Deprecations AKA KubePug - Pre UpGrade (Checker)
KubePug/Deprecations is intended to be a kubectl plugin, which:
- Downloads a swagger.json from a specific Kubernetes version
- Parses this Json finding deprecation notices
- Verifies the current kubernetes cluster checking wether exists objects in this deprecated API Versions, allowing the user to check before migrating
- Helps Katz to be a better developer
How to use it as a krew plugin
Just run kubectl krew install deprecations
How to Use it as a standalone program
Download the correct version from Releases page.
After that, the command can be used just as kubectl, but with the following flags:
$ kubepug --help
[...]
Flags:
--cluster string The name of the kubeconfig cluster to use
--context string The name of the kubeconfig context to use
--description Wether to show the description of the deprecated object. The description may contain the solution for the deprecation. Defaults to true (default true)
--force-download Wether to force the download of a new swagger.json file even if one exists. Defaults to false
-h, --help help for kubectl
--k8s-version string Which kubernetes release version (https://github.com/kubernetes/kubernetes/releases) should be used to validate objects. Defaults to master (default "master")
--kubeconfig string Path to the kubeconfig file to use for CLI requests.
--swagger-dir string Where to keep swagger.json downloaded file. Defaults to current directory
$ kubepug --k8s-version=v1.17.0 # Will verify the current context against v1.17.0 swagger.json
[...]
ClusterRole found in rbac.authorization.k8s.io/v1beta1
├─ ClusterRole is a cluster level, logical grouping of PolicyRules that can be referenced as a unit by a RoleBinding or ClusterRoleBinding. Deprecated in v1.17 in favor of rbac.authorization.k8s.io/v1 ClusterRole, and will no longer be served in v1.20.
-> GLOBAL: admin
-> GLOBAL: cluster-admin
-> GLOBAL: edit
NetworkPolicy found in extensions/v1beta1
├─ DEPRECATED 1.9 - This group version of NetworkPolicy is deprecated by networking/v1/NetworkPolicy. NetworkPolicy describes what network traffic is allowed for a set of Pods
-> Object: ingress-to-backend namespace: development
DaemonSet found in extensions/v1beta1
├─ DEPRECATED - This group version of DaemonSet is deprecated by apps/v1beta2/DaemonSet. See the release notes for more information. DaemonSet represents the configuration of a daemon set.
-> Object: kindnet namespace: kube-system
-> Object: kube-proxy namespace: kube-system
Air-gapped environment
This happens when you have a secure environment that does not have an internet connectivity.
Steps to follow:
- Download swagger file in a machine that has internet connection
$ curl -o swagger-v1.17.0.json https://raw.githubusercontent.com/kubernetes/kubernetes/v1.17.0/api/openapi-spec/swagger.json
-
Securely move the json file to your Air-Gapped environment, to the folder of your choosing. This folder will be used by
kubepug
. -
Execute
kubepug
with the optionswagger-dir
, like this
$ kubepug --k8s-version=v1.17.0 --swagger-dir=/your/swagger/folder
This will verify the current context against the swagger file we downloaded and copied over manually
Screenshot
Todo
- Add some Unit Tests
References
As I've used this project to learn Go and also some Kubernetes client-go some parts of this plugin are based in Caio Begotti's Pod-Tree, Ahmet Balkan kubectl-tree and Bitnami Kubecfg
Logo based in Mão vetor criado por freepik - br.freepik.com