Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Feature request: namespaceToIgnore #21

Open
CapKenR opened this issue Jan 27, 2023 · 4 comments
Open

Feature request: namespaceToIgnore #21

CapKenR opened this issue Jan 27, 2023 · 4 comments

Comments

@CapKenR
Copy link

CapKenR commented Jan 27, 2023

I have a namespace that is very noisy, i.e. jobs and pods created, updated, and deleted every minute. This namespace is on every cluster is the same and I'd like to have one configuration that works on all clusters. I don't want to have to include every namespace but this one from every cluster in a namespaceToWatch list.
@arikalon1
Copy link
Collaborator

Hi @CapKenR

You can't do this in KubeWatch itself right now, but as a workaround you can do it via a Robusta playbook.
Robusta is an open source project based on Kubewatch.
Robusta provides message formatting, filtering and other advanced options.

Here's an example configuration:

customPlaybooks:
- triggers:
    - on_deployment_create:
        namespace_prefix: "default"
    - on_deployment_create:
        namespace_prefix: "stg-ns"
  actions:
    - create_finding:
        title: "Deployment named $name on namespace $namespace created"
        aggregation_key: "Deployment Created"
- triggers:
    - on_deployment_update:
        namespace_prefix: "default"
    - on_deployment_update:
        namespace_prefix: "stg-ns"
  actions:
    - create_finding:
        title: "Deployment named $name on namespace $namespace updated"
        aggregation_key: "Deployment Updated"
- triggers:
    - on_deployment_delete:
        namespace_prefix: "default"
    - on_deployment_delete:
        namespace_prefix: "stg-ns"
  actions:
    - create_finding:
        title: "Deployment named $name on namespace $namespace deleted"
        aggregation_key: "Deployment Deleted"

You can read more here.

There's also another robusta action you can use, that tracks changes here

Will that satisfy your requirements?

@CapKenR
Copy link
Author

CapKenR commented Jan 27, 2023

I was hoping to do this without introducing another tool, but I'll look at Robusta this weekend.

@pasztorl
Copy link

pasztorl commented Mar 2, 2023

I think it would be great if we can specify ignore not just namespace but namespace:object level.

@aantn
Copy link
Collaborator

aantn commented Mar 7, 2023

@pasztorl that's also the type of logic we're covering in Robusta:

- triggers:
    - on_deployment_create:
         namespace_prefix: "stg-ns"
          name_prefix: my-app-name
          labels_selector: app=my-app
  actions:
    - create_finding:
         title: "Deployment named $name on namespace $namespace created"
         aggregation_key: "Deployment Created"

The rationale for splitting this into two pods (KubeWatch and Robusta) is to split the Kubernetes event-listening logic from the general filtering, forwarding, and routing logic, which can be much more complex. E.g. you might want to forward certain namespaces to one Slack channel, but other namespaces to PagerDuty.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@aantn @CapKenR @arikalon1 @pasztorl