Closed5
k8s運用者に必見なkrewを試す
harrythecodeインストールはこちらの手順を参考に
harrythecode現時点でM1 Macに対応しているプラグイン一覧。
$ kubectl krew search|grep -v unavailable
NAME DESCRIPTION INSTALLED
access-matrix Show an RBAC access matrix for server resources no
accurate Manage Accurate, a multi-tenancy controller no
allctx Run commands on contexts in your kubeconfig no
assert Assert Kubernetes resources no
auth-proxy Authentication proxy to a pod or service no
aws-auth Manage aws-auth ConfigMap no
azad-proxy Generate and handle authentication for azad-kub... no
blame Show who edited resource fields. no
bulk-action Do bulk actions on Kubernetes resources. no
ca-cert Print the PEM CA certificate of the current clu... no
capture Triggers a Sysdig capture to troubleshoot the r... no
cert-manager Manage cert-manager resources inside your cluster no
cluster-group Exec commands across a group of contexts. no
clusternet Wrap multiple kubectl calls to Clusternet no
cm Provides commands for OCM/MCE/ACM. no
cnpg Manage your CloudNativePG clusters no
config-registry Switch between registered kubeconfigs no
cost View cluster cost information no
ctx Switch between contexts in your kubeconfig no
custom-cols A "kubectl get" replacement with customizable c... no
cyclonus NetworkPolicy analysis tool suite no
datree Scan your cluster resources for misconfigurations no
dds Detect if workloads are mounting the docker socket no
debug-shell Create pod with interactive kube-shell. no
deprecations Checks for deprecated objects in a cluster yes
df-pv Show disk usage (like unix df) for persistent v... no
direct-csi CSI driver to manage drives in k8s cluster as v... no
directpv Deploys and manages the lifecycle of DirectPV C... no
dtlogin Login to a cluster via openid-connect no
edit-status Edit /status subresources of CRs no
eksporter Export resources and removes a pre-defined set ... no
example Prints out example manifest YAMLs no
exec-as Like kubectl exec, but offers a `user` flag to ... no
exec-cronjob Run a CronJob immediately as Job no
explore A better kubectl explain with the fuzzy finder no
fuzzy Fuzzy and partial string search for kubectl no
gadget Gadgets for debugging and introspecting apps no
get-all Like `kubectl get all` but _really_ everything no
gke-credentials Fetch credentials for GKE clusters no
gopass Imports secrets from gopass no
graph Visualize Kubernetes resources and relationships. no
gs Handle custom resources with Giant Swarm no
hns Manage hierarchical namespaces (part of HNC) no
htpasswd Create nginx-ingress compatible basic-auth secrets no
ice View configuration settings of containers insid... no
iexec Interactive selection tool for `kubectl exec` no
images Show container images used in the cluster. no
istiolog Manipulate istio-proxy logging level without is... no
kadalu Manage Kadalu Operator, CSI and Storage pods no
karbon Connect to Nutanix Karbon cluster no
karmada Manage clusters with Karmada federation. no
konfig Merge, split or import kubeconfig files no
krew Package manager for kubectl plugins. yes
kruise Easily handle OpenKruise workloads no
ktop A top tool to display workload metrics no
kurt Find what's restarting and why no
kuttl Declaratively run and test operators no
kyverno Kyverno is a policy engine for kubernetes no
lineage Display all dependent resources or resource dep... no
linstor View and manage LINSTOR storage resources no
log2rbac Fine-tune your RBAC using log2rbac operator no
minio Deploy and manage MinIO Operator and Tenant(s) no
moco Interact with MySQL operator MOCO. no
modify-secret modify secret with implicit base64 translations no
mtail Tail logs from multiple pods matching label sel... no
multiforward Port Forward to multiple Kubernetes Services no
neat Remove clutter from Kubernetes manifests to mak... no
net-forward Proxy to arbitrary TCP services on a cluster ne... no
node-admin List nodes and run privileged pod with chroot no
node-restart Restart cluster nodes sequentially and gracefully no
node-shell Spawn a root shell on a node via kubectl no
ns Switch between Kubernetes namespaces no
nsenter Run shell command in Pod's namespace on the nod... no
oidc-login Log in to the OpenID Connect provider no
open-svc Open the Kubernetes URL(s) for the specified se... no
openebs View and debug OpenEBS storage resources no
operator Manage operators with Operator Lifecycle Manager no
oulogin Login to a cluster via OpenUnison no
outdated Finds outdated container images running in a cl... no
pexec Execute process with privileges in a pod no
pod-inspect Get all of a pod's details at a glance no
pod-lens Show pod-related resources no
pod-logs Display a list of pods to get logs from no
pod-shell Display a list of pods to execute a shell in no
preflight Executes application preflight tests in a cluster no
print-env Build config files from k8s environments. no
promdump Dumps the head and persistent blocks of Prometh... no
prompt Prompts for user confirmation when executing co... no
prune-unused Prune unused resources no
pv-migrate Migrate data across persistent volumes no
rabbitmq Manage RabbitMQ clusters no
rbac-tool Plugin to analyze RBAC permissions and generate... no
relay Drop-in "port-forward" replacement with UDP and... no
rename-pvc Rename a PersistentVolumeClaim (PVC) no
resource-capacity Provides an overview of resource requests, limi... no
resource-versions Print supported API resource versions no
restart Restarts a pod with the given name no
rm-standalone-pods Remove all pods without owner references no
roll Rolling restart of all persistent pods in a nam... no
rook-ceph Rook plugin for Ceph management no
safe Prompts before running edit commands no
schemahero Declarative database schema migrations via YAML no
score Kubernetes static code analysis. no
secretdata Viewing decoded Secret data with search flags no
shovel Gather diagnostics for .NET Core applications no
sick-pods Find and debug Pods that are "Not Ready" no
slice Split a multi-YAML file into individual files. no
snap Delete half of the pods in a namespace or cluster no
sniff Start a remote packet capture on pods using tcp... no
socks5-proxy SOCKS5 proxy to Services or Pods in the cluster no
sort-manifests Sort manifest files in a proper order by Kind no
spy pod debugging tool for kubernetes clusters with... no
ssh-jump Access nodes or services using SSH jump Pod no
sshd Run SSH server in a Pod no
starboard Toolkit for finding risks in kubernetes resources no
stern Multi pod and container log tailing no
sudo Run Kubernetes commands impersonated as group s... no
support-bundle Creates support bundles for off-cluster analysis no
tmux-exec An exec multiplexer using Tmux no
tree Show a tree of object hierarchies through owner... no
view-allocations List allocations per resources, nodes, pods. no
view-secret Decode Kubernetes secrets no
view-serviceaccount-kubeconfig Show a kubeconfig setting to access the apiserv... no
view-utilization Shows cluster cpu and memory utilization no
vpa-recommendation Compare VPA recommendations to actual resources... no
who-can Shows who has RBAC permissions to access Kubern... no
whoami Show the subject that's currently authenticated... no
deprecations Checks for deprecated objects in a cluster
今回の目玉商品
get-all Like
kubectl get allbut really everything
これ地味に欲しかった
blame Show who edited resource fields.
ネーミングセンス😂 でも地味にトラブルシュートで使えそう。
who-can Shows who has RBAC permissions to access Kubernetes
これ地味に便利。例えば kubectl who-can '*' -n kube-system pod とするとkube-system配下のpodに対してadmin権限を持ってる者たちを全て列挙してくれる。
harrythecode他のやつを見てみたけど kubectl aliasを多用しているのとcontext変更はkubeconfigを分けて自作で行なっているので他のプラグインは正直微妙でした...。Goでプラグインを作れるので何か同じ作業をする必要があるものをプラグイン化しても良さそうですね!
このスクラップは2022/06/15にクローズされました