Table of contents
What is Datree?
It is an open-source CLI utility tool that prevents misconfiguration on Kubernetes workloads and a SaaS platform to manage policies. It validates your Kubernetes YAML files.
Why do we need Datree?
To prevent errors in Kubernetes configurations. It helps developer to manage the policy enforcement which, automatically checks for rules violations. When using Datree, you do not need to have a connection with the production cluster. Policy and rules can be applied from the online Datree Dashboard. Sound great?
How do Datree works?
Checks the Yaml file for the syntax is written correctly.
Kubernetes schema validation checks if the version is valid or invalid.
Policy check — It could be a memory limit, CPU limit, or any custom policy check.
It gives the summary of the YAML file run against Datree applied policies.
Let’s have a quick and simple implementation of Datree
To install Datree follow the official doc - sample deployment.yaml file for nginx
To validate this yaml using Datree run following command
$ datree test deployment.yaml
From above image, total rules passed: 21 and Total Rules Failed: 9
I have made the default policy with 30 rules which are configured through Datree Dashboard. Link for the Dashboard can be obtained through CLI as shown in the below image
In Datree dashboard, we can edit rules as per our need, and those rules will be applied at the time of validating the deployment YAML file.
The first four errors were solved which were shown in the above configuration error image.
Updated deployment.yaml
Now if we run the command again to perform verification
$ datree test deployment.yaml
Output is Total Rules Failed: 5 which was 9 before We did configure the memory request, CPU request, memory limit, and CPU limit in our deployment file.
As the conclusion, above per demo above, it showns how Datree can be useful for standerization and to avoid misconfiguration in K8s.