top of page

6 kubectl plugins you must try

Here are six plugins from the plugin management tool for kubectl.


So let’s start with what is krew?

Most Kubernetes users are familiar with kubectl util, but did you know you can extend your kubectl functionality?


Krew is a plugin manager for kubectl, which works similarly to the traditional yum, apt, apk, brew, and other package managers. Krew provides a simple way to retrieve and manage plugins for the kubectl util.

If it’s your first time encountering krew, I recommend you to check it out and play around with the plugins he provides (https://krew.sigs.k8s.io/)

So, what are the 6 plugins we are going to review?

  • Kubepug

  • Rakkess

  • Ketall

  • kubectl-Score

  • kubectl-tree

  • Outdated

Kubepug


This year alone, Kubernetes introduced three new major versions of Kubernetes releases. Each one of the releases introduces new features, bug fixes, improvements, API deprecations, and removed APIs.


The Kubepug is a pre-upgrade checker that will help you find deprecated and removed APIs in your Kubernetes resources before migrating to a new major release.


(https://github.com/rikatz/kubepug)


Rakkess

Many Kubernetes cluster admins implement the principle of least privilege to keep their clusters safe and create separation between different cluster tenants.


This plugin will help you understand the privileges each user has across all of the given resources on the cluster.


(https://github.com/corneliusweig/rakkess)


Kube-Score


In CI/CD pipelines, most of the flows include static code analysis to check the developer code quality, but what about the manifests which are used to deploy resources to a production environment?


Kube-score is a static code analysis tool for your Kubernetes manifests objects. The output is a list of recommendations of what you can improve regarding security and resiliency.


(https://github.com/zegl/kube-score)


Ketall

Did you ever tried to use ‘kubectl get all’ and realized that resources are missing in the command output?


Well ‘kubectl get all’ command doesn’t give you all the resources, and you will need to find the rest of the resources by yourself. The ketall plugin will save you time and list all of the resources in a cluster, in a namespace, by label, and more.


(https://github.com/corneliusweig/ketall)


Kubectl-tree


For new Kubernetes users and experienced users, understanding the relationship between different Kubernetes objects can be a difficult task, and in case of a production error, it can increase troubleshooting time.


The kubectl-tree plugin will help you to understand the relations between Kubernetes objects in your live cluster and reduce your troubleshooting time.


(https://github.com/ahmetb/kubectl-tree)


Outdated

Security is a topic that comes up every day in different subjects. As Kubernetes cluster admins, we have several responsibilities to keep our cluster attack surface low. One of them is by keeping our images updated with security patches.


The outdated plugin iterates through readable namespaces, look for pods, reads from the manifests which image is being used, and checks if there is an updated version for the used image.


(https://github.com/replicatedhq/outdated)


Conclusion

If you are using the krew and a plugin you are using didn’t make it to the list, don’t take offense. The krew has 206 different plugins. Each of them is valuable to the community and can be more helpful for you than the list mentioned above. The six plugins described above can often be handy and simple to use.


bottom of page