github.com/jlmeeker/kismatic@v1.10.1-0.20180612190640-57f9005a1f1a/cmd/kismatic-inspector/README.md (about) 1 # Kismatic Inspector 2 3 The Kismatic Inspector can be used to validate infrastructure that has been provisioned 4 for installtion via Kismatic. 5 6 The utility supports two modes of operation: 7 * Local: checks are run, and results are printed to the console 8 * Remote: the utility functions both as a client and a server. 9 10 ## Local 11 When running the utility in local mode, a subset of the checks are run on the node. 12 Once the checks are done, a report is printed to the console. The report 13 lists all the checks that ran, and their status. In the case that a check failed, 14 a more detailed message is shown with potential remediation steps. 15 16 ## Remote 17 Due to the nature of checks that depend on the network, it is necessary to 18 perform these checks from outside the node. For example, ensuring that a TCP port 19 is accessible across the network is more powerful than just verifying that the 20 port is free on the local node. 21 22 The utility can function both as the client and the server in this mode. 23 24 ## Supported checks 25 | Check | Description | Remote-Only | 26 |----------------------|-----------------------------------------------------------------------------------|-------------| 27 | Binary Dependency | Checks that a given binary is installed | | 28 | Package Dependency | Checks that a given package is installed using the OS's package manager | | 29 | Package Availability | Checks that a given package can be downloaded using the OS's package manager | | 30 | RegEx File Search | Execute regex search against a file. (e.g. look for a config option in /etc/foo) | | 31 | TCP Port Bindable | Ensure that the TCP port is bindable on the node | X | 32 | TCP Port Accessible | Ensure that the TCP port is accessible on the network | X | 33 34 35 ## Usage 36 37 38 ### Local mode 39 ``` 40 => ./kismatic-inspector --local 41 CHECK SUCCESS MSG 42 iptables exists false Install "iptables", as it was not found in the system 43 iptables-save exists false Install "iptables-save", as it was not found in the system 44 iptables-restore exists false Install "iptables-restore", as it was not found in the system 45 ip exists false Install "ip", as it was not found in the system 46 nsenter exists false Install "nsenter", as it was not found in the system 47 mount exists true 48 umount exists true 49 glibc is intalled false Install "glibc", as it was not found on the system. 50 ``` 51 52 ### Remote mode 53 1. Start inspector server on the node 54 ``` 55 => ./kismatic-inspector 56 Listening on port 8081 57 Run ./kismatic-inspector from another node to run checks remotely: ./kismatic-inspector --node [NodeIP]:8081 58 ``` 59 2. Run the inspector on a remote node 60 ``` 61 => ./kismatic-inspector --node node01:8081 62 ./kismatic-inspector --node localhost:8081 --check-tcp-ports 3040,3060,3080 63 CHECK SUCCESS MSG 64 iptables exists false Install "iptables", as it was not found in the system 65 iptables-save exists false Install "iptables-save", as it was not found in the system 66 iptables-restore exists false Install "iptables-restore", as it was not found in the system 67 ip exists false Install "ip", as it was not found in the system 68 nsenter exists false Install "nsenter", as it was not found in the system 69 mount exists true 70 umount exists true 71 glibc is intalled false Install "glibc", as it was not found on the system.TCP Port 3040 bindable true 72 TCP Port 3060 bindable true 73 TCP Port 3080 bindable true 74 TCP Port 3040 accessible true 75 TCP Port 3060 accessible true 76 TCP Port 3080 accessible true 77 ``` 78 79 ## TODO 80 * Revisit CLI UX 81 * Implement more checks 82 * Support TLS in remote mode