Kubernetes OS Server - Kubernetes Extension API server exposing OS configuration like sysctl via Kubernetes API

Related tags

DevOps Tools koss
Overview

KOSS - Kubernetes OS Server

KOSS is a Extension API Server which exposes OS properties and functionality using Kubernetes API, so it can be accessed using e.g. kubectl.

At the moment this is highly experimental and only managing sysctl is supported. To make things actually usable, you must run KOSS binary as root on the machine you will be managing.

Managing multiple machines is not supported and not planned.

KOSS also do not use any of libraries to build Kubernetes API, but builts it's absolute minimal version from scratch, which is most likely missing many features.

Listing, getting and editing sysctl is only working functionality.

KOSS exposes API over HTTPS using self-signed X.509 certificate generated on the fly on server start.

Testing

To test it out, modify manifest.yaml YAML file and set externalName field to IP where KOSS will be available under right now hardcoded port 8443.

Then, apply this manifest on your cluster using e.g. kubectl apply -f command.

Now, you should be able to read your sysctl values using kubectl get sysctl like on example below:

$ kubectl get sysctl | head
NAME                                 VALUE
abi.vsyscall32                       1
debug.exception-trace                1
debug.kprobes-optimization           1
dev.hpet.max-user-freq               64
dev.i915.oa_max_sample_rate          100000
dev.i915.perf_stream_paranoid        1
dev.mac_hid.mouse_button2_keycode    97
dev.mac_hid.mouse_button3_keycode    100
dev.mac_hid.mouse_button_emulation   0

You can also write values using kubectl patch or kubectl edit:

kubectl patch sysctl vm.overcommit_ratio -p '{"value":"50"}'

As well as by applying a specific manifest:

cat <<EOF | kubectl apply -f-
apiVersion: koss.invidian.github.io/v1alpha1
kind: Sysctl
metadata:
  name: vm.overcommit_ratio
value: "50"
EOF

Testing standalone (without Aggregation API Server)

For simplicity, when starting KOSS, it will write a kubeconfig file in current working directory, so you can use it to directly communicate with Extension API server, without a need for regular API server.

Note, that when in this mode, only kubectl get and kubectl patch will work. kubectl apply, kubectl edit or kubectl create will fail right now. This limitation might be addressed in the future.

To use created kubeconfig, run the command below in directory when you started KOSS:

export KUBECONFIG=$(pwd)/kubeconfig
You might also like...
⚙️ A k6 extension for Tarantool

xk6-tarantool This is a k6 extension using the xk6 system. ❗ This is a proof of concept, isn't supported by the k6 team, and may break in the future.

k6 prometheus output extension

xk6-prometheus A k6 extension implements Prometheus HTTP exporter as k6 output extension. Using xk6-prometheus output extension you can collect metric

General Pod Autoscaler(GPA) is a extension for K8s HPA, which can be used not only for serving, also for game.
General Pod Autoscaler(GPA) is a extension for K8s HPA, which can be used not only for serving, also for game.

Introduction General Pod Autoscaler(GPA) is a extension for K8s HPA, which can be used not only for serving, also for game. Features Compatible with a

A plugin for running Open Policy Agent (OPA) in AWS Lambda as a Lambda Extension.

opa-lambda-extension-plugin A custom plugin for running Open Policy Agent (OPA) in AWS Lambda as a Lambda Extension. To learn more about how Lambda Ex

k6 extension for InfluxDB v2

xk6-output-influxdb k6 extension for InfluxDB v2, it adds the support for the latest v2 version and the compatibility API for v1.8+. Why is this outpu

K6 extension that adds support for browser automation and end-to-end web testing using playwright-go
K6 extension that adds support for browser automation and end-to-end web testing using playwright-go

k6 extension that adds support for browser automation and end-to-end web testing using playwright-go

This is a K6 extension to be able to test using NATS protocol
This is a K6 extension to be able to test using NATS protocol

xk6-nats This is a k6 extension using the xk6 system, that allows to use NATS protocol. ❗ This is a proof of concept, isn't supported by the k6 team,

k6 extension to load test Apache Kafka with support for Avro messages and SASL Authentication

xk6-kafka This project is a k6 extension that can be used to load test Kafka, using a producer. Per each connection to Kafka, many messages can be sen

Owner
Mateusz Gozdek
Mateusz Gozdek
Helper sidecar for exposing Prometheus metrics as service

metrics-server-go Helper sidecar service for exposing prometheus metrics. Application expose endpoints to update defined metrics. Whats inside? The se

Sonu Jose 0 Feb 3, 2022
Netstat exporter - Prometheus exporter for exposing reserved ports and it's mapped process

Netstat exporter Prometheus exporter for exposing reserved ports and it's mapped

Amir Hamzah 0 Feb 3, 2022
Go package exposing a simple interface for executing commands, enabling easy mocking and wrapping of executed commands.

go-runner Go package exposing a simple interface for executing commands, enabling easy mocking and wrapping of executed commands. The Runner interface

Krystal 6 Jun 15, 2022
Flux is a tool for keeping Kubernetes clusters in sync with sources of configuration, and automating updates to configuration when there is new code to deploy.

Flux is a tool for keeping Kubernetes clusters in sync with sources of configuration (like Git repositories), and automating updates to configuration when there is new code to deploy.

Flux project 3.9k Sep 27, 2022
PolarDB-X Operator is a Kubernetes extension that aims to create and manage PolarDB-X cluster on Kubernetes.

GalaxyKube -- PolarDB-X Operator PolarDB-X Operator is a Kubernetes extension that aims to create and manage PolarDB-X cluster on Kubernetes. It follo

null 63 Sep 8, 2022
kubequery is a Osquery extension that provides SQL based analytics for Kubernetes clusters

kubequery powered by Osquery kubequery is a Osquery extension that provides SQL based analytics for Kubernetes clusters kubequery will be packaged as

Uptycs Inc 78 Sep 17, 2022
Client extension for interacting with Kubernetes clusters from your k6 tests.

⚠️ This is a proof of concept As this is a proof of concept, it won't be supported by the k6 team. It may also break in the future as xk6 evolves. USE

k6 19 Sep 8, 2022
Aws-secretsmanager-caching-extension - Cache server for AWS Secrets Manager

AWS Lambda Extension / Sidecar Container Cache Server The cache server is writte

CustomerGauge 6 Aug 12, 2022
A plugin for argo which behaves like I'd like

argocd-lovely-plugin An ArgoCD plugin to perform various manipulations in a sensible order to ultimately output YAML for Argo CD to put into your clus

null 89 Sep 27, 2022
network-node-manager is a kubernetes controller that controls the network configuration of a node to resolve network issues of kubernetes.

Network Node Manager network-node-manager is a kubernetes controller that controls the network configuration of a node to resolve network issues of ku

kakao 98 Sep 22, 2022