search

kubernetes / kube-state-metrics

Add-on agent to generate and expose cluster-level metrics.
https://kubernetes.io/docs/concepts/cluster-administration/kube-state-metrics/
Apache License 2.0
5.34k stars 1.99k forks source link

Support namespace selector for filtering #2132

Open cskinfill opened 1 year ago

cskinfill commented 1 year ago

What would you like to be added: Support using namespace selector for filtering which resources to acquire metrics for.

Why is this needed: This would seem to fit more naturally into the kubernetes model of using selectors to select resources. Also, this makes it easier to select on namespaces that have a label, rather then trying to manage a list of namespace names.

Describe the solution you'd like --namespace-selector workload=testme would select all namespaces with the label workload equal to the value testm. Additional context

nerzhul commented 1 year ago

Hello, I was about to ask the same thing. Where i work we are moving kube-state-metrics from a global instance to a per client instance, and i'd like to use a namespace selector to discard migrated clients from the global instance (like we can do with prometheus operator). Is it possible ?

dashpole commented 1 year ago

/assign @dgrisonnet /triage accepted

buger commented 1 year ago

Fully generated by AI Architect, can contain faulty statements

You're right, adding support for selecting namespaces via label selector would be a useful addition to kube-state-metrics. Here is how I would suggest implementing namespace selector support:

Command line option

Add a new command line flag to specify the namespace selector:


--namespace-selector string      Label selector to filter namespaces by

This would accept a valid label selector string like workload=testme.

Configuration

Update the pkg/options.Options struct to include the new field:


type Options struct {

  //...

  NamespaceSelector string

}

Namespace filtering

When building the cache stores, apply the namespace selector to the namespace ListOptions:


func (b *Builder) BuildStores() {

  opts := metav1.ListOptions{

    LabelSelector: options.NamespaceSelector, 

  }

  listWatch := cache.ListWatch{

    ListFunc: func(opts metav1.ListOptions) {

      // Filter namespaces by selector

    },

  }

  // Pass listWatch to store builder  

}

This would make each cache store only list/watch the selected namespaces.

Documentation

Update the readme and docs to include details on the new --namespace-selector option.

Let me know if you would like any clarification or have additional questions! I think namespace selector would be a handy feature to allow more precise filtering of metrics.

dgrisonnet commented 1 year ago

What you are proposing would be to add label selector rather than a namespace selector. We already have a namespace selector with the --namespaces option: https://github.com/kubernetes/kube-state-metrics/blob/main/pkg/options/options.go#L145

What you could do today to have a similar result would be to do:

kubectl get namespaces -l workload=testme

and append the list of namespaces to the --namespaces option of kube-state-metrics.

AntoineNGUYEN31 commented 11 months ago

@dgrisonnet your solution works, but cannot be scaled especiallyon on a managed k8s cluster. Admin will be solliciated on very newly created important namespace, and it implies redeployement of the stack.

Serializator commented 2 months ago

Just want to mention this here. This idea could help with #2400 as well. In a limited privilege environment this could help with only listing resources on namespaces the service account is privy too through the use of labels and selector at the namespace level.