website logo
HomeGithubSlack
⌘K
Overview
Quick Start
Supported Services
Running CloudGraph in EKS
Compliance
Rules Engine
AWS
Querying AWS Data
AWS Policy Packs
Billing Data
Services
Azure
Querying Azure Data
Azure Policy Packs
Services
GCP
Querying GCP Data
GCP Policy Packs
Services
K8s
Querying Kubernetes Data
Services
Docs powered by archbee 

Service

15min

Note: if you are running CloudGraph locally you can view the interactive, automatically generated documentation in either GraphQL Playground or Altair by clicking the docs button on the right-hand side of the screen. After reading the below information we highly suggest you use one of these tools to test your queries as they will autocomplete fields for you and let you know if your queries are valid before you even submit them.

Overview

You can currently query the following attributes and connections on a k8s Service:

GraphQL
|
type k8sService {
  id: String!
  context: String!
  apiVersion: String
  kind: String
  metadata: {
    id: String
    annotations: {
      id: String!
      key: String
      value: String
    }
    clusterName: String
    creationTimestamp: String
    deletionGracePeriodSeconds: Int
    deletionTimestamp: String
    finalizers: [String]
    generateName: String
    generation: Int
    labels: {
      id: String!
      key: String
      value: String
    }
    ownerReferences: {
      id: String!
      apiVersion: String
      blockOwnerDeletion: Boolean
      controller: Boolean
      kind: String
      name: String
    }
    name: String
    namespace: String
    resourceVersion: String
    selfLink: String
  }
  spec {
    allocateLoadBalancerNodePorts: Boolean
    clusterIp: String
    clusterIps: [String]
    externalIps: [String]
    externalName: String
    externalTrafficPolicy: String
    healthCheckNodePort: Int
    internalTrafficPolicy: String
    ipFamilies: [String]
    ipFamilyPolicy: String
    loadBalancerClass: String
    loadBalancerIp: String
    loadBalancerSourceRanges: [String]
    ports {
      id: String
      appProtocol: String
      name: String
      nodePort: Int
      port: Int
      protocol: String
      targetPort: String
    }
    publishNotReadyAddresses: Boolean
    selector {
      id: String
      key: String
      value: String
    }
    sessionAffinity: String
    sessionAffinityConfig {
      clientIp {
        timeoutSeconds: Int
      }
    } 
    type: String
  }
  status: {
    loadBalancer {
      ingress {
        id: String
        hostname: String
        ip: String
        ports {
          id: String
          error: String
          port: Int
          protocol: String
        }
      }
    }
    conditions {
      id: String
      lastTransitionTime: String
      observedGeneration: Int
      message: String
      reason: String
      status: String
      type: String
    }
  }
  namespace {
    id
    # Other namespace fields
  }
}


Filtering

Get data for a single service that you know the id for:

GraphQL
|
query {
  getk8sService(id: "12345") {
    id
    # Other fields and connections here...
  }
}


Get data for all of the services in a certain k8s Context:

GraphQL
|
query {
  queryk8sService(filter: { context: { eq: "my-context-name" } }) {
    id
    # Other fields and connections here...
  }
}


Get data for all of the services NOT in a certain k8s Context:

GraphQL
|
query {
  queryk8sService(filter: { not: { context: { eq: "my-context-name" } } }) {
    id
    # Other fields and connections here...
  }
}




Advanced Filtering

Get data for all of the services that have a namespace:

GraphQL
|
query {
  queryk8sService(filter: { has: namespace }) {
    id
    # Other fields and connections here...
  }
}

# Note that in addition to "namespace" you can filter
# Using "has" based on any of the following attributes:

# apiVersion
# kind
# spec
# status


Use multiple filter selectors, (i.e. has, and, not, or) to get data for all of the services that have a namespace AND status OR that do not have a spec. Note that you can use has, and, not, or completely independently of each other:

GraphQL
|
query {
  queryk8sService(
    filter: {
      has: namespace
      and: { has: status }
      or: { not: { has: spec } }
    }
  ) {
    id
    # Other fields and connections here...
  }
}


You may also filter using a regex when filtering on a string field like, context if you want to look for a value that matches say, some-value (case insensitive):

GraphQL
|
query {
  queryk8sService(
    filter: { context: { regexp: "/.*some-value*./i" } }
  ) {
    id
    # Other fields and connections here...
  }
}


Ordering

You can order the results you get back either asc or desc depending on your preference:

GraphQL
|
query {
  queryk8sService(order: { desc: apiVersion }) {
    apiVersion
    # Other fields and connections here...
  }
}

# Note that in addition to "apiVersion" you can filter
# Using "asc" or "desc" based on any of the following attributes:

# id
# kind
# context


Only select and return the first two services that are found:

GraphQL
|
query {
  queryk8sService(first: 2, order: { desc: apiVersion }) {
    apiVersion
    # Other fields and connections here...
  }
}


Only select and return the first two services that are found, but offset by one so services two & three are returned:

GraphQL
|
query {
  queryk8sService(first: 2, order: { desc: apiVersion }, offset: 1) {
    apiVersion
    # Other fields and connections here...
  }
}


Aggregation

Count the number of services across all scanned K8s contexts:

GraphQL
|
query {
  aggregatek8sService {
    count
    # Other fields and connections here...
  }
}

# Note that in addition to "count" you can request the
# Following min and max values based on attributes of your Namespaces:

# idMin
# idMax
# contextMin
# contextMax
# kindMin
# kindMax
# apiVersionMin
# apiVersionMax


Count the number of services in a single context. Note that you can apply all of the same filters that are listed above to aggregate queries:

GraphQL
|
query {
  aggregatek8sService(filter: { context: { eq: "my-context-name" } }) {
    count
    # Other fields and connections here...
  }
}


Kitchen Sink

Putting it all together; get all data for all services across all k8s contexts in a single query. For the purposes of this example we will only get direct children of the service but if you want to it's easy to go from say, service -> namespace -> job ...etc:

GraphQL
|
query {
  queryk8sService {
    id
    context
    apiVersion
    kind
    metadata {
      id
      annotations {
        id
        key
        value
      }
      clusterName
      creationTimestamp
      deletionGracePeriodSeconds
      deletionTimestamp
      finalizers
      generateName
      generation
      labels {
        id
        key
        value
      }
      ownerReferences {
        id
        apiVersion
        blockOwnerDeletion
        controller
        kind
        name
      }
      name
      namespace
      resourceVersion
      selfLink
    }
    spec {
      allocateLoadBalancerNodePorts
      clusterIp
      clusterIps
      externalIps
      externalName
      externalTrafficPolicy
      healthCheckNodePort
      internalTrafficPolicy
      ipFamilies
      ipFamilyPolicy
      loadBalancerClass
      loadBalancerIp
      loadBalancerSourceRanges
      ports {
        id
        appProtocol
        name
        nodePort
        port
        protocol
        targetPort
      }
      publishNotReadyAddresses
      selector {
        id
        key
        value
      }
      sessionAffinity
      sessionAffinityConfig {
        clientIp {
          timeoutSeconds
        }
      }
      type
    }
    status {
      conditions {
        id
        lastTransitionTime
        observedGeneration
        message
        reason
        status
        type
      }
      loadBalancer {
        ingress {
          id
          hostname
          ip
          ports {
            id
            error
            port
            protocol
          }
        }
      }
    }
    namespace {
      id
      context
      apiVersion
      kind
      metadata {
        id
        annotations {
          id
          key
          value
        }
        clusterName
        creationTimestamp
        deletionGracePeriodSeconds
        deletionTimestamp
        finalizers
        generateName
        generation
        labels {
          id
          key
          value
        }
        ownerReferences {
          id
          apiVersion
          blockOwnerDeletion
          controller
          kind
          name
        }
        name
        namespace
        resourceVersion
        selfLink
      }
      spec {
        finalizers
      }
      status {
        phase
        conditions {
          id
          lastHeartbeatTime
          lastTransitionTime
          message
          reason
          status
          type
        }
      }
      networkPolicies {
          id
          # any networkPolicy properties
      }
      nodes {
          id
          # any node properties
      }
      pods {
          id
          # any pod properties
      }
      deployments {
          id
          # any deployment properties
      }
      ingresses {
          id
          # any ingress properties
      }
      secrets {
          id
          # any secret properties
      }
      services {
          id
          # any service properties
      }
      serviceAccounts {
          id
          # any serviceAccount properties
      }
      storageClasses {
          id
          # any storageClass properties
      }
      persistentVolumes {
          id
          # any persistentVolume properties
      }
      persistentVolumeClaims {
          id
          # any persistentVolumeCalim properties
      }
      roles {
          id
          # any role properties
      }
      jobs {
          id
          # any job properties
      }
      cronJobs {
          id
          # any cronJob properties
      }
    }
  }
}


References

Dgraph documentation on querying

K8s Service Documentation

Updated 03 Mar 2023
Did this page help you?
Yes
No
PREVIOUS
Secret
NEXT
Service Account
Docs powered by archbee 
TABLE OF CONTENTS
Overview
Filtering
Advanced Filtering
Ordering
Aggregation
Kitchen Sink
References