hjacobs/kube-janitor

Not iterating over all namespaces

ghostsquad opened this issue · 2 comments

ghostsquad commented

It looks like this is not iterating over all namespaces.

I see this

[kube-janitor-7cc797f987-5pgjz] 2020-05-04 00:26:44,482 INFO: Clean up run completed: resources-processed=3012

and looking over the previous logs, it just looked at resources in the namespace it's deployed in (kube-system)

apiVersion: apps/v1
kind: Deployment
metadata:
  labels:
    app: kube-janitor
    version: 20.4.0
  name: kube-janitor
  namespace: kube-system
spec:
  replicas: 1
  selector:
    matchLabels:
      app: kube-janitor
  template:
    metadata:
      labels:
        app: kube-janitor
        version: 20.4.0
    spec:
      containers:
      - args:
        - --dry-run
        - --debug
        - --interval=60
        image: hjacobs/kube-janitor:20.4.0
        name: janitor
        resources:
          limits:
            cpu: 500m
            memory: 110Mi
          requests:
            cpu: 5m
            memory: 100Mi
        securityContext:
          readOnlyRootFilesystem: true
          runAsNonRoot: true
          runAsUser: 1000
      serviceAccountName: kube-janitor
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  labels:
    app: kube-janitor
  name: kube-janitor
rules:
- apiGroups:
  - ""
  resources:
  - events
  verbs:
  - create
- apiGroups:
  - '*'
  resources:
  - '*'
  verbs:
  - get
  - watch
  - list
  - delete

Not sure why

ghostsquad commented 
[kube-janitor-7cc797f987-5pgjz] 2020-05-04 01:14:49,930 DEBUG: Starting new HTTPS connection (1): 172.20.0.1
[kube-janitor-7cc797f987-5pgjz] 2020-05-04 01:14:49,941 DEBUG: https://172.20.0.1:443 "GET /api/v1/namespaces HTTP/1.1" 200 None
[kube-janitor-7cc797f987-5pgjz] 2020-05-04 01:14:49,943 DEBUG: Skipping Namespace kube-system
[kube-janitor-7cc797f987-5pgjz] 2020-05-04 01:14:49,945 DEBUG: https://172.20.0.1:443 "GET /api/v1/ HTTP/1.1" 200 None
[kube-janitor-7cc797f987-5pgjz] 2020-05-04 01:14:49,973 DEBUG: https://172.20.0.1:443 "GET /api/v1/configmaps HTTP/1.1" 200 None
[kube-janitor-7cc797f987-5pgjz] 2020-05-04 01:14:49,986 DEBUG: Skipping ConfigMap kube-system/aws-auth
...
ghostsquad commented

The logs are a bit misleading it seems.. possibly related to #36

It explicitly logs what it's skipping, but doesn't log what it's iterating over (even with the --debug flag set)