search

robusta-dev / kubewatch

Watch k8s events and trigger Handlers
Apache License 2.0
630 stars 87 forks source link

Feature request: namespaceToIgnore #21

Open CapKenR opened 1 year ago

CapKenR commented 1 year ago

I have a namespace that is very noisy, i.e. jobs and pods created, updated, and deleted every minute. This namespace is on every cluster is the same and I'd like to have one configuration that works on all clusters. I don't want to have to include every namespace but this one from every cluster in a namespaceToWatch list.

arikalon1 commented 1 year ago

Hi @CapKenR

You can't do this in KubeWatch itself right now, but as a workaround you can do it via a Robusta playbook. Robusta is an open source project based on Kubewatch. Robusta provides message formatting, filtering and other advanced options.

Here's an example configuration:

customPlaybooks:
- triggers:
    - on_deployment_create:
        namespace_prefix: "default"
    - on_deployment_create:
        namespace_prefix: "stg-ns"
  actions:
    - create_finding:
        title: "Deployment named $name on namespace $namespace created"
        aggregation_key: "Deployment Created"
- triggers:
    - on_deployment_update:
        namespace_prefix: "default"
    - on_deployment_update:
        namespace_prefix: "stg-ns"
  actions:
    - create_finding:
        title: "Deployment named $name on namespace $namespace updated"
        aggregation_key: "Deployment Updated"
- triggers:
    - on_deployment_delete:
        namespace_prefix: "default"
    - on_deployment_delete:
        namespace_prefix: "stg-ns"
  actions:
    - create_finding:
        title: "Deployment named $name on namespace $namespace deleted"
        aggregation_key: "Deployment Deleted"

You can read more here.

There's also another robusta action you can use, that tracks changes here

Will that satisfy your requirements?

CapKenR commented 1 year ago

I was hoping to do this without introducing another tool, but I'll look at Robusta this weekend.

pasztorl commented 1 year ago

I think it would be great if we can specify ignore not just namespace but namespace:object level.

aantn commented 1 year ago

@pasztorl that's also the type of logic we're covering in Robusta:

- triggers:
    - on_deployment_create:
         namespace_prefix: "stg-ns"
          name_prefix: my-app-name
          labels_selector: app=my-app
  actions:
    - create_finding:
         title: "Deployment named $name on namespace $namespace created"
         aggregation_key: "Deployment Created"

The rationale for splitting this into two pods (KubeWatch and Robusta) is to split the Kubernetes event-listening logic from the general filtering, forwarding, and routing logic, which can be much more complex. E.g. you might want to forward certain namespaces to one Slack channel, but other namespaces to PagerDuty.