Heptio Sonobuoy is a diagnostic tool that makes it easier to understand the state of a Kubernetes cluster by running a set of Kubernetes conformance tests in an accessible and non-destructive manner.
Heptio have come out with some useful kubernetes tools; sonobuoy being one.
In this post, I will spin up a kubernetes cluster on AWS using latest version of kops (1.8) and test drive sonobuoy scanner tool.
Rather than install kops and kubectl locally, I have published a docker image that you can use as a utility container.
Alpine kops docker image includes kops, kubectl, terraform, aws cli and helm. The swiss army knife for kubernetes!!
Kubernetes installation
Run the container
docker run --rm -it \
-v "$HOME"/.ssh:/root/.ssh:ro \
-v "$HOME"/.aws:/root/.aws:ro \
-v "$HOME"/.kube:/root/.kube:rw \
-v "$HOME"/.helm:/root/.helm:rw \
-v "$(pwd)":/workdir \
-w /workdir \
shanelee007/alpine-kops
Then create the cluster on AWS. Here I am creating one master instance and two worker nodes
kops create cluster --v=0 \
--cloud=aws \
--node-count 2 \
--master-size=m3.medium \
--master-zones=ap-southeast-2a \
--zones ap-southeast-2a,ap-southeast-2c \
--name= ${NAME} \
--node-size=m3.medium \
--node-volume-size=20
Before scanning the cluster, I will deploy a few applications.
Bitnami have come out with kubeapps, to easily deploy apps on your cluster.
Bitnami KubeApps
Kubeapps is a Kubernetes dashboard that supercharges your Kubernetes cluster with simple browse and click deployment of apps in any format.
Installation
sudo curl -L https://github.com/kubeapps/installer/releases/download/v0.2.0/kubeapps-linux-amd64 -o /usr/local/bin/kubeapps && sudo chmod +x /usr/local/bin/kubeapps
To see what it installs, run dry run first
kubeapps up --dry-run -o yaml
Once your happy, lets kick it off
kubeapps up
Dashboard
Once Kubeapps is installed, securely access the Kubeapps Dashboard from your system by running:
kubeapps dashboard
This will start an HTTP proxy for secure access to the Kubeapps Dashboard and launch your default browser to access it.
Deploy wordpress
Using the "Charts" menu from the Dashboard welcome page I will select wordpress application from the list of charts in the official Kubernetes chart repository.
Sonobuoy
Now lets install sonobuoy on the cluster and run the diagnostics.
You will find the steps here
Once you run the command, you will see in the browser to see the conformance results.
You will see two pods running in the namespace heptio-sonobuoy
NAME READY STATUS RESTARTS AGE
sonobuoy 3/3 Running 0 5m
sonobuoy-e2e-job-bf586487f2f64f0b 2/2 Running 0 4m
It may take up to 60 mins to run the tests. So sit back and relax... 😉
To see what is happening you can use kubetail to tail the logs
kubetail sonobuoy -n heptio-sonobuoy
kubetail sonobuoy-e2e-job-bf586487f2f64f0b -n heptio-sonobuoy
Sonobuoy results
Once it finishes, you can download the results and keep the report by exporting as a pdf.
All tests passed. There you have it!
Stay tuned for more kubernetes goodness.. ⚓️