Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Explore ownership between built-in and custom resources #36

Closed
danielpacak opened this issue Jul 16, 2020 · 5 comments
Closed

Explore ownership between built-in and custom resources #36

danielpacak opened this issue Jul 16, 2020 · 5 comments

Comments

@danielpacak
Copy link

danielpacak commented Jul 16, 2020
edited
Loading

I do have a custom cluster-scoped resource CISKubeBenchReport that I'm associating with a built-in Node object. However, when I run $ kubectl tree node <node name> I cannot see such relationship displayed.

My objects, stripped out of nonessential properties, look as follows:

apiVersion: v1
kind: Node
metadata:
  name: minikube
  resourceVersion: "1666012"
  selfLink: /api/v1/nodes/minikube
  uid: 5d411e05-920b-4e56-a1c3-44da5bd7f12b
apiVersion: aquasecurity.github.io/v1alpha1
kind: CISKubeBenchReport
metadata:
  name: minikube-1594903596
  ownerReferences:
  - apiVersion: v1
    controller: false
    kind: Node
    name: minikube
    uid: 5d411e05-920b-4e56-a1c3-44da5bd7f12b
  resourceVersion: "1666246"
  selfLink: /apis/aquasecurity.github.io/v1alpha1/ciskubebenchreports/minikube-1594903596
  uid: d0e9598b-9372-4915-a4af-8d1c92710817
$ kubectl tree node minikube
No resources are owned by this object through ownerReferences.

Is there anything that I'm missing in my onwerReferences config or is that kubectl-tree that cannot handle such config?
@ahmetb
Copy link
Owner

ahmetb commented Jul 16, 2020

It might be because it's cluster-scoped. Gotta check out the code, I don't think we'd have anything explicitly prevents this.

@ahmetb
Copy link
Owner

ahmetb commented Jul 16, 2020

Actually yeah in query.go we explicitly skip non-namespaced CRDs. I am trying to remember why but there must've been a reason.

@danielpacak
Copy link
Author

Thanks for checking @ahmetb I'd love to know what was the reason for skipping non-namespaced CRDs. IMO Having them displayed by tree would be very useful.

@ahmetb
Copy link
Owner

ahmetb commented Jul 16, 2020

See #18 and #22 for context.
Apparently we used to query ALL resources in the cluster.
But now we query only the current namespace. However you should be able to get everything using --all-namespaces.

@danielpacak
Copy link
Author

Indeed! It works with the -A flag. Awesome @ahmetb . Thank you for a prompt reply and this amazing plugin 💪

$ k tree node minikube -A
NAMESPACE        NAME                                      READY  REASON        AGE
                 Node/minikube                             True   KubeletReady  30d
                 ├─CISKubeBenchReport/minikube-1594737175  -                    2d4h
                 ├─CISKubeBenchReport/minikube-1594903596  -                    5h49m
                 ├─CSINode/minikube                        -                    30d
kube-node-lease  ├─Lease/minikube                          -                    30d
kube-system      ├─Pod/etcd-minikube                       True                 30d
kube-system      ├─Pod/kube-apiserver-minikube             True                 30d
kube-system      ├─Pod/kube-controller-manager-minikube    True                 30d
kube-system      └─Pod/kube-scheduler-minikube             True                 30d

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@ahmetb @danielpacak