Bazaroid

useful-snippets

2 min de lecture

Audit libre.sh with kubectl

Run each one or all at one

echo "===== NODES =====" && kubectl get nodes -o wide
echo "===== NAMESPACES =====" && kubectl get ns
 
echo "===== LIBRESH-SYSTEM PODS =====" && kubectl -n libresh-system get pods -o wide
echo "===== TENANT-SAMPLE PODS =====" && kubectl -n tenant-sample get pods -o wide
echo "===== MINIO PODS =====" && kubectl get pods -A | grep -i minio
 
echo "===== NEXTCLOUD CR =====" && kubectl -n tenant-sample get nextcloud nextcloud-sample -o yaml | grep -A5 conditions
echo "===== SAML/OIDC CLIENTS =====" && kubectl -n tenant-sample get samlclient,oidcclient
echo "===== KEYCLOAK CR =====" && kubectl -n tenant-sample get keycloak
 
echo "===== SERVICES (tenant-sample) =====" && kubectl -n tenant-sample get svc
echo "===== SERVICES (libresh-system) =====" && kubectl -n libresh-system get svc
echo "===== SERVICES (minio) =====" && kubectl get svc -A | grep -i minio
 
echo "===== POSTGRES =====" && kubectl -n tenant-sample get postgres
echo "===== REDIS =====" && kubectl -n tenant-sample get redis
echo "===== BUCKETS =====" && kubectl -n tenant-sample get bucket
echo "===== PVCs =====" && kubectl -n tenant-sample get pvc && kubectl -n libresh-system get pvc
 
echo "===== INGRESSES =====" && kubectl get ingress -A
echo "===== CLUSTERISSUERS =====" && kubectl get clusterissuer
echo "===== CERTIFICATES =====" && kubectl get certificate -A
 
echo "===== LIBRESH-CONFIG (decoded) =====" \
  && kubectl -n libresh-system get secret libresh-config \
     -o jsonpath='{.data.object-storage\.yml}' | base64 -d \
  && echo "---" \
  && kubectl -n libresh-system get secret libresh-config \
     -o jsonpath='{.data.keycloak\.yml}' | base64 -d
 
echo "===== BUCKET SECRET =====" \
  && kubectl -n tenant-sample get secret nextcloud-sample--nc.bucket.libre.sh \
     -o jsonpath='{.data}' | python3 -c \
     "import sys,json,base64; d=json.load(sys.stdin); \
     [print(k+':', base64.b64decode(v).decode()) for k,v in d.items()]"
 
echo "===== MINIO CONNECTIVITY (from operator) =====" \
  && MINIO_SVC=$(kubectl get svc -A | grep -i 'minio' | grep -v 'operator\|console\|hl' | awk '{print $2 "." $1}' | head -1) \
  && echo "MinIO service: $MINIO_SVC" \
  && MINIO_IP=$(kubectl get svc -A | grep -i 'minio' | grep -v 'operator\|console\|hl' | awk '{print $4}' | head -1) \
  && echo "MinIO ClusterIP: $MINIO_IP"
 
echo "===== FLUX KUSTOMIZATIONS =====" && flux -n libresh-system get kustomizations
echo "===== RECENT EVENTS =====" && kubectl -n tenant-sample get events --sort-by=.lastTimestamp | tail -20

Vue Graphique