From d04be6972d71f838b63cffeb6d27cb17ca73dfc5 Mon Sep 17 00:00:00 2001 From: Carlos Mendible Date: Mon, 11 Oct 2021 18:25:55 +0200 Subject: [PATCH 1/3] Query to check if Pods have Resources or Limits --- ...Check if Pods have Resources or Limits.kql | 44 +++++++++++++++++++ 1 file changed, 44 insertions(+) create mode 100644 Azure Services/Kubernetes services/Queries/Diagnostics/Check if Pods have Resources or Limits.kql diff --git a/Azure Services/Kubernetes services/Queries/Diagnostics/Check if Pods have Resources or Limits.kql b/Azure Services/Kubernetes services/Queries/Diagnostics/Check if Pods have Resources or Limits.kql new file mode 100644 index 00000000..70235de7 --- /dev/null +++ b/Azure Services/Kubernetes services/Queries/Diagnostics/Check if Pods have Resources or Limits.kql @@ -0,0 +1,44 @@ +// Author: Microsoft Azure +// Display name: Check if Pods have Resources or Limits +// Description: Check if Pods have Resources or Limits. +// Categories: Containers,Azure Resources +// Resource types: Kubernetes services +// Solutions: ContainerInsights +// Topic: Diagnostics + +let podCounters = Perf + | where ObjectName == 'K8SContainer' and (CounterName == 'cpuLimitNanoCores' or CounterName == 'cpuRequestNanoCores' or CounterName == 'memoryLimitBytes' or CounterName == 'memoryRequestBytes') + | summarize d = make_bag(pack(CounterName, CounterValue)) by InstanceName + | evaluate bag_unpack(d); +let podResourcesAndLimits = podCounters + | extend InstanceNameParts = split(InstanceName, "/") + | extend PodUI = tostring(InstanceNameParts[(array_length(InstanceNameParts)-2)]) + | extend PodName = tostring(InstanceNameParts[(array_length(InstanceNameParts)-1)]) + | project PodUI, PodName, cpuLimitNanoCores, cpuRequestNanoCores, memoryLimitBytes, memoryRequestBytes; +let nodeCounters = Perf + | where ObjectName == "K8SNode" and (CounterName == 'cpuAllocatableNanoCores' or CounterName == 'cpuCapacityNanoCores' or CounterName == 'memoryAllocatableBytes' or CounterName == 'memoryCapacityBytes') + | summarize d = make_bag(pack(CounterName, CounterValue)) by InstanceName + | evaluate bag_unpack(d); +let nodeCapacity = nodeCounters + | extend InstanceNameParts = split(InstanceName, "/") + | extend Computer = tostring(InstanceNameParts[(array_length(InstanceNameParts)-1)]) + | project-away InstanceNameParts, InstanceName; +KubePodInventory + | distinct ClusterName, Computer, Namespace, ContainerName + | extend InstanceNameParts = split(ContainerName, "/") + | extend PodUI = tostring(InstanceNameParts[(array_length(InstanceNameParts)-2)]) + | extend PodName = tostring(InstanceNameParts[(array_length(InstanceNameParts)-1)]) + | project ClusterName, Computer, Namespace, PodUI, PodName + | join kind= leftouter (nodeCapacity) on Computer + | join kind= leftouter (podResourcesAndLimits) on PodUI, PodName + // Pods without CPU Requests. If container cpu resource requests are not specified, cpuRequestNanoCores metric will not be collected + | extend CPURequests = isnotnull(cpuRequestNanoCores) + // Pods without CPU Limits. If container resource limits are not specified, node's capacity will be rolled-up as container's limit + | extend CPULimits = cpuAllocatableNanoCores != cpuLimitNanoCores + // Pods without Memory Requests. If container memory resource requests are not specified, memoryRequestBytes metric will not be collected + | extend MemoryRequests = isnotnull(memoryRequestBytes) + // Pods without Memory Limits. If container resource limits are not specified, node's capacity will be rolled-up as container's limit + | extend MemoryLimits = memoryAllocatableBytes != memoryLimitBytes + | distinct ClusterName, Namespace, PodName, CPURequests, CPULimits, MemoryRequests, MemoryLimits + | where not(CPURequests) or not(CPULimits) or not(MemoryRequests) or not(MemoryLimits) + | project ClusterName, Namespace, PodName, CPURequests, CPULimits, MemoryRequests, MemoryLimits From 35d79b69e1b18ab41e52227ce435a31335f58fba Mon Sep 17 00:00:00 2001 From: Carlos Mendible Date: Sat, 16 Oct 2021 02:01:26 +0200 Subject: [PATCH 2/3] Fixed name --- ...mits.kql => Check if Pods have Requests or Limits.kql} | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) rename Azure Services/Kubernetes services/Queries/Diagnostics/{Check if Pods have Resources or Limits.kql => Check if Pods have Requests or Limits.kql} (93%) diff --git a/Azure Services/Kubernetes services/Queries/Diagnostics/Check if Pods have Resources or Limits.kql b/Azure Services/Kubernetes services/Queries/Diagnostics/Check if Pods have Requests or Limits.kql similarity index 93% rename from Azure Services/Kubernetes services/Queries/Diagnostics/Check if Pods have Resources or Limits.kql rename to Azure Services/Kubernetes services/Queries/Diagnostics/Check if Pods have Requests or Limits.kql index 70235de7..fc48f55c 100644 --- a/Azure Services/Kubernetes services/Queries/Diagnostics/Check if Pods have Resources or Limits.kql +++ b/Azure Services/Kubernetes services/Queries/Diagnostics/Check if Pods have Requests or Limits.kql @@ -1,6 +1,6 @@ // Author: Microsoft Azure -// Display name: Check if Pods have Resources or Limits -// Description: Check if Pods have Resources or Limits. +// Display name: Check if Pods have Requests or Limits +// Description: Check if Pods have Requests or Limits. // Categories: Containers,Azure Resources // Resource types: Kubernetes services // Solutions: ContainerInsights @@ -10,7 +10,7 @@ let podCounters = Perf | where ObjectName == 'K8SContainer' and (CounterName == 'cpuLimitNanoCores' or CounterName == 'cpuRequestNanoCores' or CounterName == 'memoryLimitBytes' or CounterName == 'memoryRequestBytes') | summarize d = make_bag(pack(CounterName, CounterValue)) by InstanceName | evaluate bag_unpack(d); -let podResourcesAndLimits = podCounters +let podRequestsAndLimits = podCounters | extend InstanceNameParts = split(InstanceName, "/") | extend PodUI = tostring(InstanceNameParts[(array_length(InstanceNameParts)-2)]) | extend PodName = tostring(InstanceNameParts[(array_length(InstanceNameParts)-1)]) @@ -30,7 +30,7 @@ KubePodInventory | extend PodName = tostring(InstanceNameParts[(array_length(InstanceNameParts)-1)]) | project ClusterName, Computer, Namespace, PodUI, PodName | join kind= leftouter (nodeCapacity) on Computer - | join kind= leftouter (podResourcesAndLimits) on PodUI, PodName + | join kind= leftouter (podRequestsAndLimits) on PodUI, PodName // Pods without CPU Requests. If container cpu resource requests are not specified, cpuRequestNanoCores metric will not be collected | extend CPURequests = isnotnull(cpuRequestNanoCores) // Pods without CPU Limits. If container resource limits are not specified, node's capacity will be rolled-up as container's limit From a137ed7df15ddbd184c21414ef828e79bded22e9 Mon Sep 17 00:00:00 2001 From: cmendible Date: Mon, 28 Mar 2022 15:07:17 +0200 Subject: [PATCH 3/3] Changed display name and description --- ...ts.kql => Detect Pods with missing Requests or Limits.kql} | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) rename Azure Services/Kubernetes services/Queries/Diagnostics/{Check if Pods have Requests or Limits.kql => Detect Pods with missing Requests or Limits.kql} (96%) diff --git a/Azure Services/Kubernetes services/Queries/Diagnostics/Check if Pods have Requests or Limits.kql b/Azure Services/Kubernetes services/Queries/Diagnostics/Detect Pods with missing Requests or Limits.kql similarity index 96% rename from Azure Services/Kubernetes services/Queries/Diagnostics/Check if Pods have Requests or Limits.kql rename to Azure Services/Kubernetes services/Queries/Diagnostics/Detect Pods with missing Requests or Limits.kql index fc48f55c..ad3205d2 100644 --- a/Azure Services/Kubernetes services/Queries/Diagnostics/Check if Pods have Requests or Limits.kql +++ b/Azure Services/Kubernetes services/Queries/Diagnostics/Detect Pods with missing Requests or Limits.kql @@ -1,6 +1,6 @@ // Author: Microsoft Azure -// Display name: Check if Pods have Requests or Limits -// Description: Check if Pods have Requests or Limits. +// Display name: Detect Pods with missing Requests or Limits +// Description: Detect Pods with missing Requests or Limits. // Categories: Containers,Azure Resources // Resource types: Kubernetes services // Solutions: ContainerInsights