Can't start KubeHound 2.0.0

[kovacs-levent]

Describe the bug Can't start KubeHound by following the recommended steps from README.md.

To Reproduce Steps to reproduce the behavior:

1. Clone the repo (requirements are installed)
2. Run make kubehound
3. I fixed mongodb healthcheck... also, it doesn't matter, since without fixing it, it doesn't work either
4. Run bin/kubehound
5. See error

Expected behavior KubeHound starts and runs a scan without any manual intervention needed.

Output No need for screenshots, so here's my output:

$ make kubehound
WARNING: No blkio throttle.read_bps_device support
WARNING: No blkio throttle.write_bps_device support
WARNING: No blkio throttle.read_iops_device support
WARNING: No blkio throttle.write_iops_device support
DOCKER_HOSTNAME=NB-PF3E0CZE docker compose -f deployments/kubehound/docker-compose.yaml -f deployments/kubehound/docker-compose.dev.yaml -f deployments/kubehound/docker-compose.ui.yaml --profile infra up --force-recreate --build -d
WARN[0000] /home/wisefrog/git/KubeHound/deployments/kubehound/docker-compose.yaml: `version` is obsolete
WARN[0000] /home/wisefrog/git/KubeHound/deployments/kubehound/docker-compose.dev.yaml: `version` is obsolete
WARN[0000] /home/wisefrog/git/KubeHound/deployments/kubehound/docker-compose.ui.yaml: `version` is obsolete
[+] Building 1.4s (31/31) FINISHED                                                                                                                                                                docker:default
 => [notebook internal] load build definition from Dockerfile                                                                                                                                               0.0s
 => => transferring dockerfile: 2.84kB                                                                                                                                                                      0.0s
 => [notebook internal] load metadata for docker.io/library/amazonlinux:2                                                                                                                                   1.0s
 => [kubegraph internal] load build definition from Dockerfile                                                                                                                                              0.0s
 => => transferring dockerfile: 3.20kB                                                                                                                                                                      0.0s
 => [kubegraph internal] load metadata for docker.io/janusgraph/janusgraph:1.0.0                                                                                                                            1.0s
 => [kubegraph internal] load metadata for docker.io/library/maven:3-openjdk-11-slim                                                                                                                        0.9s
 => [notebook internal] load .dockerignore                                                                                                                                                                  0.0s
 => => transferring context: 2B                                                                                                                                                                             0.0s
 => [notebook 1/8] FROM docker.io/library/amazonlinux:2@sha256:85825c659f9d0d51218492aab1f71a1d5adae074e95019b5518c071249a9ec95                                                                             0.0s
 => [notebook internal] load build context                                                                                                                                                                  0.0s
 => => transferring context: 175B                                                                                                                                                                           0.0s
 => CACHED [notebook 2/8] RUN mkdir -p "/root" &&     mkdir -p "/root/notebooks" &&     yum update -y &&     yum install tar gzip git amazon-linux-extras which -y &&     curl --silent --location https:/  0.0s
 => CACHED [notebook 3/8] ADD KubeHound.ipynb /root/notebooks/KubeHound.ipynb                                                                                                                               0.0s
 => CACHED [notebook 4/8] ADD RedTeam.ipynb /root/notebooks/RedTeam.ipynb                                                                                                                                   0.0s
 => CACHED [notebook 5/8] ADD BlueTeam.ipynb /root/notebooks/BlueTeam.ipynb                                                                                                                                 0.0s
 => CACHED [notebook 6/8] ADD SecurityPosture.ipynb /root/notebooks/SecurityPosture.ipynb                                                                                                                   0.0s
 => CACHED [notebook 7/8] ADD ./service.sh /usr/bin/service.sh                                                                                                                                              0.0s
 => CACHED [notebook 8/8] RUN chmod +x /usr/bin/service.sh                                                                                                                                                  0.0s
 => [notebook] exporting to image                                                                                                                                                                           0.0s
 => => exporting layers                                                                                                                                                                                     0.0s
 => => writing image sha256:ac062a6fd18e4c0caaf52ecf09d56cffe4fa62ba7a421eccd2e125ae90a1aa3d                                                                                                                0.0s
 => => naming to docker.io/library/kubehound-dev-notebook                                                                                                                                                   0.0s
 => [kubegraph internal] load .dockerignore                                                                                                                                                                 0.0s
 => => transferring context: 2B                                                                                                                                                                             0.0s
 => [kubegraph internal] load build context                                                                                                                                                                 0.0s
 => => transferring context: 1.55kB                                                                                                                                                                         0.0s
 => [kubegraph stage-1 1/8] FROM docker.io/janusgraph/janusgraph:1.0.0@sha256:164893be6d2bb20d07729413fbae7e844d26ddbb2ebdad4cd3bad9187f464faa                                                              0.0s
 => [kubegraph build 1/4] FROM docker.io/library/maven:3-openjdk-11-slim@sha256:2cb7c73ba2fd0f7ae64cfabd99180030ec85841a1197b4ae821d21836cb0aa3b                                                            0.0s
 => CACHED [kubegraph stage-1 2/8] COPY --chown=janusgraph:janusgraph kubehound-db-init.groovy /docker-entrypoint-initdb.d/                                                                                 0.0s
 => CACHED [kubegraph stage-1 3/8] COPY --chown=janusgraph:janusgraph lib/jmx_prometheus_javaagent-0.18.0.jar /opt/janusgraph/lib/jmx_prometheus_javaagent-0.18.0.jar                                       0.0s
 => CACHED [kubegraph stage-1 4/8] COPY --chown=janusgraph:janusgraph lib/exporter-config.yaml /opt/janusgraph/lib/exporter-config.yaml                                                                     0.0s
 => CACHED [kubegraph stage-1 5/8] COPY --chown=janusgraph:janusgraph conf/jvm.options /opt/janusgraph/conf/jvm.options                                                                                     0.0s
 => CACHED [kubegraph build 2/4] COPY dsl/kubehound/src /home/app/src                                                                                                                                       0.0s
 => CACHED [kubegraph build 3/4] COPY dsl/kubehound/pom.xml /home/app                                                                                                                                       0.0s
 => CACHED [kubegraph build 4/4] RUN mvn -f /home/app/pom.xml clean install                                                                                                                                 0.0s
 => CACHED [kubegraph stage-1 6/8] COPY --from=build --chown=janusgraph:janusgraph /home/app/target/kubehound-1.0.0.jar /opt/janusgraph/lib/kubehound-1.0.0.jar                                             0.0s
 => CACHED [kubegraph stage-1 7/8] COPY --chown=janusgraph:janusgraph scripts/health-check.groovy /opt/janusgraph/scripts/                                                                                  0.0s
 => CACHED [kubegraph stage-1 8/8] COPY --chown=janusgraph:janusgraph kubehound-dsl-init.groovy /opt/janusgraph/scripts/                                                                                    0.0s
 => [kubegraph] exporting to image                                                                                                                                                                          0.0s
 => => exporting layers                                                                                                                                                                                     0.0s
 => => writing image sha256:dc2ea5bc822eb845d833934320ddc55644a76a99834860c190ec905b93d6b578                                                                                                                0.0s
 => => naming to docker.io/library/kubehound-dev-kubegraph                                                                                                                                                  0.0s
[+] Running 3/3
 ✔ Container kubehound-dev-notebook  Started                                                                                                                                                               10.8s
 ✔ Container kubehound-dev-graphdb   Healthy                                                                                                                                                                3.7s
 ✔ Container kubehound-dev-storedb   Started                                                                                                                                                                0.7s
cd cmd && go build -ldflags="-X github.com/DataDog/KubeHound/pkg/config.BuildVersion=59ba228-" -o ../bin/kubehound kubehound/*.go

Then trying to execute KubeHound:

$ bin/kubehound
INFO[0000] Initializing application telemetry            component=kubehound run_id=01hv1eq4hr4bfewxcf5v7g10yj service=kubehound
WARN[0000] Telemetry disabled via configuration          component=kubehound run_id=01hv1eq4hr4bfewxcf5v7g10yj service=kubehound
INFO[0000] Starting KubeHound (run_id: 01hv1eq4hr4bfewxcf5v7g10yj)  component=kubehound run_id=01hv1eq4hr4bfewxcf5v7g10yj service=kubehound
INFO[0000] Initializing providers (graph, cache, store)  component=kubehound run_id=01hv1eq4hr4bfewxcf5v7g10yj service=kubehound
INFO[0000] Loading cache provider                        component=kubehound run_id=01hv1eq4hr4bfewxcf5v7g10yj service=kubehound
INFO[0000] Loaded memcache cache provider                component=kubehound run_id=01hv1eq4hr4bfewxcf5v7g10yj service=kubehound
INFO[0000] Loading store database provider               component=kubehound run_id=01hv1eq4hr4bfewxcf5v7g10yj service=kubehound
Error: factory config creation: store database client creation: error parsing uri: scheme must be "mongodb" or "mongodb+srv"
Usage:
  kubehound-local [flags]
  kubehound-local [command]

Available Commands:
  completion  Generate the autocompletion script for the specified shell
  dump        Collect Kubernetes resources of a targeted cluster
  help        Help about any command

Flags:
  -c, --config string   application config file
  -h, --help            help for kubehound-local

Use "kubehound-local [command] --help" for more information about a command.

FATA[0000] factory config creation: store database client creation: error parsing uri: scheme must be "mongodb" or "mongodb+srv"  component=kubehound run_id=01hv1eq4hr4bfewxcf5v7g10yj service=kubehound

Desktop:

• OS: Ubuntu 22.04.4 LTS
• Browser N/A
• Version 22.04.4

Additional context Docker version:

$ docker version
Client: Docker Engine - Community
 Version:           20.10.23
 API version:       1.41
 Go version:        go1.18.10
 Git commit:        7155243
 Built:             Thu Jan 19 17:45:08 2023
 OS/Arch:           linux/amd64
 Context:           default
 Experimental:      true

Server: Docker Engine - Community
 Engine:
  Version:          26.0.0
  API version:      1.45 (minimum version 1.24)
  Go version:       go1.21.8
  Git commit:       8b79278
  Built:            Wed Mar 20 15:17:48 2024
  OS/Arch:          linux/amd64
  Experimental:     false
 containerd:
  Version:          1.6.28
  GitCommit:        ae07eda36dd25f8a1b98dfbf587313b99c0190bb
 runc:
  Version:          1.1.12
  GitCommit:        v1.1.12-0-g51d5e94
 docker-init:
  Version:          0.19.0
  GitCommit:        de40ad0

Docker compose & go installations:

$ docker compose version
Docker Compose version v2.26.1
$ go version
go version go1.22.1 linux/amd64

[kovacs-levent]

Just FYI, downloading release 2.0.0 also doesn't work, but v1.2.0 runs and works like a charm on my system.

[jt-dd]

It seems there is an issue with the embeding config (we already fixed it in the current branch). Can you try using the default config file ./kubehound -c configs/etc/kubehound.yaml ?

[kovacs-levent]

Yep... That works 👍 thanks for the suggestion!

[jt-dd]

I am going to keep open for now, but the next release will include the fix. Will close the issue when we push the next release.

[jt-dd]

Fix in v2.1.0-rc2. Feel free to reopen if you are having still some issues.