Skip to content

README.md

Latest commit

 

History

History
124 lines (109 loc) · 4.92 KB

README.md

File metadata and controls

124 lines (109 loc) · 4.92 KB

Issue Code Index

Inspection reports classify findings by issue type and assign stable codes for linking to the documentation in this directory. Each code corresponds to a Markdown document with: Summary, Severity (Info / Warning / Critical), Symptoms, Resolution, Example, References.

By category

NODE

Code Short Title
NODE-001 Node not ready
NODE-002 Node has resource pressure
NODE-003 Zombie processes on node
NODE-004 Node disk usage high (Warning)
NODE-005 Node disk usage critical

POD

Code Short Title
POD-001 Pod in Failed state
POD-002 Pod cannot be scheduled
POD-003 Container restart count too high
POD-004 Container in abnormal state
POD-005 ImagePullBackOff
POD-006 ErrImagePull
POD-007 CrashLoopBackOff
POD-008 ContainerCreating
POD-009 CreateContainerConfigError
POD-010 OOMKilled
POD-011 Container terminated (non-zero exit)
POD-012 Pod Running but not Ready

RES

Code Short Title
RES-001 Container has no resource requests
RES-002 Container has no resource limits
RES-003 Namespace has no resource quota
RES-004 CPU limit below request
RES-005 Memory limit below request

NET

Code Short Title
NET-001 LoadBalancer has no external IP
NET-002 NodePort outside recommended range
NET-003 Service has no selector or endpoints
NET-004 DNS deployment not ready
NET-005 DNS service not found

STO

Code Short Title
STO-001 PV config or backing storage issue
STO-002 PV Released, needs cleanup
STO-003 PV Retained, manual action needed
STO-004 PV has no reclaim policy
STO-005 PVC storage class or capacity issue
STO-006 PVC has data loss risk
STO-007 PVC has no storage class
STO-008 StorageClass has no provisioner
STO-009 No default StorageClass
STO-010 Multiple StorageClasses marked default

SEC

Code Short Title
SEC-001 ClusterRole has excessive permissions
SEC-002 User has cluster-admin
SEC-003 ServiceAccount has cluster-admin
SEC-004 Pod runs as root
SEC-005 Container runs privileged
SEC-006 Container runs as root
SEC-007 Container allows privilege escalation
SEC-008 Insufficient network policy coverage
SEC-009 Uses default ServiceAccount

CTRL

Code Short Title
CTRL-001 Control plane component not ready
CTRL-002 Static Pod not ready

AUTO

Code Short Title
AUTO-001 HPA replica range too narrow
AUTO-002 HPA has no metrics configured
AUTO-003 HPA target workload or metrics issue
AUTO-004 HPA behavior limits scaling
AUTO-005 HPA metric target not configured

BATCH

Code Short Title
BATCH-001 CronJob suspended
BATCH-002 CronJob job failed
BATCH-003 CronJob schedule or controller issue
BATCH-004 Job needs backoffLimit or resource check
BATCH-005 Job Pod stuck or timeout adjustment needed

POLICY

Code Short Title
POLICY-001 No ResourceQuota configured
POLICY-002 No LimitRange configured
POLICY-003 Critical workload has no PDB
POLICY-004 Replica count does not satisfy PDB

OBS

Code Short Title
OBS-001 metrics-server not deployed
OBS-002 kube-state-metrics not deployed
OBS-003 Log aggregation not deployed
OBS-004 Prometheus/monitoring not deployed

CERT

Code Short Title
CERT-001 CSR long Pending or abnormal
CERT-002 Certificate expiring soon
CERT-003 Certificate expired

Report Code links point to the corresponding document in this directory. Documents are shipped with the repository.