Cleaning all(any) Pods older than *n days
Cleaning Pod is a pretty simple job by running the command kubectl delete pod --field-selector=status.phase==Succeeded but when the kubernetes cluster size is big and there are too many contributors, even deleting needs engineering!
A very simple utility to delete pods. Its designed as a cron job
Delete all Succeeded or Failed pods @ 11:00 am everyday
apiVersion: batch/v1
kind: CronJob
metadata:
name: podcleaner
namespace: default
labels:
app: podcleaner
spec:
schedule: "0 11 * * *"
failedJobsHistoryLimit: 5
successfulJobsHistoryLimit: 10
jobTemplate:
spec:
template:
spec:
restartPolicy: OnFailure
containers:
- name: podcleaner
imagePullPolicy: IfNotPresent
image: buntha/podcleaner:0.2
env:
- name: MAX_DAYS
value: "2"
- name: POD_STATUS
value: "Succeeded, Failed"
- name: K8S_CONFIG
value: "incluster"
- name: NAMESPACE
value: "default"- MAX_DAYS : Number of Days since the pod state
- POD_STATUS: Succeeded, Failed, Running
- NAMESPACE: Pass the desired namespace or all
- K8S_CONFIG: incluster or anything
This tiny project is fully inspired by https://github.com/dignajar/clean-pods but due to the kubernetes upgrade, the project is no more working, so I needed to change and create a new library.
Service account for the namespace demo with enoght permissions to list and delete pods.
Manifest service-account.yaml
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: demo-user
namespace: demo
---
kind: Role
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: demo-user-role
namespace: demo
rules:
- apiGroups: [""]
resources: ["pods","pods/exec","pods/log"]
verbs: ["*"]
---
kind: RoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: demo-user
namespace: demo
subjects:
- kind: ServiceAccount
name: demo-user
namespace: demo
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: demo-user-role