From 5c9b844250020f3f01c3eec546e3ef6c593088fc Mon Sep 17 00:00:00 2001
From: Etienne Champetier <e.champetier@ateme.com>
Date: Tue, 10 Dec 2024 21:46:54 -0500
Subject: [PATCH 1/2] [kubernetes] collect some kubelet files

Having the config can be really helpful,
same for the cpu/memory manager state.

Signed-off-by: Etienne Champetier <e.champetier@ateme.com>
---
 sos/report/plugins/kubernetes.py | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/sos/report/plugins/kubernetes.py b/sos/report/plugins/kubernetes.py
index 30afa1bd0..106b6c2f8 100644
--- a/sos/report/plugins/kubernetes.py
+++ b/sos/report/plugins/kubernetes.py
@@ -46,6 +46,12 @@ class Kubernetes(Plugin):
     config_files = [
         "/etc/kubernetes",
         "/run/flannel",
+        "/var/lib/kubelet/config.yaml",
+        "/var/lib/kubelet/kubeadm-flags.env",
+        "/var/lib/kubelet/*_manager_state",
+    ]
+    forbidden_paths = [
+        "/etc/kubernetes/pki",
     ]
     resources = [
         'events',
@@ -105,7 +111,7 @@ def check_is_master(self):
     def setup(self):
         self.add_copy_spec(self.config_files)
 
-        self.add_forbidden_path("/etc/kubernetes/pki")
+        self.add_forbidden_path(self.forbidden_paths)
 
         self.add_env_var([
             'KUBECONFIG',

From 2a358b3da2c76bd0714ce7f74efca5dd9400d37d Mon Sep 17 00:00:00 2001
From: Etienne Champetier <e.champetier@ateme.com>
Date: Tue, 10 Dec 2024 22:30:22 -0500
Subject: [PATCH 2/2] [kubernetes] add kubelogs option

If your cluster is completely broken you can't gather
logs using kubectl / the API, so add an option to easily
copy logs from the most critical pods.

Signed-off-by: Etienne Champetier <e.champetier@ateme.com>
---
 sos/report/plugins/kubernetes.py | 13 ++++++++++++-
 1 file changed, 12 insertions(+), 1 deletion(-)

diff --git a/sos/report/plugins/kubernetes.py b/sos/report/plugins/kubernetes.py
index 106b6c2f8..132ee8f9e 100644
--- a/sos/report/plugins/kubernetes.py
+++ b/sos/report/plugins/kubernetes.py
@@ -53,6 +53,12 @@ class Kubernetes(Plugin):
     forbidden_paths = [
         "/etc/kubernetes/pki",
     ]
+    kube_system_logs = [
+        "/var/log/pods/kube-system_etcd-*",
+        "/var/log/pods/kube-system_kube-apiserver-*",
+        "/var/log/pods/kube-system_kube-controller-manager-*",
+        "/var/log/pods/kube-system_kube-scheduler-*",
+    ]
     resources = [
         'events',
         'deployments',
@@ -88,8 +94,10 @@ class Kubernetes(Plugin):
                   desc='collect all namespace output separately'),
         PluginOpt('describe', default=False,
                   desc='collect describe output of all resources'),
+        PluginOpt('kubelogs', default=False,
+                  desc='copy some kube-system pod logs without using the API'),
         PluginOpt('podlogs', default=False,
-                  desc='capture stdout/stderr logs from pods'),
+                  desc='capture stdout/stderr logs from pods using the API'),
         PluginOpt('podlogs-filter', default='', val_type=str,
                   desc='only collect logs from pods matching this pattern')
     ]
@@ -113,6 +121,9 @@ def setup(self):
 
         self.add_forbidden_path(self.forbidden_paths)
 
+        if self.get_option('kubelogs'):
+            self.add_copy_spec(self.kube_system_logs)
+
         self.add_env_var([
             'KUBECONFIG',
             'KUBERNETES_HTTP_PROXY',