steampipe plugin install oci

Table: oci_container_instances_container - Query OCI Container Engine for Kubernetes Container using SQL

OCI Container Engine for Kubernetes (OKE) is a fully-managed, scalable, and highly available service that you can use to deploy your containerized applications to the cloud. Use OKE when your development team wants to reliably build, deploy, and manage cloud-native applications. You specify the compute resources that your applications require, and OKE provisions and manages the underlying compute instances for you.

Table Usage Guide

The oci_container_instances_container table provides insights into the OCI Container Engine for Kubernetes Containers. As a DevOps engineer, you can use this table to explore details of your containerized applications, including the compute resources they require and how OKE manages these resources. Use this table to monitor the deployment and management of your cloud-native applications and ensure they are running optimally.

Examples

Basic info

Explore which container instances are currently active and when they were created to gain insights into your OCI Container Instances' lifecycle and availability. This can help identify instances that may require updates or maintenance.

select
display_name,
id,
availability_domain,
lifecycle_state,
time_created,
image_url
from
oci_container_instances_container;
select
display_name,
id,
availability_domain,
lifecycle_state,
time_created,
image_url
from
oci_container_instances_container;

List failed containers

Uncover the details of containers that have failed. This assists in identifying and addressing issues that may be causing the failure, improving overall system performance and stability.

select
display_name,
id,
availability_domain,
lifecycle_state,
time_created,
image_url
from
oci_container_instances_container
where
lifecycle_state = 'FAILED';
select
display_name,
id,
availability_domain,
lifecycle_state,
time_created,
image_url
from
oci_container_instances_container
where
lifecycle_state = 'FAILED';

Get resource config details for containers

Explore the configuration details of your container resources to understand their current lifecycle state and capacity limits in terms of virtual CPUs and memory. This can help in managing and optimizing resource use within your cloud environment.

select
display_name,
lifecycle_state,
resource_config ->> 'vcpusLimit' as vcpus_limit,
resource_config ->> 'memoryLimitInGBs' as memory_limit_in_gbs
from
oci_container_instances_container;
select
display_name,
lifecycle_state,
json_extract(resource_config, '$.vcpusLimit') as vcpus_limit,
json_extract(resource_config, '$.memoryLimitInGBs') as memory_limit_in_gbs
from
oci_container_instances_container;

List containers where the resource principal is disabled

Discover the segments that have their resource principal disabled. This is useful for identifying potential security risks and ensuring that all resources are properly managed.

select
display_name,
id,
availability_domain,
lifecycle_state,
time_created,
image_url
from
oci_container_instances_container
where
is_resource_principal_disabled;
select
display_name,
id,
availability_domain,
lifecycle_state,
time_created,
image_url
from
oci_container_instances_container
where
is_resource_principal_disabled = 1;

Get volume mount details for containers

Explore the configuration of your container's volume mounts to understand their lifecycle state and access permissions. This can help manage storage resources effectively and ensure proper security measures are in place.

select
display_name,
lifecycle_state,
vm ->> 'mountPath' as mount_path,
vm ->> 'volumeName' as volume_name,
vm ->> 'subPath' as sub_path,
vm ->> 'isReadOnly' as is_read_only,
vm ->> 'partition' as partition
from
oci_container_instances_container,
jsonb_array_elements(volume_mounts) as vm;
select
display_name,
lifecycle_state,
json_extract(vm.value, '$.mountPath') as mount_path,
json_extract(vm.value, '$.volumeName') as volume_name,
json_extract(vm.value, '$.subPath') as sub_path,
json_extract(vm.value, '$.isReadOnly') as is_read_only,
json_extract(vm.value, '$.partition') as partition
from
oci_container_instances_container,
json_each(volume_mounts) as vm;

Get health check details for containers

Explore the health status of your containers to ensure they are functioning optimally. This query is particularly useful for maintaining system performance and identifying any potential issues early.

select
display_name,
availability_domain,
lifecycle_state,
time_created,
image_url,
jsonb_pretty(health_checks) as health_checks
from
oci_container_instances_container;
select
display_name,
availability_domain,
lifecycle_state,
time_created,
image_url,
health_checks
from
oci_container_instances_container;

List containers which does not have any environment variables

Discover the segments that have containers without any environment variables set, which could be crucial for certain applications to function correctly. This query enables you to assess the elements within your infrastructure that might need additional configuration for optimal performance.

select
display_name,
availability_domain,
lifecycle_state,
time_created,
image_url
from
oci_container_instances_container
where
environment_variables is null;
select
display_name,
availability_domain,
lifecycle_state,
time_created,
image_url
from
oci_container_instances_container
where
environment_variables is null;

List details of the instance to which the container is connected

Uncover the details of your container's associated instance, such as its name, availability domain, lifecycle state, and creation time. This is useful to understand the operational context and status of your container within the Oracle Cloud Infrastructure (OCI) environment.

select
c.display_name as container_name,
i.id as instance_id,
i.display_name as instance_name,
i.availability_domain as instance_availability_domain,
i.lifecycle_state as instance_lifecycle_state,
i.time_created instance_create_time
from
oci_container_instances_container as c,
oci_container_instances_container_instance as i
where
c.container_instance_id = i.id;
select
c.display_name as container_name,
i.id as instance_id,
i.display_name as instance_name,
i.availability_domain as instance_availability_domain,
i.lifecycle_state as instance_lifecycle_state,
i.time_created instance_create_time
from
oci_container_instances_container as c
join oci_container_instances_container_instance as i on c.container_instance_id = i.id;

Schema for oci_container_instances_container

NameTypeOperatorsDescription
_ctxjsonbSteampipe context in JSON form.
additional_capabilitiesjsonbA list of additional configurable container capabilities.
argumentsjsonbA list of string arguments for a Container's entrypoint process.
availability_domaintext=Availability Domain where the Container's Instance is running.
commandjsonbThis command will override the container's entrypoint process. If not specified, the existing entrypoint process defined in the image will be used.
compartment_idtext=The OCID of the compartment in Tenant in which the resource is located.
container_instance_idtext=The identifier of the Container Instance on which this container is running.
container_restart_attempt_countbigintThe number of container restart attempts. A restart may be attempted after a health check failure or a container exit, based on the restart policy.
defined_tagsjsonbDefined tags for resource. Defined tags are set up in your tenancy by an administrator. Only users granted permission to work with the defined tags can apply them to resources.
display_nametext=isplay name for the Container. Can be renamed.
environment_variablesjsonbA map of additional environment variables to set in the environment of the container's entrypoint process. These variables are in addition to any variables already defined in the container's image.
exit_codebigintThe exit code of the container process if it has stopped executing.
fault_domaintextFault Domain where the ContainerInstance is running.
freeform_tagsjsonbFree-form tags for resource. This tags can be applied by any user with permissions on the resource.
health_checksjsonbList of container health checks.
idtext=Unique identifier that is immutable on creation.
image_urltextThe container image information. Currently only support public docker registry. Can be either image name, e.g `containerImage`, image name with version, e.g `containerImage:v1` or complete docker image Url e.g `docker.io/library/containerImage:latest`. If no registry is provided, will default the registry to public docker hub `docker.io/library`. The registry used for container image must be reachable over the Container Instance's VNIC.
is_resource_principal_disabledbooleanDetermines if the Container will have access to the Container Instance Resource Principal.
lifecycle_detailstextA message describing the current state in more detail. For example, can be used to provide actionable information for a resource in Failed state.
lifecycle_statetext=The current state of the Container.
regiontextThe OCI region in which the resource is located.
resource_configjsonbThe resource config of the Container.
sp_connection_nametext=, !=, ~~, ~~*, !~~, !~~*Steampipe connection name.
sp_ctxjsonbSteampipe context in JSON form.
system_tagsjsonbSystem tags for resource. System tags can be viewed by users, but can only be created by the system.
tagsjsonbA map of tags for the resource.
tenant_idtext=, !=, ~~, ~~*, !~~, !~~*The OCID of the Tenant in which the resource is located.
time_createdtimestamp with time zoneThe time the the Container was created.
time_terminatedtimestamp with time zoneTime at which the container last terminated.
time_updatedtimestamp with time zoneThe time the Container was updated.
titletextTitle of the resource.
volume_mountsjsonbList of the volume mounts.
working_directorytextThe working directory within the Container's filesystem for the Container process. If this is not present, the default working directory from the image will be used.

Export

This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.

You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh script:

/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- oci

You can pass the configuration to the command with the --config argument:

steampipe_export_oci --config '<your_config>' oci_container_instances_container