• Python based Kubernetes Resource (CPU and RAM) Limits REST Service
  • Quick Start
    • Ingress
  • Building
  • Pushing the build to a registry
• Testing
• References

Python based Kubernetes Resource (CPU and RAM) Limits REST Service

The is a Python application exposing a REST API that simplifies the collection of CPU and RAM Node stats from a Kubernetes cluster. This application is intended to be deployed inside a Kubernetes cluster

If you intend to use this project, you also have to install the Kubernetes Metrics Server in your target cluster.

This project is referred to in my blog with the first reference in the article of 2022-04-16.

Quick Start

Since this application is intended for running in a Kubernetes cluster, and a prebuilt image is available on Docker Hub, you can deploy this application quickly with the following commands:

kubectl create namespace pykles

kubectl apply -f https://raw.githubusercontent.com/nicc777/pykles/main/kubernetes_manifests/pykles.yaml -n pykles

Important: The default configuration above uses the equivalent of administrator privileges for the ServiceAccount.

To deploy the same applications with least privileged access, run the following command:

kubectl apply -f https://raw.githubusercontent.com/nicc777/pykles/main/kubernetes_manifests/pykles_least_privileged.yaml -n pykles

Ingress

Only expose the API service to the outside world if you use the least privileged configuration shown above.

Below is an example manifest that was tested with Traefik Proxy acting as Ingress Controller:

---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: pykles-ingress
  namespace: pykles
  annotations:
    kubernetes.io/ingress.class: traefik
    traefik.ingress.kubernetes.io/router.middlewares: pykles-pykles-stripprefix@kubernetescrd
spec:
  rules:
    - host: example.tld
      http:
        paths:
          - path: /pykles
            pathType: Prefix
            backend:
              service:
                name:  pykles-app-service
                port:
                  number: 8099
---
apiVersion: traefik.containo.us/v1alpha1
kind: Middleware
metadata:
  name: pykles-stripprefix
  namespace: pykles
spec:
  stripPrefix:
    prefixes:
    - /pykles
    forceSlash: false

Building

The Python application is build using Docker and can be done with the command below:

docker build --no-cache -t pykles .

Pushing the build to a registry

Create the following environment variables:

• REGISTRY_URL - contains the ECR or similar Docker container registry URL
• VERSION_TAG - The version number, for example 1.0
• APP_TAG - The application tag, for example node_explorer_rest
• LOCAL_IMAGE_ID - The ID of the local container image to use as reference

Get the latest image:

docker image list

Update the environment variable LOCAL_IMAGE_ID

Then tag and push:

docker tag $LOCAL_IMAGE_ID $REGISTRY_URL/$APP_TAG\:latest
docker tag $LOCAL_IMAGE_ID $REGISTRY_URL/$APP_TAG\:$VERSION_TAG
docker push $REGISTRY_URL/$APP_TAG\:latest
docker push $REGISTRY_URL/$APP_TAG\:$VERSION_TAG

Testing

Set the $INGRESS_DOMAIN to whatever the domain or IP address of your Ingress is. Then, to get the basic Node statistics, run:

curl -k https://$INGRESS_DOMAIN/pykles/

Note: The -k switch is just not to validate certificates. Adjust to suit your needs.

Other notable endpoints, relative to https://$INGRESS_DOMAIN/pykles URL:

• /probes - Point your readiness and liveness probes to this URL
• /pod-metrics - Presents POD metrics

References

Some other related information from around the Internet:

• The Python Client for Kubernetes (GitHub)
• The kubectl top command reference, which is a good command line alternative to get the same information