helm_charthelm_releasehelm_templatehelm_template_renderedhelm_valuekubernetes_cluster_rolekubernetes_cluster_role_bindingkubernetes_config_mapkubernetes_cronjobkubernetes_custom_resource_definitionkubernetes_daemonsetkubernetes_deploymentkubernetes_endpointkubernetes_endpoint_slicekubernetes_eventkubernetes_horizontal_pod_autoscalerkubernetes_ingresskubernetes_jobkubernetes_limit_rangekubernetes_namespacekubernetes_network_policykubernetes_nodekubernetes_persistent_volumekubernetes_persistent_volume_claimkubernetes_podkubernetes_pod_disruption_budgetkubernetes_pod_security_policykubernetes_pod_templatekubernetes_replicasetkubernetes_replication_controllerkubernetes_resource_quotakubernetes_rolekubernetes_role_bindingkubernetes_secretkubernetes_servicekubernetes_service_accountkubernetes_stateful_setkubernetes_storage_classkubernetes_{custom_resource_singular_name}
Table: kubernetes_service - Query Kubernetes Services using SQL
Kubernetes Service is a resource within Kubernetes that is used to expose an application running on a set of Pods. The set of Pods targeted by a Service is determined by a Label Selector. It provides the abstraction of a logical set of Pods and a policy by which to access them, often referred to as micro-services.
Table Usage Guide
The kubernetes_service table offers insights into the services within a Kubernetes cluster. As a DevOps engineer, you can probe service-specific details through this table, including service configurations, status, and associated metadata. Use it to discover information about services, such as those with specific selectors, the type of service, and the ports exposed by the service.
Examples
Basic Info - kubectl describe service --all-namespaces columns
Analyze the settings of your Kubernetes services to understand their organization and longevity. This query is useful for gaining insights into how your services are distributed across namespaces, their types, and how long they have been active.
select name, namespace, type, cluster_ip, age(current_timestamp, creation_timestamp)from kubernetes_serviceorder by namespace, name;select name, namespace, type, cluster_ip, strftime('%s', 'now') - strftime('%s', creation_timestamp) as agefrom kubernetes_serviceorder by namespace, name;List manifest resources
Analyze the settings to understand the distribution of resources within a Kubernetes cluster. This can help to identify instances where resources are not properly allocated, improving the efficiency of the cluster.
select name, namespace, type, cluster_ip, pathfrom kubernetes_servicewhere path is not nullorder by namespace, name;select name, namespace, type, cluster_ip, pathfrom kubernetes_servicewhere path is not nullorder by namespace, name;Query examples
- cluster_services_count
- deployments_for_service
- ingresses_for_service
- namespace_service_count
- namespace_service_table
- pods_for_service
- replicasets_for_service
- service_1_year_count
- service_24_hours_count
- service_30_90_days_count
- service_30_days_count
- service_90_365_days_count
- service_age_table
- service_annotations
- service_by_context
- service_by_context_name
- service_by_creation_month
- service_by_namespace
- service_by_type
- service_count
- service_default_namespace
- service_default_namespace_count
- service_input
- service_ip_details
- service_labels
- service_overview
- service_pods_detail
- service_ports
- service_tree
- service_type
- services_for_deployment
- services_for_namespace
- services_for_replicaset
- services_for_statefulset
- statefulsets_for_service
Control examples
Schema for kubernetes_service
| Name | Type | Operators | Description |
|---|---|---|---|
| _ctx | jsonb | Steampipe context in JSON form, e.g. connection_name. | |
| allocate_load_balancer_node_ports | boolean | Indicates whether NodePorts will be automatically allocated for services with type LoadBalancer, or not. | |
| annotations | jsonb | Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. | |
| cluster_ip | text | IP address of the service and is usually assigned randomly. | |
| cluster_ips | jsonb | A list of IP addresses assigned to this service, and are usually assigned randomly. | |
| context_name | text | Kubectl config context name. | |
| creation_timestamp | timestamp with time zone | CreationTimestamp is a timestamp representing the server time when this object was created. | |
| deletion_grace_period_seconds | bigint | Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. | |
| deletion_timestamp | timestamp with time zone | DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. | |
| end_line | bigint | The path to the manifest file. | |
| external_ips | jsonb | A list of IP addresses for which nodes in the cluster will also accept traffic for this service. | |
| external_name | text | The external reference that discovery mechanisms will return as an alias for this service (e.g. a DNS CNAME record). | |
| external_traffic_policy | text | Denotes whether the service desires to route external traffic to node-local or cluster-wide endpoints. | |
| finalizers | jsonb | Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. | |
| generate_name | text | GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. | |
| generation | bigint | A sequence number representing a specific generation of the desired state. | |
| health_check_node_port | bigint | Specifies the healthcheck nodePort for the service. | |
| ip_families | jsonb | A list of IP families (e.g. IPv4, IPv6) assigned to this service, and is gated by the 'IPv6DualStack' feature gate. | |
| ip_family_policy | text | Specifies the dual-stack-ness requested or required by this service, and is gated by the 'IPv6DualStack' feature gate. | |
| labels | jsonb | Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. | |
| load_balancer_ingress | jsonb | A list containing ingress points for the load-balancer. | |
| load_balancer_ip | inet | The IP specified when the load balancer was created. | |
| load_balancer_source_ranges | jsonb | A list of source ranges that will restrict traffic through the cloud-provider load-balancer will be restricted to the specified client IPs. | |
| name | text | Name of the object. Name must be unique within a namespace. | |
| namespace | text | Namespace defines the space within which each name must be unique. | |
| owner_references | jsonb | List of objects depended by this object. If ALL objects in the list have been deleted, this object will be garbage collected. If this object is managed by a controller, then an entry in this list will point to this controller, with the controller field set to true. There cannot be more than one managing controller. | |
| path | text | The path to the manifest file. | |
| ports | jsonb | A list of ports that are exposed by this service. | |
| publish_not_ready_addresses | boolean | Indicates that any agent which deals with endpoints for this service should disregard any indications of ready/not-ready. | |
| resource_version | text | An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. | |
| selector | jsonb | Route service traffic to pods with label keys and values matching this selector. | |
| selector_query | text | A query string representation of the selector. | |
| session_affinity | text | Supports 'ClientIP' and 'None'. Used to maintain session affinity. | |
| session_affinity_client_ip_timeout | bigint | Specifies the ClientIP type session sticky time in seconds. | |
| source_type | text | The source of the resource. Possible values are: deployed and manifest. If the resource is fetched from the spec file the value will be manifest. | |
| start_line | bigint | The path to the manifest file. | |
| tags | jsonb | A map of tags for the resource. This includes both labels and annotations. | |
| title | text | Title of the resource. | |
| topology_keys | jsonb | A preference-order list of topology keys which implementations of services should use to preferentially sort endpoints when accessing this Service, it can not be used at the same time as externalTrafficPolicy=Local. | |
| type | text | Type determines how the Service is exposed. | |
| uid | text | UID is the unique in time and space value for this object. |
Export
This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.
You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh script:
/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- kubernetesYou can pass the configuration to the command with the --config argument:
steampipe_export_kubernetes --config '<your_config>' kubernetes_service