Skip to content
/ kor Public
forked from yonahd/kor

A Golang Tool to discover unused Kubernetes Resources

License

MIT license
0 stars 97 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

patricktalmeida/kor

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

65 Commits
.github
.github
 
 
cmd/kor
cmd/kor
 
 
images
images
 
 
pkg/kor
pkg/kor
 
 
.gitignore
.gitignore
 
 
.goreleaser.yml
.goreleaser.yml
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
go.mod
go.mod
 
 
go.sum
go.sum
 
 
main.go
main.go
 
 

Repository files navigation

GitHub go.mod Go version (subdirectory of monorepo) GitHub release (with filter)

Kor - Kubernetes Orphaned Resources Finder

Kor is a tool to discover unused Kubernetes resources. Currently, Kor can identify and list unused:

  • ConfigMaps
  • Secrets.
  • Services
  • ServiceAccounts
  • Deployments
  • StatefulSets
  • Roles
  • Hpas
  • Pvcs
  • Ingresses
  • Pdbs

Kor Screenshot

Installation

Download the binary for your operating system from the releases page and add it to your system's PATH.

For MacOS users, you can install Kor using Homebrew:

brew install kor

Usage

Kor provides various subcommands to identify and list unused resources. The available commands are:

  • all: Gets all unused resources for the specified namespace or all namespaces.
  • configmap: Gets unused configmaps for the specified namespace or all namespaces.
  • secret: Gets unused secrets for the specified namespace or all namespaces.
  • services: Gets unused services for the specified namespace or all namespaces.
  • serviceaccount: Gets unused service accounts for the specified namespace or all namespaces.
  • deployments: Gets unused service accounts for the specified namespace or all namespaces.
  • statefulsets: Gets unused service accounts for the specified namespace or all namespaces.
  • role: Gets unused roles for the specified namespace or all namespaces.
  • hpa: Gets unused hpa for the specified namespace or all namespaces.
  • pvc: Gets unused pvcs for the specified namespace or all namespaces.
  • ingress: Gets unused ingresses for the specified namespace or all namespaces.
  • pdb: Gets unused pdbs for the specified namespace or all namespaces.

Supported Flags

-e, --exclude-namespaces string   Namespaces to be excluded, splited by comma. Example: --exclude-namespace ns1,ns2,ns3. If --include-namespace is set, --exclude-namespaces will be ignored.
-h, --help                        help for kor
-n, --include-namespaces string   Namespaces to run on, splited by comma. Example: --include-namespace ns1,ns2,ns3. 
-k, --kubeconfig string           Path to kubeconfig file (optional)
    --output string               Output format (table or json) (default "table")

To use a specific subcommand, run kor [subcommand] [flags].

kor all --namespace my-namespace

For more information about each subcommand and its available flags, you can use the --help flag.

kor [subcommand] --help

Supported resources and limitations

Resource What it looks for Known False Positives ⚠️
Configmaps Configmaps not used in the following places:
- Pods
- Containers
- Configmaps used through volumes
- Configmaps used through environment variables		 Configmaps used by resources which don't explicitly state them in the config.
e.g Grafana dashboards loaded dynamically opa policies fluentd configs
Secrets Secrets not used in the following places:
- Pods
- Containers
- Secrets used through volumes
- Secrets used through environment variables
- Secrets used by ingress TLS
-Secrets used by ServiceAccounts		 Secrets used by resources which don't explicitly state them in the config
Services Services with no endpoints
Deployments Deployments with 0 Replicas
ServiceAccounts ServiceAccounts unused by pods
ServiceAccounts unused by roleBinding or clusterRoleBinding
StatefulSets Statefulsets with 0 Replicas
Roles Roles not used in roleBinding
Pvcs Pvcs not used in pods
Ingresses Ingresses not pointing at any service.
Hpas Hpas not used in Deployments
Hpas not used in StatefulSets
Pdbs Pdbs not used in Deployments
Pdbs not used in StatefulSets

Ignore Resources

The resources labeled with "kor/used = true" will be ignored by kor even if they are unused. You can add this label to resources you want to ignore.

Import Option

You can also use kor as a Go library to programmatically discover unused resources. By importing the github.com/yonahd/kor/pkg/kor package, you can call the relevant functions to retrieve unused resources. The library provides the option to get the results in JSON format by specifying the outputFormat parameter.

import (
    "github.com/yonahd/kor/pkg/kor"
)



func main() {
    myNamespaces := kor.IncludeExcludeLists{
        IncludeListStr: "my-namespace1, my-namespace2",
    }
    outputFormat := "json" // Set to "json" for JSON output

    if outputFormat == "json" {
        jsonResponse, err := kor.GetUnusedDeploymentsStructured(myNamespaces, kubeconfig, "json")
        if err != nil {
            // Handle error
        }
        // Process the JSON response
        // ...
    } else {
        kor.GetUnusedDeployments(namespace)
    }
}

Contributing

Contributions are welcome! If you encounter any bugs or have suggestions for improvements, please open an issue in the issue tracker.

License

This project is open-source and available under the MIT License. Feel free to use, modify, and distribute it as per the terms of the license.

About

A Golang Tool to discover unused Kubernetes Resources

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • Go 100.0%