Use SQL to query Kubernetes components.
Apart from querying the deployed resources, the plugin also supports scanning the Kubernetes manifest files from different sources, parsing the configured Helm charts and scanning all the templates to get the list of Kubernetes resources.
- Get started →
- Documentation: Table definitions & examples
- Community: Join #steampipe on Slack →
- Get involved: Issues
Download and install the latest Kubernetes plugin:
steampipe plugin install kubernetes
Installing the latest Kubernetes plugin will create a config file (~/.steampipe/config/kubernetes.spc
) with a single connection named kubernetes
:
connection "kubernetes" {
plugin = "kubernetes"
# By default, the plugin will use credentials in "~/.kube/config" with the current context.
# OpenID Connect (OIDC) authentication is supported without any extra configuration.
# The kubeconfig path and context can also be specified with the following config arguments:
# Specify the file path to the kubeconfig.
# Can also be set with the "KUBECONFIG" or "KUBE_CONFIG_PATH" environment variables. Plugin will prioritize KUBECONFIG if both are available.
# config_path = "~/.kube/config"
# Specify a context other than the current one.
# config_context = "minikube"
# List of custom resources that will be created as dynamic tables.
# No dynamic tables will be created if this arg is empty or not set.
# Wildcard based searches are supported.
# For example:
# - "*" matches all custom resources available
# - "*.storage.k8s.io" matches all custom resources in the storage.k8s.io group
# - "certificates.cert-manager.io" matches a specific custom resource "certificates.cert-manager.io"
# - "backendconfig" matches the singular name "backendconfig" in any group
# Defaults to all custom resources
custom_resource_tables = ["*"]
# If no kubeconfig file can be found, the plugin will attempt to use the service account Kubernetes gives to pods.
# This authentication method is intended for clients that expect to be running inside a pod running on Kubernetes.
# Specify the source(s) of the resource(s). Possible values: `deployed`, `helm` and `manifest`.
# Defaults to all possible values. Set the argument to override the default value.
# If `deployed` is contained in the value, tables will show all the deployed resources.
# If `helm` is contained in the value, tables will show resources from the configured helm charts.
# If `manifest` is contained in the value, tables will show all the resources from the kubernetes manifest. Make sure that the `manifest_file_paths` arg is set.
# source_types = ["deployed", "helm", "manifest"]
# Manifest File Configuration
# Manifest file paths is a list of locations to search for Kubernetes manifest files
# Manifest file paths can be configured with a local directory, a remote Git repository URL, or an S3 bucket URL
# Refer https://hub.steampipe.io/plugins/turbot/kubernetes#supported-path-formats for more information
# Wildcard based searches are supported, including recursive searches
# Local paths are resolved relative to the current working directory (CWD)
# For example:
# - "*.yml" or "*.yaml" or "*.json" matches all Kubernetes manifest files in the CWD
# - "**/*.yml" or "**/*.yaml" or "**/*.json" matches all Kubernetes manifest files in the CWD and all sub-directories
# - "../*.yml" or "../*.yaml" or "../*.json" matches all Kubernetes manifest files in the CWD's parent directory
# - "steampipe*.yml" or "steampipe*.yaml" or "steampipe*.json" matches all Kubernetes manifest files starting with "steampipe" in the CWD
# - "/path/to/dir/*.yml" or "/path/to/dir/*.yaml" or "/path/to/dir/*.json" matches all Kubernetes manifest files in a specific directory
# - "/path/to/dir/main.yml" or "/path/to/dir/main.yaml" or "/path/to/dir/main.json" matches a specific file
# If the given paths includes "*", all files (including non-kubernetes manifest files) in
# the CWD will be matched, which may cause errors if incompatible file types exist
# Defaults to CWD
# manifest_file_paths = [ "*.yml", "*.yaml", "*.json" ]
# Helm configuration
# A map for Helm charts along with the path to the chart directory and the paths of the value override files (if any).
# Every map should have chart_path defined, and the values_file_paths is optional.
# You can define multiple charts in the config.
# helm_rendered_charts = {
# "chart_name" = {
# chart_path = "/path/to/chart/dir"
# values_file_paths = ["/path/to/value/override/files.yaml"]
# }
# }
}
Run steampipe:
steampipe query
List all pods:
select
name,
namespace,
phase,
creation_timestamp,
pod_ip
from
kubernetes_pod;
+-----------------------------------------+-------------+-----------+---------------------+-----------+
| name | namespace | phase | creation_timestamp | pod_ip |
+-----------------------------------------+-------------+-----------+---------------------+-----------+
| metrics-server-86cbb8457f-bf8dm | kube-system | Running | 2021-06-11 14:21:48 | 10.42.0.5 |
| coredns-7448499f4d-klb8l | kube-system | Running | 2021-06-11 14:21:48 | 10.42.0.6 |
| helm-install-traefik-crd-hb87d | kube-system | Succeeded | 2021-06-11 14:21:48 | 10.42.0.3 |
| local-path-provisioner-5ff76fc89d-c9hnm | kube-system | Running | 2021-06-11 14:21:48 | 10.42.0.2 |
+-----------------------------------------+-------------+-----------+---------------------+-----------+
This plugin is available for the following engines:
Engine | Description |
---|---|
Steampipe | The Steampipe CLI exposes APIs and services as a high-performance relational database, giving you the ability to write SQL-based queries to explore dynamic data. Mods extend Steampipe's capabilities with dashboards, reports, and controls built with simple HCL. The Steampipe CLI is a turnkey solution that includes its own Postgres database, plugin management, and mod support. |
Postgres FDW | Steampipe Postgres FDWs are native Postgres Foreign Data Wrappers that translate APIs to foreign tables. Unlike Steampipe CLI, which ships with its own Postgres server instance, the Steampipe Postgres FDWs can be installed in any supported Postgres database version. |
SQLite Extension | Steampipe SQLite Extensions provide SQLite virtual tables that translate your queries into API calls, transparently fetching information from your API or service as you request it. |
Export | Steampipe Plugin Exporters provide a flexible mechanism for exporting information from cloud services and APIs. Each exporter is a stand-alone binary that allows you to extract data using Steampipe plugins without a database. |
Turbot Pipes | Turbot Pipes is the only intelligence, automation & security platform built specifically for DevOps. Pipes provide hosted Steampipe database instances, shared dashboards, snapshots, and more. |
Prerequisites:
Clone:
git clone https://github.com/turbot/steampipe-plugin-kubernetes.git
cd steampipe-plugin-kubernetes
Build, which automatically installs the new version to your ~/.steampipe/plugins
directory:
make
Configure the plugin:
cp config/* ~/.steampipe/config
vi ~/.steampipe/config/kubernetes.spc
Try it!
steampipe query
> .inspect kubernetes
Further reading:
This repository is published under the Apache 2.0 (source code) and CC BY-NC-ND (docs) licenses. Please see our code of conduct. We look forward to collaborating with you!
Steampipe is a product produced from this open source software, exclusively by Turbot HQ, Inc. It is distributed under our commercial terms. Others are allowed to make their own distribution of the software, but cannot use any of the Turbot trademarks, cloud services, etc. You can learn more in our Open Source FAQ.
Want to help but don't know where to start? Pick up one of the help wanted
issues: