2019-06-15 22:38:05 +00:00
|
|
|
rules:
|
2019-06-16 00:25:47 +00:00
|
|
|
- name: kubernetes-resources
|
2019-06-16 00:43:01 +00:00
|
|
|
desc: containers must have complete resources specified
|
2019-06-15 22:38:05 +00:00
|
|
|
level: info
|
|
|
|
tags:
|
|
|
|
- cluster-health
|
|
|
|
- important
|
|
|
|
|
2019-06-16 00:25:47 +00:00
|
|
|
select: '$.spec.template.spec.containers[*]'
|
|
|
|
filter:
|
|
|
|
type: object
|
2019-06-15 22:38:05 +00:00
|
|
|
|
2019-06-16 00:25:47 +00:00
|
|
|
check:
|
2019-06-15 22:38:05 +00:00
|
|
|
type: object
|
|
|
|
additionalProperties: true
|
|
|
|
required: [resources]
|
|
|
|
properties:
|
|
|
|
resources:
|
|
|
|
type: object
|
|
|
|
required: [limits, requests]
|
|
|
|
properties:
|
|
|
|
limits:
|
|
|
|
type: object
|
|
|
|
required: [cpu, memory]
|
|
|
|
properties:
|
2019-06-16 01:53:20 +00:00
|
|
|
cpu: &resources-cpu
|
|
|
|
oneOf:
|
|
|
|
- type: number
|
|
|
|
- type: string
|
|
|
|
pattern: "[1-9][0-9]*m"
|
|
|
|
memory: &resources-memory
|
|
|
|
oneOf:
|
|
|
|
- type: number
|
|
|
|
- type: string
|
|
|
|
pattern: "[1-9][0-9]*[KMG]i"
|
2019-06-15 22:38:05 +00:00
|
|
|
requests:
|
|
|
|
type: object
|
|
|
|
required: [cpu, memory]
|
|
|
|
properties:
|
2019-06-16 01:53:20 +00:00
|
|
|
cpu: *resources-cpu
|
|
|
|
memory: *resources-memory
|
2019-06-16 00:25:47 +00:00
|
|
|
|
|
|
|
- name: kubernetes-resources-minimum-cpu
|
|
|
|
desc: resource limits are too low
|
|
|
|
level: debug
|
|
|
|
tags:
|
|
|
|
- optional
|
|
|
|
|
|
|
|
select: '$.spec.template.spec.containers[*].resources'
|
|
|
|
filter:
|
|
|
|
type: object
|
|
|
|
properties:
|
|
|
|
limits:
|
|
|
|
type: object
|
|
|
|
properties:
|
|
|
|
cpu:
|
|
|
|
type: string
|
|
|
|
pattern: "[0-9]{1,3}m"
|
|
|
|
|
|
|
|
check:
|
|
|
|
type: object
|
|
|
|
properties:
|
|
|
|
limits:
|
|
|
|
type: object
|
|
|
|
properties:
|
|
|
|
cpu:
|
|
|
|
type: string
|
2019-06-16 01:53:39 +00:00
|
|
|
pattern: "[0-9]{3}m"
|
|
|
|
|
|
|
|
- name: kubernetes-deployment-replicas
|
|
|
|
desc: deployments must specify a replica count
|
|
|
|
level: info
|
|
|
|
tags:
|
|
|
|
- important
|
|
|
|
|
|
|
|
select: '$'
|
|
|
|
filter:
|
|
|
|
type: object
|
|
|
|
properties:
|
|
|
|
kind:
|
|
|
|
type: string
|
|
|
|
const: Deployment
|
|
|
|
|
|
|
|
check:
|
|
|
|
type: object
|
|
|
|
properties:
|
|
|
|
spec:
|
|
|
|
type: object
|
|
|
|
properties:
|
|
|
|
replica:
|
|
|
|
type: number
|
|
|
|
minimum: 1
|