steampipe plugin install ocisteampipe plugin install oci

Table: oci_container_instances_container - Query OCI Container Engine for Kubernetes Container using SQL

OCI Container Engine for Kubernetes (OKE) is a fully-managed, scalable, and highly available service that you can use to deploy your containerized applications to the cloud. Use OKE when your development team wants to reliably build, deploy, and manage cloud-native applications. You specify the compute resources that your applications require, and OKE provisions and manages the underlying compute instances for you.

Table Usage Guide

The oci_container_instances_container table provides insights into the OCI Container Engine for Kubernetes Containers. As a DevOps engineer, you can use this table to explore details of your containerized applications, including the compute resources they require and how OKE manages these resources. Use this table to monitor the deployment and management of your cloud-native applications and ensure they are running optimally.

Examples

Basic info

Explore which container instances are currently active and when they were created to gain insights into your OCI Container Instances' lifecycle and availability. This can help identify instances that may require updates or maintenance.

select
  display_name,
  id,
  availability_domain,
  lifecycle_state,
  time_created,
  image_url
from
  oci_container_instances_container;

select
  display_name,
  id,
  availability_domain,
  lifecycle_state,
  time_created,
  image_url
from
  oci_container_instances_container;

List failed containers

Uncover the details of containers that have failed. This assists in identifying and addressing issues that may be causing the failure, improving overall system performance and stability.

select
  display_name,
  id,
  availability_domain,
  lifecycle_state,
  time_created,
  image_url
from
  oci_container_instances_container
where
  lifecycle_state = 'FAILED';

select
  display_name,
  id,
  availability_domain,
  lifecycle_state,
  time_created,
  image_url
from
  oci_container_instances_container
where
  lifecycle_state = 'FAILED';

Get resource config details for containers

Explore the configuration details of your container resources to understand their current lifecycle state and capacity limits in terms of virtual CPUs and memory. This can help in managing and optimizing resource use within your cloud environment.

select
  display_name,
  lifecycle_state,
  resource_config ->> 'vcpusLimit' as vcpus_limit,
  resource_config ->> 'memoryLimitInGBs' as memory_limit_in_gbs
from
  oci_container_instances_container;

select
  display_name,
  lifecycle_state,
  json_extract(resource_config, '$.vcpusLimit') as vcpus_limit,
  json_extract(resource_config, '$.memoryLimitInGBs') as memory_limit_in_gbs
from
  oci_container_instances_container;

List containers where the resource principal is disabled

Discover the segments that have their resource principal disabled. This is useful for identifying potential security risks and ensuring that all resources are properly managed.

select
  display_name,
  id,
  availability_domain,
  lifecycle_state,
  time_created,
  image_url
from
  oci_container_instances_container
where
  is_resource_principal_disabled;

select
  display_name,
  id,
  availability_domain,
  lifecycle_state,
  time_created,
  image_url
from
  oci_container_instances_container
where
  is_resource_principal_disabled = 1;

Get volume mount details for containers

Explore the configuration of your container's volume mounts to understand their lifecycle state and access permissions. This can help manage storage resources effectively and ensure proper security measures are in place.

select
  display_name,
  lifecycle_state,
  vm ->> 'mountPath' as mount_path,
  vm ->> 'volumeName' as volume_name,
  vm ->> 'subPath' as sub_path,
  vm ->> 'isReadOnly' as is_read_only,
  vm ->> 'partition' as partition
from
  oci_container_instances_container,
  jsonb_array_elements(volume_mounts) as vm;

select
  display_name,
  lifecycle_state,
  json_extract(vm.value, '$.mountPath') as mount_path,
  json_extract(vm.value, '$.volumeName') as volume_name,
  json_extract(vm.value, '$.subPath') as sub_path,
  json_extract(vm.value, '$.isReadOnly') as is_read_only,
  json_extract(vm.value, '$.partition') as partition
from
  oci_container_instances_container,
  json_each(volume_mounts) as vm;

Get health check details for containers

Explore the health status of your containers to ensure they are functioning optimally. This query is particularly useful for maintaining system performance and identifying any potential issues early.

select
  display_name,
  availability_domain,
  lifecycle_state,
  time_created,
  image_url,
  jsonb_pretty(health_checks) as health_checks
from
  oci_container_instances_container;

select
  display_name,
  availability_domain,
  lifecycle_state,
  time_created,
  image_url,
  health_checks
from
  oci_container_instances_container;

List containers which does not have any environment variables

Discover the segments that have containers without any environment variables set, which could be crucial for certain applications to function correctly. This query enables you to assess the elements within your infrastructure that might need additional configuration for optimal performance.

select
  display_name,
  availability_domain,
  lifecycle_state,
  time_created,
  image_url
from
  oci_container_instances_container
where
  environment_variables is null;

select
  display_name,
  availability_domain,
  lifecycle_state,
  time_created,
  image_url
from
  oci_container_instances_container
where
  environment_variables is null;

List details of the instance to which the container is connected

Uncover the details of your container's associated instance, such as its name, availability domain, lifecycle state, and creation time. This is useful to understand the operational context and status of your container within the Oracle Cloud Infrastructure (OCI) environment.

select
  c.display_name as container_name,
  i.id as instance_id,
  i.display_name as instance_name,
  i.availability_domain as instance_availability_domain,
  i.lifecycle_state as instance_lifecycle_state,
  i.time_created instance_create_time
from
  oci_container_instances_container as c,
  oci_container_instances_container_instance as i
where
  c.container_instance_id = i.id;

select
  c.display_name as container_name,
  i.id as instance_id,
  i.display_name as instance_name,
  i.availability_domain as instance_availability_domain,
  i.lifecycle_state as instance_lifecycle_state,
  i.time_created instance_create_time
from
  oci_container_instances_container as c
  join oci_container_instances_container_instance as i on c.container_instance_id = i.id;

Schema for oci_container_instances_container

Name	Type	Operators	Description
_ctx	jsonb		Steampipe context in JSON form, e.g. connection_name.
additional_capabilities	jsonb		A list of additional configurable container capabilities.
arguments	jsonb		A list of string arguments for a Container's entrypoint process.
availability_domain	text	=	Availability Domain where the Container's Instance is running.
command	jsonb		This command will override the container's entrypoint process. If not specified, the existing entrypoint process defined in the image will be used.
compartment_id	text	=	The OCID of the compartment in Tenant in which the resource is located.
container_instance_id	text	=	The identifier of the Container Instance on which this container is running.
container_restart_attempt_count	bigint		The number of container restart attempts. A restart may be attempted after a health check failure or a container exit, based on the restart policy.
defined_tags	jsonb		Defined tags for resource. Defined tags are set up in your tenancy by an administrator. Only users granted permission to work with the defined tags can apply them to resources.
display_name	text	=	isplay name for the Container. Can be renamed.
environment_variables	jsonb		A map of additional environment variables to set in the environment of the container's entrypoint process. These variables are in addition to any variables already defined in the container's image.
exit_code	bigint		The exit code of the container process if it has stopped executing.
fault_domain	text		Fault Domain where the ContainerInstance is running.
freeform_tags	jsonb		Free-form tags for resource. This tags can be applied by any user with permissions on the resource.
health_checks	jsonb		List of container health checks.
id	text	=	Unique identifier that is immutable on creation.
image_url	text		The container image information. Currently only support public docker registry. Can be either image name, e.g `containerImage`, image name with version, e.g `containerImage:v1` or complete docker image Url e.g `docker.io/library/containerImage:latest`. If no registry is provided, will default the registry to public docker hub `docker.io/library`. The registry used for container image must be reachable over the Container Instance's VNIC.
is_resource_principal_disabled	boolean		Determines if the Container will have access to the Container Instance Resource Principal.
lifecycle_details	text		A message describing the current state in more detail. For example, can be used to provide actionable information for a resource in Failed state.
lifecycle_state	text	=	The current state of the Container.
region	text		The OCI region in which the resource is located.
resource_config	jsonb		The resource config of the Container.
system_tags	jsonb		System tags for resource. System tags can be viewed by users, but can only be created by the system.
tags	jsonb		A map of tags for the resource.
tenant_id	text		The OCID of the Tenant in which the resource is located.
time_created	timestamp with time zone		The time the the Container was created.
time_terminated	timestamp with time zone		Time at which the container last terminated.
time_updated	timestamp with time zone		The time the Container was updated.
title	text		Title of the resource.
volume_mounts	jsonb		List of the volume mounts.
working_directory	text		The working directory within the Container's filesystem for the Container process. If this is not present, the default working directory from the image will be used.

Export

This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.

You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh script:

/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- oci

You can pass the configuration to the command with the --config argument:

steampipe_export_oci --config '<your_config>' oci_container_instances_container