Home

Awesome

kube-lineage

build release kubernetes compatibility helm compatibility license

A CLI tool to display all dependencies or dependents of an object in a Kubernetes cluster.

Usage

$ kube-lineage clusterrole system:metrics-server --output=wide
NAMESPACE     NAME                                                               READY   STATUS    AGE   RELATIONSHIPS
              ClusterRole/system:metrics-server                                  -                 30m   []
              └── ClusterRoleBinding/system:metrics-server                       -                 30m   [ClusterRoleBindingRole]
kube-system       └── ServiceAccount/metrics-server                              -                 30m   [ClusterRoleBindingSubject]
kube-system           ├── Pod/metrics-server-7b4f8b595-8m7rz                     1/1     Running   30m   [PodServiceAccount]
kube-system           │   └── Service/metrics-server                             -                 30m   [Service]
                      │       ├── APIService/v1beta1.metrics.k8s.io              True              30m   [APIService]
kube-system           │       └── EndpointSlice.discovery/metrics-server-wb2cm   -                 30m   [ControllerReference OwnerReference]
kube-system           └── Secret/metrics-server-token-nqw85                      -                 30m   [ServiceAccountSecret]
kube-system               └── Pod/metrics-server-7b4f8b595-8m7rz                 1/1     Running   30m   [PodVolume]

Use either the --dependencies or -D flag to show dependencies instead of dependents

$ kube-lineage pod coredns-5cc79d4bf5-xgvkc --dependencies
NAMESPACE     NAME                                                                   READY   STATUS         AGE
kube-system   Pod/coredns-5cc79d4bf5-xgvkc                                           1/1     Running        30m
              ├── Node/k3d-server                                                    True    KubeletReady   30m
              ├── PodSecurityPolicy/system-unrestricted-psp                          -                      30m
kube-system   ├── ConfigMap/coredns                                                  -                      30m
kube-system   ├── ReplicaSet/coredns-5cc79d4bf5                                      1/1                    30m
kube-system   │   └── Deployment/coredns                                             1/1                    30m
kube-system   ├── Secret/coredns-token-6vsx4                                         -                      30m
kube-system   │   └── ServiceAccount/coredns                                         -                      30m
              │       ├── ClusterRoleBinding/system:basic-user                       -                      30m
              │       │   └── ClusterRole/system:basic-user                          -                      30m
              │       ├── ClusterRoleBinding/system:coredns                          -                      30m
              │       │   └── ClusterRole/system:coredns                             -                      30m
              │       ├── ClusterRoleBinding/system:discovery                        -                      30m
              │       │   └── ClusterRole/system:discovery                           -                      30m
              │       ├── ClusterRoleBinding/system:public-info-viewer               -                      30m
              │       │   └── ClusterRole/system:public-info-viewer                  -                      30m
kube-system   │       └── RoleBinding/system-unrestricted-svc-acct-psp-rolebinding   -                      30m
              │           └── ClusterRole/system-unrestricted-psp-role               -                      30m
              │               └── PodSecurityPolicy/system-unrestricted-psp          -                      30m
kube-system   └── ServiceAccount/coredns                                             -                      30m

Use the helm subcommand to display Helm release resources & optionally their respective dependents in a Kubernetes cluster.

$ kube-lineage helm kube-state-metrics -n monitoring-system
helm kube-state-metrics -n monitoring-system
NAMESPACE           NAME                                                             READY   STATUS     AGE
monitoring-system   kube-state-metrics                                               True    Deployed   25m
                    ├── ClusterRole/kube-state-metrics                               -                  25m
                    │   └── ClusterRoleBinding/kube-state-metrics                    -                  25m
monitoring-system   │       └── ServiceAccount/kube-state-metrics                    -                  25m
monitoring-system   │           ├── Pod/kube-state-metrics-7dff544777-jb2q2          1/1     Running    25m
monitoring-system   │           │   └── Service/kube-state-metrics                   -                  25m
monitoring-system   │           │       └── EndpointSlice/kube-state-metrics-rq8wk   -                  25m
monitoring-system   │           └── Secret/kube-state-metrics-token-bsr4q            -                  25m
monitoring-system   │               └── Pod/kube-state-metrics-7dff544777-jb2q2      1/1     Running    25m
                    ├── ClusterRoleBinding/kube-state-metrics                        -                  25m
monitoring-system   ├── Deployment/kube-state-metrics                                1/1                25m
monitoring-system   │   └── ReplicaSet/kube-state-metrics-7dff544777                 1/1                25m
monitoring-system   │       └── Pod/kube-state-metrics-7dff544777-jb2q2              1/1     Running    25m
monitoring-system   ├── Secret/sh.helm.release.v1.kube-state-metrics.v1              -                  25m
monitoring-system   ├── Service/kube-state-metrics                                   -                  25m
monitoring-system   └── ServiceAccount/kube-state-metrics

$ kube-lineage helm traefik --depth 1 --label-columns app.kubernetes.io/managed-by --label-columns owner
NAMESPACE     NAME                                       READY   STATUS     AGE   MANAGED-BY   OWNER
kube-system   traefik                                    True    Deployed   30m
              ├── ClusterRole/traefik                    -                  30m   Helm
              ├── ClusterRoleBinding/traefik             -                  30m   Helm
kube-system   ├── ConfigMap/traefik                      -                  30m   Helm
kube-system   ├── ConfigMap/traefik-test                 -                  30m   Helm
kube-system   ├── Deployment/traefik                     1/1                30m   Helm
kube-system   ├── Secret/sh.helm.release.v1.traefik.v1   -                  30m                helm
kube-system   ├── Secret/traefik-default-cert            -                  30m   Helm
kube-system   ├── Service/traefik                        -                  30m   Helm
kube-system   ├── Service/traefik-prometheus             -                  30m   Helm
kube-system   └── ServiceAccount/traefik                 -                  30m   Helm

Use either the split or split-wide output format to display resources grouped by their type.

$ kube-lineage deploy/coredns --output=split --show-group
NAME                      READY   UP-TO-DATE   AVAILABLE   AGE
deployment.apps/coredns   3/3     3            3           30m

NAME                                            ADDRESSTYPE   PORTS        ENDPOINTS                          AGE
endpointslice.discovery.k8s.io/kube-dns-mz9bw   IPv4          53,9153,53   10.42.0.24,10.42.0.26,10.42.0.27   30m

NAME                           READY   STATUS    RESTARTS   AGE
pod/coredns-5cc79d4bf5-xgvkc   1/1     Running   0          30m
pod/coredns-5cc79d4bf5-rjc7d   1/1     Running   0          30m
pod/coredns-5cc79d4bf5-tt2zl   1/1     Running   0          30m

NAME                                 DESIRED   CURRENT   READY   AGE
replicaset.apps/coredns-5cc79d4bf5   3         3         3       30m

NAME               TYPE        CLUSTER-IP   EXTERNAL-IP   PORT(S)                  AGE
service/kube-dns   ClusterIP   10.43.0.10   <none>        53/UDP,53/TCP,9153/TCP   30m

Flags

Flags for configuring relationship discovery parameters

FlagDescription
--all-namespaces, -AIf present, list object relationships across all namespaces
--dependencies, -DIf present, list object dependencies instead of dependents. <br/> Not supported in helm subcommand
--depth, -dMaximum depth to find relationships
--exclude-typesAccepts a comma separated list of resource types to exclude from relationship discovery. <br/> You can also use multiple flag options like --exclude-types type1 --exclude-types type2...
--include-typesAccepts a comma separated list of resource types to only include in relationship discovery. <br/> You can also use multiple flag options like --include-types type1 --include-types type2...
--scopes, -SAccepts a comma separated list of additional namespaces to find relationships. <br/> You can also use multiple flag options like -S namespace1 -S namespace2...

Flags for configuring output format

FlagDescription
--output, -oOutput format. One of: wide | split | split-wide
--label-columns, -LAccepts a comma separated list of labels that are going to be presented as columns. <br/> You can also use multiple flag options like -L label1 -L label2...
--no-headersWhen using the default output format, don't print headers
--show-groupIf present, include the resource group for the requested object(s)
--show-labelWhen printing, show all labels as the last column
--show-namespaceWhen printing, show namespace as the first column

Use the following commands to view the full list of supported flags

$ kube-lineage --help
$ kube-lineage helm --help

Supported Relationships

List of supported relationships used for discovering dependent objects:

Installation

Install via krew

$ kubectl krew install lineage

$ kubectl lineage --version

Install from Source

$ git clone git@github.com:tohjustin/kube-lineage.git && cd kube-lineage
$ make install

$ kube-lineage --version

Prior Art

kube-lineage has been inspired by the following projects: