrics:v2.5.0
2022-09-26T13:50:21.014+0200	INFO	Vulnerability scanning is enabled
2022-09-26T13:50:21.014+0200	INFO	Secret scanning is enabled
2022-09-26T13:50:21.014+0200	INFO	If your scanning is slow, please try '--security-checks vuln' to disable secret scanning
2022-09-26T13:50:21.014+0200	INFO	Please see also https://aquasecurity.github.io/trivy/v0.32/docs/secret/scanning/#recommendation for faster secret detection
2022-09-26T13:50:22.647+0200	INFO	Detected OS: debian
2022-09-26T13:50:22.648+0200	INFO	Detecting Debian vulnerabilities...
2022-09-26T13:50:22.648+0200	INFO	Number of language-specific files: 1
2022-09-26T13:50:22.648+0200	INFO	Detecting gobinary vulnerabilities...

registry.k8s.io/kube-state-metrics/kube-state-metrics:v2.5.0 (debian 11.3)

Total: 0 (CRITICAL: 0)


kube-state-metrics (gobinary)

Total: 1 (CRITICAL: 1)

┌────────────────────────────────┬───────────────┬──────────┬─────────────────────┬───────────────┬──────────────────────────────────────────────────────────────┐
│            Library             │ Vulnerability │ Severity │  Installed Version  │ Fixed Version │                            Title                             │
├────────────────────────────────┼───────────────┼──────────┼─────────────────────┼───────────────┼──────────────────────────────────────────────────────────────┤
│ github.com/emicklei/go-restful │ CVE-2022-1996 │ CRITICAL │ v2.9.5+incompatible │ 2.16.0        │ go-restful: Authorization Bypass Through User-Controlled Key │
│                                │               │          │                     │               │ https://avd.aquasec.com/nvd/cve-2022-1996                    │
└────────────────────────────────┴───────────────┴──────────┴─────────────────────┴───────────────┴──────────────────────────────────────────────────────────────┘

Environment:

  • kube-state-metrics version: v2.5.0
Created at 1 day ago
Image scanning has detected CVE-2022-1996

v2.7.0 has been released, feel free to reopen if this is not resolved.

Created at 1 day ago
Cut branch 2.6.1

v2.7.0 has been released

Created at 1 day ago
Cut branch 2.6.1

What would you like to be added: No

Why is this needed: 1. We released 2.6.0 on Aug. It's a good time release another version. 2. https://github.com/kubernetes/kube-state-metrics/pull/1873 needs a valid image tag.

Describe the solution you'd like

Additional context

Do we have other PRs will need to be in next branch cut?

Created at 1 day ago
"invalid memory address or nil pointer dereference" (runtime error: invalid memory address or nil pointer dereference)

What happened: On a large cluster with ~324 namespaces and 1200 pods kube-state-metrics fails with error

W1117 10:25:35.099190       1 reflector.go:324] pkg/mod/k8s.io/client-go@v0.24.1/tools/cache/reflector.go:167: failed to list *v1.CronJob: the server could not find the requested resource
E1117 10:25:35.099241       1 reflector.go:138] pkg/mod/k8s.io/client-go@v0.24.1/tools/cache/reflector.go:167: Failed to watch *v1.CronJob: failed to list *v1.CronJob: the server could not find the requested resource
W1117 10:25:35.119523       1 reflector.go:324] pkg/mod/k8s.io/client-go@v0.24.1/tools/cache/reflector.go:167: failed to list *v1.PodDisruptionBudget: the server could not find the requested resource
E1117 10:25:35.119811       1 reflector.go:138] pkg/mod/k8s.io/client-go@v0.24.1/tools/cache/reflector.go:167: Failed to watch *v1.PodDisruptionBudget: failed to list *v1.PodDisruptionBudget: the server could not find the requested resource
E1117 10:25:35.127307       1 runtime.go:79] Observed a panic: "invalid memory address or nil pointer dereference" (runtime error: invalid memory address or nil pointer dereference)
goroutine 165 [running]:
k8s.io/apimachinery/pkg/util/runtime.logPanic({0x1679ba0?, 0x2624f10})
	/go/pkg/mod/k8s.io/apimachinery@v0.24.1/pkg/util/runtime/runtime.go:75 +0x99
k8s.io/apimachinery/pkg/util/runtime.HandleCrash({0x0, 0x0, 0x2540be400?})
	/go/pkg/mod/k8s.io/apimachinery@v0.24.1/pkg/util/runtime/runtime.go:49 +0x75
panic({0x1679ba0, 0x2624f10})
	/usr/local/go/src/runtime/panic.go:838 +0x207

What you expected to happen: service is running with no issues

How to reproduce it (as minimally and precisely as possible): run kube-state-metric on a large k8s cluster Anything else we need to know?:

Environment:

  • kube-state-metrics version: 2.5.0 and 2.6.0
  • Kubernetes version (use kubectl version): 1.20.7
  • Cloud provider or hardware configuration: baremetal
Created at 1 day ago
"invalid memory address or nil pointer dereference" (runtime error: invalid memory address or nil pointer dereference)

v2.7.0 has been released, please test again and feel free to reopen if this is not resolved.

Created at 1 day ago
Created at 1 day ago
started
Created at 1 day ago

Add Metrics for EndpointSlices

Implements https://pkg.go.dev/k8s.io/api/discovery/v1#EndpointSlice

This resourcetype is disabled by default as they are very verbose and have a high cardinality. Metrics from endpointslices can be used to identify if specific pods are part of an endpoint and thus discoverable through a service.

Signed-off-by: Manuel Rüger manuel@rueg.eu

Created at 2 days ago

Add Metrics for EndpointSlices

Implements https://pkg.go.dev/k8s.io/api/discovery/v1#EndpointSlice

This resourcetype is disabled by default as they are very verbose and have a high cardinality. Metrics from endpointslices can be used to identify if specific pods are part of an endpoint and thus discoverable through a service.

Signed-off-by: Manuel Rüger manuel@rueg.eu

Created at 2 days ago

Add Metrics for EndpointSlices

Implements https://pkg.go.dev/k8s.io/api/discovery/v1#EndpointSlice

This resourcetype is disabled by default as they are very verbose and have a high cardinality. Metrics from endpointslices can be used to identify if specific pods are part of an endpoint and thus discoverable through a service.

Signed-off-by: Manuel Rüger manuel@rueg.eu

Created at 2 days ago

Add Metrics for EndpointSlices

Implements https://pkg.go.dev/k8s.io/api/discovery/v1#EndpointSlice

This resourcetype is disabled by default as they are very verbose and have a high cardinality. Metrics from endpointslices can be used to identify if specific pods are part of an endpoint and thus discoverable through a service.

Signed-off-by: Manuel Rüger manuel@rueg.eu

Created at 2 days ago
pull request opened
Add Metrics for EndpointSlices

What this PR does / why we need it: Implements https://pkg.go.dev/k8s.io/api/discovery/v1#EndpointSlice Metrics from endpointslices can be used to identify if specific pods are part of an endpoint and thus discoverable through a service.

kube_endpointslice_info{endpointslice="my-app-75zcw",addresstype="IPv4"} 1
kube_endpointslice_created{endpointslice="my-app-75zcw"} 1.605287362e+09
kube_endpointslice_endpoints{endpointslice="my-app-75zcw",ready="true",serving="true",terminating="false",targetref_kind="Pod",targetref_name="my-app-73967648-75dgx",targetref_namespace="my-namespace",endpoint_nodename="my-node",endpoint_zone="west",address="192.168.1.1"} 1
kube_endpointslice_ports{endpointslice="my-app-75zcw",port_name="http",port_protocol="TCP",port_number="8080"} 1

How does this change affect the cardinality of KSM: (increases, decreases or does not change cardinality) This resource type is disabled by default as they are very verbose and have a high cardinality.

Created at 2 days ago
create branch
mrueg create branch add-endpointslices
Created at 2 days ago
pull request closed
endpoint: Rename createEndpointsListWatch() to createEndpointListWatch()

Small change for consistency.

All other ListWatch functions use the singular for the resource they watch in their function name.

Created at 3 days ago
endpoint: Rename createEndpointsListWatch() to createEndpointListWatch()

Ah nvm, this makes sense because the resource is v1.Endpoints{}

Created at 3 days ago
Merge Release 2.7 back to master branch

/unhold

Created at 3 days ago
pull request opened
endpoint: Rename createEndpointsListWatch() to createEndpointListWatch()

Small change for consistency.

All other ListWatch functions use the singular for the resource they watch in their function name.

Created at 3 days ago
create branch
mrueg create branch fix-endpointfuncnaming
Created at 3 days ago