Code Monkey home page Code Monkey logo

kube-dingtalk's Introduction

kube-dingtalk

kube-dingtalk is a monitoring service for Kubernetes. When a pod has failed, it will publish a message in DingDing channel.

Installation

  1. Create the dingding robot webhook.
  2. Use the dockerfile build container image in your project.
  3. (optional) If your kubernetes uses RBAC, you should apply the following manifest as well:
---
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: kube-dingtalk
rules:
- apiGroups: [""]
  resources: ["pods"]
  verbs: ["get", "watch", "list"]
---
apiVersion: v1
kind: ServiceAccount
metadata:
  name: kube-dingtalk
  namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
metadata:
  name: kube-dingtalk
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: kube-dingtalk
subjects:
  - kind: ServiceAccount
    name: kube-dingtalk
    namespace: kube-system

Load this Deployment into your Kubernetes. Make sure you set DINGTALK_TOKEN to the Webhook URL and uncomment serviceAccountName if you use RBAC

apiVersion: extensions/v1beta1
kind: Deployment
metadata:
  name: kube-dingtalk
  namespace: kube-system
spec:
  replicas: 1
  revisionHistoryLimit: 3
  template:
    metadata:
      annotations:
        scheduler.alpha.kubernetes.io/critical-pod: ""
      name: kube-dingtalk
      labels:
        app: kube-dingtalk
    spec:
     # Uncomment serviceAccountName if you use RBAC.
      serviceAccountName: kube-dingtalk
      containers:
      - name: kube-dingtalk
        image: kube-dingtalk:v1  # Use the dockerfile build image in your project 
        env:
        - name: DINGTALK_TOKEN
          value: xxxxxxxxxxxxx
        #- name: TICK_RATE
        #  value: "60000"
        - name: FLOOD_EXPIRE
          value: "120000"
        - name: NOT_READY_MIN_TIME
          value: "120000"
        #- name: KUBE_NAMESPACES_ONLY
        #  value: kube-system
        resources:
          requests:
            memory: 30M
            cpu: 5m
      tolerations:
      - effect: NoSchedule
        key: node-role.kubernetes.io/master
      - key: CriticalAddonsOnly
        operator: Exists
  1. To test, try creating a failing pod. The bot should announce in the channel after 15s with the status ErrImagePull. Example of failing image:
apiVersion: v1
kind: Pod
metadata:
  name: kube-slack-test
spec:
  containers:
  - image: willwill/inexisting
    name: kube-slack-test

Additionally, the following environment variables can be used:

  • TICK_RATE: How often to update in milliseconds. (Default to 15000 or 15s)
  • FLOOD_EXPIRE: Repeat notification after this many milliseconds has passed after status returned to normal. (Default to 60000 or 60s)
  • NOT_READY_MIN_TIME: Time to wait after pod become not ready before notifying. (Default to 60000 or 60s)
  • KUBE_USE_KUBECONFIG: Read Kubernetes credentials from active context in ~/.kube/config (default off)
  • KUBE_USE_CLUSTER: Read Kubernetes credentials from pod (default on)
  • KUBE_NAMESPACES_ONLY: Monitor a list of specific namespaces, specified either as json array or as a string of comma seperated values (foo_namespace,bar_namespace).

kube-dingtalk's People

Contributors

gotoworld avatar yangpeng14 avatar

Stargazers

avatar avatar avatar

Watchers

avatar

Forkers

gotoworld lucas-gu

kube-dingtalk's Issues

overwrite etc/ssl/openssl.cnf error, when use alpine v3.7

fetch http://mirrors.aliyun.com/alpine/v3.7/main/x86_64/APKINDEX.tar.gz
v3.7.3-170-g2e95874e52 [http://mirrors.aliyun.com/alpine/v3.7/main/]
OK: 5720 distinct packages available
(1/33) Downgrading musl (1.1.20-r4 -> 1.1.18-r4)
(2/33) Installing libressl2.6-libcrypto (2.6.5-r0)
ERROR: libressl2.6-libcrypto-2.6.5-r0: trying to overwrite etc/ssl/cert.pem owned by ca-certificates-cacert-20190108-r0.
ERROR: libressl2.6-libcrypto-2.6.5-r0: trying to overwrite etc/ssl/openssl.cnf owned by libcrypto1.1-1.1.1b-r1.
(3/33) Installing ca-certificates (20190108-r0)
(4/33) Downgrading libstdc++ (8.3.0-r0 -> 6.4.0-r5)
(5/33) Installing binutils-libs (2.30-r2)
(6/33) Installing binutils (2.30-r2)

npm ERR! Error: EACCES: permission denied, access '/app'

`
Step 8/10 : RUN npm config set registry https://registry.npm.taobao.org && npm install --production
---> Running in aa8a7d9d1786
npm WARN checkPermissions Missing write access to /app
npm WARN [email protected] No description
npm WARN [email protected] No repository field.
npm WARN [email protected] No license field.

npm ERR! code EACCES
npm ERR! syscall access
npm ERR! path /app
npm ERR! errno -13
npm ERR! Error: EACCES: permission denied, access '/app'
npm ERR! { [Error: EACCES: permission denied, access '/app']
npm ERR! stack: 'Error: EACCES: permission denied, access '/app'',
npm ERR! errno: -13,
npm ERR! code: 'EACCES',
npm ERR! syscall: 'access',
npm ERR! path: '/app' }
npm ERR!
npm ERR! The operation was rejected by your operating system.
npm ERR! It is likely you do not have the permissions to access this file as the current user
npm ERR!
npm ERR! If you believe this might be a permissions issue, please double-check the
npm ERR! permissions of the file and its containing directories, or try running
npm ERR! the command again as root/Administrator.

npm ERR! A complete log of this run can be found in:
npm ERR! /home/kube-dingtalk/.npm/_logs/2019-11-12T09_01_09_427Z-debug.log
The command '/bin/sh -c npm config set registry https://registry.npm.taobao.org && npm install --production' returned a non-zero code: 243
`

chown $user:$user /app

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.