Pod Resource Scanner
Pod Resource Scanner is a read-only Kubernetes monitoring tool that runs as a CronJob. It collects CPU, memory, and disk usage across every namespace and node, writes the results to an append-only CSV, and optionally pushes a formatted dashboard to Google Sheets with scaling recommendations.
Repository: clouddrove/pod-resource-scanner
Supported clusters: EKS, AKS, GKE, and any Kubernetes 1.21+ cluster.
Features​
- Read-only — only lists pods, nodes, namespaces, and workloads; never modifies the cluster
- Append-only CSV — single
all-resources.csvfile with scan timestamps for historical tracking - Scaling recommendations — suggests node additions, consolidations, or limit adjustments based on thresholds
- Week-over-week comparison — tracks namespace resource changes and fires growth alerts
- Google Sheets dashboard — optional export with timestamped run tabs and a live KPI dashboard tab
- Cluster-agnostic — works on any standard Kubernetes distribution
What it collects​
| Category | Data points |
|---|---|
| Pods | Namespace, node, workload type, resource requests/limits, status |
| Nodes | Capacity, allocatable CPU/memory/storage, utilization % |
| Namespaces | Pod/container counts, total requested resources, growth % |
| Recommendations | Scale up, scale down, or adjust limits per node/namespace |
Installation​
Helm (recommended)​
helm install pod-resource-scanner ./chart \
--namespace pod-resource-scanner \
--create-namespace \
--set fullnameOverride=pod-resource-scanner \
--set image.repository=ghcr.io/clouddrove/pod-resource-scanner \
--set image.tag=latest
The chart creates a ClusterRole and ClusterRoleBinding with read-only access to nodes, namespaces, pods, and workloads.
Trigger a manual scan​
kubectl create job \
--from=cronjob/pod-resource-scanner \
manual-$(date +%s) \
-n pod-resource-scanner
kubectl logs -n pod-resource-scanner job/manual-<timestamp> -f
Local development (no cluster required)​
pip install -r requirements.txt
export POD_SCANNER_OUTPUT_DIR=./output
python scanner.py
Configuration​
| Environment variable | Default | Description |
|---|---|---|
POD_SCANNER_OUTPUT_DIR | /output | Directory to write all-resources.csv |
POD_SCANNER_CLUSTER_NAME | (empty) | Label added to each row for multi-cluster setups |
POD_SCANNER_UPDATE_GOOGLE_SHEET | (unset) | Set to true to enable Google Sheets export |
POD_SCANNER_UTIL_SCALE_UP_PCT | 75 | Node utilization % that triggers a scale-up recommendation |
POD_SCANNER_UTIL_SCALE_DOWN_PCT | 25 | Node utilization % that triggers a scale-down recommendation |
POD_SCANNER_GROWTH_ALERT_PCT | 20 | Week-over-week namespace growth % that fires an alert |
POD_SCANNER_LOG_LEVEL | INFO | Logging verbosity (DEBUG, INFO, WARNING) |
Google Sheets export (optional)​
The scanner can write a formatted spreadsheet with one tab per run and a live dashboard tab.
Setup steps​
- Enable the Google Sheets API in your GCP project
- Create a Service Account and download its JSON key
- Create a new Google Sheet and share it with the service account email (Editor)
- Create a Kubernetes secret with the Sheet ID and credentials:
kubectl create secret generic google-sheets-creds \
--from-literal=sheet-id=YOUR_SHEET_ID \
--from-file=credentials.json=./sa-key.json \
-n pod-resource-scanner
- Enable Google Sheets in Helm:
# values.yaml
env:
POD_SCANNER_UPDATE_GOOGLE_SHEET: "true"
googleSheets:
enabled: true
secretName: google-sheets-creds
Testing​
Run the full test suite without a live cluster:
pip install -r requirements.txt
python3 -m pytest tests/ -v
Preview the spreadsheet layout locally:
python scripts/generate_sample_excel.py
Production checklist​
- Use a pinned image tag instead of
:latest - Set
POD_SCANNER_CLUSTER_NAMEif running across multiple clusters - Adjust
UTIL_SCALE_UP_PCTandUTIL_SCALE_DOWN_PCTto match your team's thresholds - Monitor CronJob success status and the freshness of
all-resources.csv - Rotate service account credentials regularly if using Google Sheets