Skip to content
This repository has been archived by the owner on Feb 2, 2024. It is now read-only.

Latest commit

 

History

History
76 lines (51 loc) · 5.26 KB

audit-api.md

File metadata and controls

76 lines (51 loc) · 5.26 KB

Audit API

The Audit API applies a series of tests to the various cached data sources of Kubecost to check the validity of the data sources and the processes that act upon them. Each of the Audits tests represents an invariance that should remain true despite any changes that occur to the system as a whole. Each Audit is stored in an AuditSet, which besides audits contains a window for the timeframe that the Audits it contains cover. The Audits themselves each have a timestamp for their last run, a status, a description and other audit-specific structures which contain the results of the run.

Audit API

GET /etl/audit

Returns AuditSets for given window saved in the AuditStore

Parameters: window: accepts all standard Kubecost window formats. excluding this argument returns all audits in range

Post /etl/audit

Endpoint to run audits defined by parameters

Parameters: window: accepts all standard Kubecost window formats. excluding this argument runs all audits in range commit: must pass true if window argument is excluded, else is ignored type: must be a valid audit type (listed below). excluding this argument runs all audit types for the given window

Audit Types

  • AuditAllocationReconciliation: tests that CPU, GPU and RAM cost totals by node from the Allocation store after reconciliation are equal to the values costs of each node in the Asset Store.
  • AuditAllocationTotalStore: detects divergence in the totalling of Allocation store and Total store by querying the Allocation store and comparing the totaled results against the contents of the total store
  • AuditAllocationAggStore: detects divergence in the aggregation of Allocation store and Agg store by querying the Allocation store and comparing the aggregated results against the contents of the total store
  • AuditAssetReconciliation: tests that matchable Assets have the same total cost as their corresponding CloudUsages
  • AuditAssetTotalStore: detects divergence in the totalling of Asset store and Total store by querying the Asset store and comparing the totaled results against the contents of the total store
  • AuditClusterEquality: tests that the aggregate by cluster of the asset store is equal to the aggregate by cluster of the reconciliation allocation store after idle and tenancy costs have been applied

Return Types

Base Return types

The base return types are used by each Audit result to express any discrepancies that have been detected.

Audit Missing Value

Audit Missing Value denotes a value that was present in one data source and not another. The presence of this base result will generally result in a Warning status in the Audit that contains it. It contains a Description of the missing value and the key which acts as a way of identifying the missing value.

Audit Float Result

Audit Float Result represents a difference in float values between two data sources. The presence of this base result generally indicates a Failed status on the Audit. It contains an Actual value derived from the data source being audited and Expected value which is generated by the Audit itself.

Audit Results

Each Audit result contains the following values.

  • status: gives the end result of the Audit as Passed, Warning or Failure
  • lastRun: a timestamp of when the Audit was run
  • description: a string describing the result of the audit. Generally used for failures in preliminary checks.
  • missingValues: a []*AuditMissingValue containing any values that were found to be missing during the audit
Allocation Reconciliation Audit

Allocation Reconciliation Audit records the differences of between compute resources (cpu, ram, gpu) costs between allocations by nodes and node assets. It contains the additional fields:

  • resources: A map[string]map[string]*AuditFloatResult records difference in resource values between asset and allocations. Keyed on node name and resource name
Total Audit

Total Audit records the differences between a total store and the totaled results of the store. It contains the additional fields:

  • totalByNode: A map[string]*AuditFloatResult which records differences of calculated total by node. Keyed on node name
  • totalByCluster: A map[string]*AuditFloatResult which records differences of calculated total by cluster. Keyed on cluster id
Agg Audit

Agg Audit contains the results of an Audit on an AggStore which checks if the aggregate of the store it draws from matches it.

  • results: A map[string]map[string]*AuditFloatResult which records differences of calculated agg. Keyed on aggregation prop and allocation or asset key
Asset Reconciliation Audit

Asset Reconciliation Audit records differences in assets and the Cloud items that it is able to successfully match.

  • results: A map[string]map[string]*AuditFloatResult which records differences in cloud assets and matched assets. Keyed on providerId and category
Equality Audit

Equality Audit records the difference in cost between Allocations and Assets aggregated by cluster and Keyed on cluster

  • clusters: A map[string]*AuditFloatResult which records differences in allocations by cluster and assets by cluster. Keyed by cluster id