Migrating your websites and services to run on Arm infrastructure can bring benefits in cost savings and performance improvements. The first phase in migrating to Arm is to determine whether the container images in the Kubernetes cluster have support for the Arm architecture. It can be a manual and time consuming task to check compatibility. To make it easier we have developed the kubearchinspect tool which automates this process.
The tool runs on a local client against the cluster to check the metadata of your images for Arm architecture support. If the current version of the image lacks support, it will also check newer versions for compatibility so that you can easily upgrade.
This is Open Source Software and we appreciate contributions and feedback, please see the Contribution Guidelines for more information.
Pre-built binaries are available from the releases page, alternatively see the Development Guide for building locally.
This tool includes built-in kubectl and container registry support using the containers/image library. You do not need the kubectl, docker, podman, or skopeo CLI tools installed β only their configuration files.
Kubeconfig (~/.kube/config or set via the --kube-config-path flag)
Required to connect to the target Kubernetes cluster.
Example: For AWS EKS clusters, configure access with:
aws eks update-kubeconfig --region <region> --name <cluster_name>If multiple clusters are configured in the kubeconfig, the tool will use the default context unless specified using --kube-context flag.
kubearchinspect [command] [flags]-
images: Check which images in your cluster support arm64Flag Description -c,--kube-config-path stringPath to your Kube config file. (Default: ~/.kube/config)--kube-context stringThe Kubernetes context to be used. (Default: Current context in the config) -
version: Check the version of KubeArchInspect you are running -
completion: Generate the autocompletion script for the specified shell -
help: Help about any command
| Flag | Description |
|---|---|
-d, --debug |
Enable debug mode |
-l, --log string |
Enable logging |
Output from a small cluster in EKS:
% kubearchinspect images
Legend:
-------
β
- arm64 node compatible
π - arm64 node compatible (after update)
β - not arm64 node compatible
π« - error occurred
------------------------------------------------------------------------------------------------
π« 602401143452.dkr.ecr.eu-west-1.amazonaws.com/eks/csi-snapshotter:v6.3.2-eks-1-28-11 Authentication Error. The private image could not be queried, check the docker credentials are present and correct.
π« 602401143452.dkr.ecr.eu-west-1.amazonaws.com/eks/kube-proxy:v1.25.16-minimal-eksbuild.1 Authentication Error. The private image could not be queried, check the docker credentials are present and correct.
π« 602401143452.dkr.ecr.eu-west-1.amazonaws.com/eks/livenessprobe:v2.11.0-eks-1-28-11 Authentication Error. The private image could not be queried, check the docker credentials are present and correct.
β
amazon/aws-for-fluent-bit:2.10.0
β
amazon/cloudwatch-agent:1.247350.0b251780
β
busybox:1.31.1
β
curlimages/curl:7.85.0
β
docker.io/alpine:3.13
β
docker.io/bitnami/external-dns:0.14.0-debian-11-r2
π docker.io/bitnami/metrics-server:0.6.2-debian-11-r20
π« secret.repo.arm.com/jcaap:3.7 Image not found. Some pods like `jcap-replica-pod-2` are using an image that no longer exists.
β
mirrors--internal.aws.arm.com/grafana/grafana:9.3.8
β
mirrors--internal.aws.arm.com/banzaicloud/vault-secrets-webhook:1.18.0
π quay.io/argoproj/argocd:v2.0.5
β
quay.io/kiwigrid/k8s-sidecar:1.22.0
β
quay.io/prometheus-operator/prometheus-config-reloader:v0.63.0
β
quay.io/prometheus-operator/prometheus-operator:v0.63.0
β
quay.io/prometheus/alertmanager:v0.25.0
β
quay.io/prometheus/blackbox-exporter:v0.24.0
β
quay.io/prometheus/node-exporter:v1.5.0
β
quay.io/prometheus/prometheus:v2.42.0
β
redis:6.2.4-alpine
β
registry.k8s.io/autoscaling/cluster-autoscaler:v1.25.3
β
registry.k8s.io/kube-state-metrics/kube-state-metrics:v2.8.1If there is an error whilst checking an image, the tool will display the π« symbol and give a short description of the error at the end of the line. The current common errors are:
- Authentication Error. The private image could not be queried, check the docker credentials are present and correct.
- Communication error. Unable to communication with the registry, please ensure the registry host is available.
- Image not found. One or more pods are using an image that no longer exists.
- Unknown error, run in debug mode using the flag
-dfor more info
Registry credentials (~/.docker/config.json or $XDG_RUNTIME_DIR/containers/auth.json)
Required only for accessing private container registries.
Many organisations and teams use private registries to store their container images for security, compliance, or version control. These images are not publicly accessible and require authentication.
The tool relies on containers/image, which uses the same credential configuration as:
Any of these commands will populate or update the config file, which includes the necessary authentication tokens or credential store references.
Tip: You can use any of the above tools to authenticate. For example:
podman login <registry>Credential helpers defined in the config file (such as credHelpers or credsStore) are also supported.
For release notes and a history of changes of all releases, please see the following:
The follow described the major aspects of the project structure:
cmd/- Application command logic.internal/- Go project source files.changes/- Collection of news files for unreleased changes.
- For a list of known issues and possible workarounds, please see Known Issues.
- To raise a defect or enhancement please use GitHub Issues.
- We are committed to fostering a welcoming community, please see our Code of Conduct for more information.
- For ways to contribute to the project, please see the Contributions Guidelines
- For a technical introduction into developing this package, please see the Development Guide