Hi team there was a question about deleting pods in a namespace which has high a . . .

Vinodh:
Hi team there was a question about deleting pods in a namespace which has high and critical vulnerabilities. I was trying to get the list of images used in all pods and issue trivy command to identify vulnerabilities. But this took more time. Is there a simple way to achieve this for saving time please?

Tej Singh Rana:
Hi @Vinodh,
Just wanted to know how much time it’s taking?

Vinodh:
Hi @Tej Singh Rana, not sure exactly but I think more than 15 mins maybe. As I had to describe all pods to get the list of images and issue trivy command on all those images individually and then issue delete command on selected pods. I felt like there should be a command or two to achieve this task :slightly_smiling_face:

Vinodh:
Hi @Tej Singh Rana, one more general question, i could see two workspaces http://kodekloud.slack.com|kodekloud.slack.com and http://kodekloudworkspace.slack.com|kodekloudworkspace.slack.com. Which one is latest and i need to use please?

Tej Singh Rana:
Hi @Vinodh,
You can try with custom-columns,

root@controlplane:/# kubectl get po -n delta -o custom-columns='Pod Name:metadata.name','Image Name:spec.containers[*].image'
Pod Name          Image Name
simple-webapp-1   kodekloud/webapp-delayed-start
simple-webapp-2   httpd:2-alpine
simple-webapp-3   nginx:1.16
simple-webapp-4   httpd:2.4.33
root@controlplane:/# 
root@controlplane:/# cd
root@controlplane:~# #trivy image <IMAGE-NAME>
root@controlplane:~# 
root@controlplane:~# 
root@controlplane:~# 

Tej Singh Rana:
Note down vulnerabilities count with the image in the notepad (In the official exam, you will get an inbuilt notepad as you have seen in the CKA exam)

Vinodh:
Thanks very much @Tej Singh Rana

unnivkn:
Hi @Vinodh try this sample code & check how long it will take for you:

unnivkn:
#get podname & imagename: (refer cheatsheet)
controlplane $ kubectl -n delta get pods -o=custom-columns=‘Name:spec.containers[].name,DATA:spec.containers[].image’
Name DATA
busyboxpod busybox
nginx nginx:latest
nginx-2 nginx:1.20.1
temp-pod nginx:1.21.1-alpine
controlplane $

$ trivy image busybox | grep -i CRITICAL

$ kubectl -n delta delete pod busyboxpod
$ kubectl -n delta delete pod nginx
$ kubectl -n delta delete pod temp-pod

Vinodh:
Thanks @unnivkn. Will try in trivy lab and update

Vinodh:
@Tej Singh Rana /@unnivkn: Thanks for your inputs above. Yes it took about 8 mins if I have 5 pods running in the namespace, provided i have all commands handy