Notifying Kubernetes events to Slack using Kubewatch

Tue, Jul 24, 2018 2-minute read

In this post i’ll show how to notify kubernetes events to our slack channel using bitnami-labs/kubewatch.

kubewatch repo can be accessed using this link.

We need to create slackbot.I created new bot named kubewatch-webischia.

Then i copied this token.

After that we need to install kubewatch. Kubewatch can be installed with helm or using yaml files. Im using yaml files in this example.

kubewatch-configmap.yaml

In handler scope we define our slack configuration such as bot token and resource scope we define which events we should notify on kubernetes.

apiVersion: v1
kind: ConfigMap
metadata:
  name: kubewatch
data:
  .kubewatch.yaml: |
    namespace: "default"
    handler:
      slack:
        token: xoxb-OUR-BOT-TOKEN
        channel: kubernetes-events
    resource:
      deployment: true
      replicationcontroller: false
      replicaset: false
      daemonset: false
      services: true
      pod: true
      secret: true
      configmap: false

kubewatch-service-account.yaml

Using rbac give permission to kubewatch for listing events.

---
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: kubewatch
rules:
- apiGroups: [""]
  resources: ["pods", "replicationcontrollers"]
  verbs: ["get", "watch", "list"]
---
apiVersion: v1
kind: ServiceAccount
metadata:
  name: kubewatch
  namespace: default
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
metadata:
  name: kubewatch
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: kubewatch
subjects:
  - kind: ServiceAccount
    name: kubewatch
    namespace: default

kubewatch.yaml

Thats our pod yaml. Defining image from bitnami/tuna.

We shouldnt forget serviceAccountName: kubewatch on spec scope.

apiVersion: v1
kind: Pod
metadata:
  name: kubewatch
  namespace: default
spec:
  serviceAccountName: kubewatch
  containers:
  - image: tuna/kubewatch:v0.0.1
    imagePullPolicy: Always
    name: kubewatch
    volumeMounts:
    - name: config-volume
      mountPath: /root
  - image: gcr.io/skippbox/kubectl:v1.3.0
    args:
      - proxy
      - "-p"
      - "8080"
    name: proxy
    imagePullPolicy: Always
  restartPolicy: Always
  volumes:
  - name: config-volume
    configMap:
      name: kubewatch

Testing our kubewatch. I created new service and kubewatch notify us on our slack channel.

Creating pod

Deleting pod