liornoy
commented
11 months ago hey @yonahd I would like to work on that, please. Is it fair to say that we call a namespace empty if there are not resources in there at all? is that correct?
Open yonahd opened 1 year ago
liornoy
commented
11 months ago hey @yonahd I would like to work on that, please. Is it fair to say that we call a namespace empty if there are not resources in there at all? is that correct?
yonahd
commented
11 months ago Yes. It should be with no resources except for the default service account
liornoy
commented
11 months ago Thanks, I already started working on this, and on my Kind cluster there is an auto-generated "kube-root-ca.crt' configmap that we might also want to add as an exception. wdyt?
liornoy
commented
11 months ago I see we even have a exceptionconfigmaps var for it
yonahd
commented
11 months ago Thanks, I already started working on this, and on my Kind cluster there is an auto-generated "kube-root-ca.crt' configmap that we might also want to add as an exception. wdyt?
Yes. This is default as well
roopeshsn
commented
9 months ago Hi @yonahd, I'd like to address this issue. Are the default resources, such as the service account and kube-root-ca.crt configmap, consistent across Kubernetes distributions? If so, can we determine whether a namespace is unused by checking for the presence of these default resources, and concluding that it is unused if there are no additional resources in that namespace?
yonahd
commented
9 months ago Hi @yonahd, I'd like to address this issue. Are the default resources, such as the service account and
kube-root-ca.crtconfigmap, consistent across Kubernetes distributions? If so, can we determine whether a namespace is unused by checking for the presence of these default resources, and concluding that it is unused if there are no additional resources in that namespace?
This is consistent. We want to take an approach similar to https://github.com/corneliusweig/ketall/tree/master
roopeshsn
commented
9 months ago I took time to view the implementation of Ketall. It constructs a slice of resource names with the API resources ([configmaps endpoints pods ...]). It creates a new resource builder from the kubernetes/cli-runtime package, passes the slice, and calls the methods Do().Object() which prints the resources from all the namespaces or from a specific namespace when the --namespace=<namespace> flag is passed.
Do you want me to see the logic of Do().Object() @yonahd?
roopeshsn
commented
9 months ago The thing I am confused about is that though we find all the resource types, create a builder from cli-runtime, and pass the resource types it will return an object with all the namespaced and default resources in a namespace. How it will be useful to find an unused namespace?
yonahd
commented
9 months ago @roopeshsn We don't find all resources. We don't even interact with all of them. The user can know which namespace he can consider empty(and avoid thinking its used by the default resources) and delete it. Not sure I completely understand the question
roopeshsn
commented
9 months ago @roopeshsn We don't find all resources. We don't even interact with all of them. The user can know which namespace he can consider empty(and avoid thinking its used by the default resources) and delete it. Not sure I completely understand the question
Exactly! Ketall finds the namespace resources using the cli-runtime package. How does that implementation help to find an unused namespace? However, we need to check and conclude a namespace is empty if it contains only default resources.
@yonahd
isindir
commented
5 months ago The above PR is still WIP - lacks parallel namespace processing and unit tests
Find namespaces with no resources