Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add basic endpoint validation #17

Open
eytan-avisror opened this issue Feb 24, 2022 · 1 comment
Open

Add basic endpoint validation #17

eytan-avisror opened this issue Feb 24, 2022 · 1 comment

Comments

@eytan-avisror
Copy link
Collaborator

eytan-avisror commented Feb 24, 2022
edited
Loading

Since componentstatuses is getting deprecated, In order to validate etcd and other control plane components we need to support endpoint validation e.g.

kubectl get --raw='/readyz?verbose'
[+]ping ok
[+]log ok
[+]etcd ok
[+]informer-sync ok
[+]poststarthook/start-kube-apiserver-admission-initializer ok
[+]poststarthook/generic-apiserver-start-informers ok
[+]poststarthook/priority-and-fairness-config-consumer ok
[+]poststarthook/priority-and-fairness-filter ok
[+]poststarthook/start-apiextensions-informers ok
[+]poststarthook/start-apiextensions-controllers ok
[+]poststarthook/crd-informer-synced ok
[+]poststarthook/bootstrap-controller ok
[+]poststarthook/rbac/bootstrap-roles ok
[+]poststarthook/scheduling/bootstrap-system-priority-classes ok
[+]poststarthook/priority-and-fairness-config-producer ok
[+]poststarthook/start-cluster-authentication-info-controller ok
[+]poststarthook/aggregator-reload-proxy-client-cert ok
[+]poststarthook/start-kube-aggregator-informers ok
[+]poststarthook/apiservice-registration-controller ok
[+]poststarthook/apiservice-status-available-controller ok
[+]poststarthook/kube-apiserver-autoregistration ok
[+]autoregister-completion ok
[+]poststarthook/apiservice-openapi-controller ok
[+]shutdown ok
readyz check passed

API can be something like:

apiVersion: v1alpha1
kind: ClusterValidator
metadata:
  name: validation
spec:
  configuration:
    <..configuration..>
  resources:
    <..cluster resources..>
  endpoints:
      # Support querying an endpoint from inside the cluster? similar to kubectl get --raw
    - cluster: "/readyz?include=etcd&verbose" # would be great if this can be supported
      # We should also add a generic option for any endpoint, but could also allow hitting the API externally
      url: "https://my-eks-api.elb.us-west-2.amazonaws.com/readyz?include=etcd&verbose"
      # acceptable HTTP codes
      codes: 
      - 200
      required: true

We can support additional options for client such as headers, etc later on
@eytan-avisror eytan-avisror changed the title Add endpoint validation Add basic endpoint validation Feb 24, 2022
@eytan-avisror
Copy link
Collaborator Author

eytan-avisror commented Mar 1, 2022
edited
Loading

We would have to differentiate cluster and http endpoint

apiVersion: v1alpha1
kind: ClusterValidator
metadata:
  name: validation
spec:
  configuration:
    <..configuration..>
  resources:
    <..cluster resources..>
  endpoints:
    cluster:
    - name: ETCD Validation
      uri: "/readyz?include=etcd&verbose"
      # indicate should succeed if required
      required: true
    http:
    - name: ETCD Validation
      url: "https://my-eks-api.elb.us-west-2.amazonaws.com/readyz?include=etcd&verbose"
      # acceptable HTTP codes
      codes: 
      - 200
      required: true

@eytan-avisror eytan-avisror mentioned this issue Mar 7, 2022
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@eytan-avisror