How do I get the pod ID in Kubernetes? - kubernetes

I am using Stackdriver Monitoring API to get the metrics related to the containers. The JSON object returned from the API has the following details of the container.
Example:
{
"metric": {
"type": "container.googleapis.com/container/cpu/utilization"
},
"resource": {
"type": "gke_container",
"labels": {
"zone": "us-central1-a",
"pod_id": "1138528c-c36e-11e9-a1a7-42010a800198",
"project_id": "auto-scaling-springboot",
"cluster_name": "load-test",
"container_name": "",
"namespace_id": "f0965889-c36d-11e9-9e00-42010a800198",
"instance_id": "3962380509873542383"
}
},
"metricKind": "GAUGE",
"valueType": "DOUBLE",
"points": [
{
"interval": {
"startTime": "2019-09-04T04:00:00Z",
"endTime": "2019-09-04T04:00:00Z"
},
"value": {
"doubleValue": 0.050707947222229495
}
}
]
}
When I execute kubectl describe pod [pod name], I get none of these information unique to a container. Therefore I am unable to identify the results corresponding to a container.
Therfore, how to I get the pod ID so that I'll be able to identify it?

Use kubectl jsonpath
To get a specific pod's UID:
$ kubectl get pods -n <namespace> <pod-name> -o jsonpath='{.metadata.uid}'
$ kubectl get pods -n kube-system kubedb-66f78 -o jsonpath='{.metadata.uid}'
275ecb36-5aa8-4c2a-9c47-d8bb681b9aff⏎
Use kubectl custom-columns
List all PodName along with its UID of a namespace:
$ kubectl get pods -n <namespace> -o custom-columns=PodName:.metadata.name,PodUID:.metadata.uid
$ kubectl get pods -n kube-system -o custom-columns=PodName:.metadata.name,PodUID:.metadata.uid
PodName PodUID
coredns-6955765f44-8kp9t 0ae5c03d-5fb3-4eb9-9de8-2bd4b51606ba
coredns-6955765f44-ccqgg 6aaa09a1-241a-4013-b706-fe80ae371206
etcd-kind-control-plane c7304563-95a8-4428-881e-422ce3e073e7
kindnet-jgb95 f906a249-ab9d-4180-9afa-4075e2058ac7
kube-apiserver-kind-control-plane 971165e8-6c2e-4f99-8368-7802c1e55e60
kube-controller-manager-kind-control-plane a0dce3a7-a734-485d-bfee-8ac3de6bb486
kube-proxy-27wgd d900c0b2-dc21-46b5-a97e-f30e830aa9be
kube-scheduler-kind-control-plane 9c6f2399-4986-4259-9cd7-875eff1d7198
Use Unix/Linux command grep
You can use kubectl get pods along with grep.
$ kubectl get pods -n <namespace> <pod-name> -o yaml | grep uid
uid: bcfbdfb5-ce0f-11e9-b83e-080027d4916d

Optionally, you can try this:
$ kubectl get pod -n <namespace> <pod_name> -o jsonpath='{.metadata.uid}'

Related

Kubectl json path select a field with special characters

I want to write a kubectl command to query all the namespace and then collect the value of a specific lable.
{
"apiVersion": "v1",
"items": [
{
"apiVersion": "v1",
"kind": "Namespace",
"metadata": {
"annotations": {
"kubectl.kubernetes.io/last-applied-configuration": "{\"apiVersion\":\"v1\",\"kind\":\"Namespace\",\"metadata\":{\"annotations\":{},\"labels\":{\"app.kubernetes.io/created-by\":\"testuser\",\"app.kubernetes.io/instance\":\"thisisatest\",\"app.kubernetes.io/name\":\"company\",\"app.kubernetes.io/version\":\"2.5\"},\"name\":\"thisiatest\"}}\n"
},
"creationTimestamp": "2022-09-01T13:16:12Z",
"labels": {
"app.kubernetes.io/created-by": "testuser",
...
I have a version with jq that works.
printf "\ncreated by:\n"
kubectl get namespace -l app.kubernetes.io/name=phoenics -o json | jq '.items [] | .metadata | .labels | ."app.kubernetes.io/created-by"'
But i can't really get a version with jsonpath to work. What am i doing wrong?
printf "\ncreated by: JsonPath\n"
kubectl get namespace -l app.kubernetes.io/name=phoenics -o jsonpath="{range ['items'][*]['metadata']['labels']['app.kubernetes.io/created-by']}{'\n'}{end}"
There is no output. Oh, and i'm working on windows with a git bash.
this should work:
kubectl get namespace -l app.kubernetes.io/name=phoenics \
-o jsonpath="{range .items[*]}{.metadata.labels.app\.kubernetes\.io/created-by}{'\n'}{end}"
No escape sequence required. Tested with k8s 1.22.12:
$ kubectl get namespace -l kubernetes.io/metadata.name=kube-system -o jsonpath="{range ['items'][*]}{['metadata']['labels']}{['kubernetes.io/metadata.name']}{'\n'}{end}"
$ {"kubernetes.io/metadata.name":"kube-system"}

parsing kubectl json output with jq or jsonpath

I would like to select, and list the crds which are containing the "v1beta1" in the
.spec.versions.*.name
The versions part of the crd object looks similar like this
"versions": [
{
"name": "v1alpha2",
"served": true,
"storage": true,
"subresources": {
"status": {}
},
"name": "v1beta1"
"served": true,
"storage": true,
"subresources": {
"status": {}
}
}
]
I tried some different queries like the following, but no success.
$ kubectl get crd -ojson | jq -r '.items[] | map(select(.spec.versions[] | contains("v1beta1"))).metadata.name'
jq: error (at <stdin>:250345): Cannot index string with string "spec"
Jsonpath solution would be also great. I tried something like this without success.
$ kubectl get crd -ojsonpath="{range .items.*.spec.versions.*}{.name[?(#=='v1beta1')].metadata.name}{'\n'}{end}"
Could someone help me please?
This will show the name using jsonpath: kubectl get crd -o jsonpath='{range .items[?(#.spec.versions[].name=="v1beta1")].metadata}{.name}{"\n"}'
You could base a jq solution on:
.spec.versions[] | select(.name | contains("v1beta1"))
or similar, e.g.
.spec.versions[] | select(.name | startswith("v1beta1"))

kubectl output formatted : looking for a specific column

I'm looking to have a specific column, through my initial kubectl command
kubectl --context oam-ska-yo_jonnylee -n ebzz get -o json ingressroute zz-oamtoto
This give me the json below
{
"apiVersion":"traefik.containo.us/v1alpha1",
"kind":"IngressRoute",
"metadata":{
"annotations":{
"kubectl.kubernetes.io/last-applied-configuration":"{"sum-up"}\n"
},
"creationTimestamp":"2021-02-23T11:17:56Z",
"generation":1,
"labels":{
"instance":"webzz"
},
"managedFields":[
{
"apiVersion":"traefik.containo.us/v1alpha1",
"fieldsType":"FieldsV1",
"fieldsV1":{
"f:metadata":{
"f:annotations":{
".":{
},
"f:kubectl.kubernetes.io/last-applied-configuration":{
}
},
"f:labels":{
".":{
},
"f:instance":{
}
}
},
"f:spec":{
".":{
},
"f:entryPoints":{
},
"f:routes":{
}
}
},
"manager":"kubectl",
"operation":"Update",
"time":"2021-02-23T11:17:56Z"
}
],
"name":"zz-oamtoto",
"namespace":"ebzz",
"resourceVersion":"61112315",
"selfLink":"/apis/traefik.containo.us/v1alpha1/namespaces/ebzz/ingressroutes/zz-oamtoto",
"uid":"42727XXX-dd9e-45e4-9c7d-1225aea125"
},
"spec":{
"entryPoints":[
"http"
],
"routes":[
{
"kind":"Rule",
"match":"Host(`ebzz.acme.com`)",
"middlewares":[
{
"name":"ebzz-ebzz-basicauth"
}
],
"services":[
{
"kind":"Service",
"name":"zz-oamtoto",
"port":1234
}
]
}
]
}
}
What I'm looking at is to find a specific column, the routes one and most of all, one of its specific sub-column
"match":"Host('ebzz.acme.com')"
I tried the command below
kubectl --context oam-ska-yo_jonnylee -n ebzz get -o=custom-columns=svc:.spec.routes.-kind ingressroute zz-oamtoto
Which gives me this:
[map[kind:Rule match:Host(`ebzz.acme.com`) middlewares:[map[name:ebzz-ebzz-basicauth]] services:[map[kind:Service name:zz-oamtoto port:1234]]]]
What i've tried so far
kubectl --context oam-ska-yo_jonnylee -n ebzz get -o=custom-columns=svc:.spec.routes[kind] ingressroute zz-oamtoto
It gives me this
svc
error: invalid array index kind
I've tried this as well
kubectl --context oam-ska-yo_jonnylee -n ebzz get -o=custom-columns=svc:.spec.routes["kind"] ingressroute zz-oamtoto
But it gives me this
svc
error: invalid array index kind
After many trials, this one works
kubectl --context oam-ska-yo_jonnylee -n ebz get -o=custom-columns=.spec.routes[0].match ingressroute zz-oamtoto
The option custom-columns should give you the tuning if you are looking for a column.
For the first column, you are aiming to, you need to put a .spec followed by a dot and the column name, like this .spec.column_name
Once there, the routes column part, in this example, is an array. Therefore you need to put the [], followed by the number and then followed by the subname, here match. it gives you .spec.routes[0].match
Note: I use a svc in my initial kubectly query. It was a mistake, there is no use for that.
If I understood you correctly, you need
kubectl --context oam-ska-yo_jonnylee -n ebz get ingressroute zz-oamtoto --output=jsonpath={.spec.routes.match}
Here you can find more examples: kubectl Cheat Sheet

How to access key in a map returned by kubectl

I want to access limits.memory variable returned by get command in k8s
kubectl get resourcequota default -n 103000-p4-dev -o custom-columns=USED:.status.used
USED
map[limits.memory:0 requests.cpu:0 requests.memory:0]
I tried many ways but couldn't succeed
[root#iaasn00126847 ~]# k get resourcequota default -n 103000-p4-dev -o custom-columns=USED:.status.used.limits.memory
returns nothing
Is there a delimiter to fetch the same
Try with jsonpath
kubectl get resourcequota default -n 103000-p4-dev -o jsonpath="{.status.used.limits\.memory}"
This is what I tried
$ kubectl apply -f https://k8s.io/examples/admin/resource/quota-mem-cpu.yaml
resourcequota/mem-cpu-demo created
$ kubectl get resourcequota
NAME CREATED AT
mem-cpu-demo 2019-10-09T06:38:39Z
$
$ kubectl get resourcequota mem-cpu-demo -o json
{
"apiVersion": "v1",
"kind": "ResourceQuota",
"metadata": {
"annotations": {
"kubectl.kubernetes.io/last-applied-configuration": "{\"apiVersion\":\"v1\",\"kind\":\"ResourceQuota\",\"metadata\":{\"annotations\":{},\"name\":\"mem-cpu-demo\",\"namespace\":\"default\"},\"spec\":{\"hard\":{\"limits.cpu\":\"2\",\"limits.memory\":\"2Gi\",\"requests.cpu\":\"1\",\"requests.memory\":\"1Gi\"}}}\n"
},
"creationTimestamp": "2019-10-09T06:38:39Z",
"name": "mem-cpu-demo",
"namespace": "default",
"resourceVersion": "975",
"selfLink": "/api/v1/namespaces/default/resourcequotas/mem-cpu-demo",
"uid": "0d74d782-b717-4845-a0da-424776c05d45"
},
"spec": {
"hard": {
"limits.cpu": "2",
"limits.memory": "2Gi",
"requests.cpu": "1",
"requests.memory": "1Gi"
}
},
"status": {
"hard": {
"limits.cpu": "2",
"limits.memory": "2Gi",
"requests.cpu": "1",
"requests.memory": "1Gi"
},
"used": {
"limits.cpu": "0",
"limits.memory": "0",
"requests.cpu": "0",
"requests.memory": "0"
}
}
}
$
$ kubectl get resourcequota mem-cpu-demo -o jsonpath="{.status.used}"
map[limits.cpu:0 limits.memory:0 requests.cpu:0 requests.memory:0]$
$
$ kubectl get resourcequota mem-cpu-demo -o jsonpath="{.status.used.limits\.memory}"
0
$
$ kubectl get resourcequota mem-cpu-demo -o jsonpath="{.status.hard.limits\.memory}"
2Gi
$
For values with /, you don't need to escape them, but just the dots using brackets.
$ kubectl -n istio-system get service http2-service-ingress \
-o jsonpath="{.metadata.annotations['service\.beta\.kubernetes\.io/aws-load-balancer-type']}"
Since you key (limits.memory) contains dot, maybe you should try like this:
[root#iaasn00126847 ~]# k get resourcequota default -n 103000-p4-dev -o custom-columns=USED:.status.used.'limits\.memory'
There is no need to use jsonpath. You can still use the custom-columns output, but you need to put the key in (single or double) quotes, and escape all the dots, like this:
k get resourcequota default -n 103000-p4-dev -o custom-columns=USED:.status.used."limits\.memory"
I am currently using this with kubectl v1.17, to list nodes, as follows:
kubectl get nodes -o custom-columns=NAME:.metadata.name,ZONE:.metadata.labels.'topology\.kubernetes\.io/region'
kubectl get nodes -o custom-columns=NAME:.metadata.name,ZONE:.metadata.labels."topology\.kubernetes\.io/region"

kubectl and seeing (cluster)roles assigned to subjects

I can use kubectl to see to which subjects a cluster role is applied, eg:
kubectl get clusterrolebindings system:node --all-namespaces -o json
{
"apiVersion": "rbac.authorization.k8s.io/v1beta1",
"kind": "ClusterRoleBinding",
....
....
"subjects": [
{
"apiGroup": "rbac.authorization.k8s.io",
"kind": "Group",
"name": "system:nodes"
}
]
}
I would like to get this info the other way around, eg: I want to list all policies applied to the "system:nodes" subject.
How can I do that?
There is no API for the reverse index. You can look up bindings and filter on ones containing the expected subject. For example, using bash, jq, and kubectl:
# $1 is kind (User, Group, ServiceAccount)
# $2 is name ("system:nodes", etc)
# $3 is namespace (optional, only applies to kind=ServiceAccount)
function getRoles() {
local kind="${1}"
local name="${2}"
local namespace="${3:-}"
kubectl get clusterrolebinding -o json | jq -r "
.items[]
|
select(
.subjects[]?
|
select(
.kind == \"${kind}\"
and
.name == \"${name}\"
and
(if .namespace then .namespace else \"\" end) == \"${namespace}\"
)
)
|
(.roleRef.kind + \"/\" + .roleRef.name)
"
}
$ getRoles Group system:authenticated
ClusterRole/system:basic-user
ClusterRole/system:discovery
$ getRoles ServiceAccount attachdetach-controller kube-system
ClusterRole/system:controller:attachdetach-controller