A comprehensive monitoring and management tool for OpenShift/Kubernetes clusters using TrueNAS Scale storage via democratic-csi.
This tool analyzes and monitors the integration between OpenShift, TrueNAS Scale, and democratic-csi to identify configuration issues, orphaned resources, and ensure best practices.
- Orphaned Resource Detection - Identify PVs, volumes, and snapshots without corresponding resources
- Snapshot Management - Track snapshot growth, retention, and storage consumption
- Configuration Validation - Verify StorageClass, CSI driver, and RBAC configurations
- Storage Analytics - Monitor thin provisioning efficiency and capacity trends
- Security-First Design - Zero-trust architecture with comprehensive audit logging
- Idempotent Operations - All operations are safe to retry
The tool uses a hybrid Go/Python architecture:
- Go Components - Performance-critical monitoring, API server, and controller
- Python Components - CLI tool, analysis engine, and integrations
- Kubernetes/OpenShift cluster with democratic-csi
- TrueNAS Scale with API access
- Go 1.21+ (for development)
- Python 3.10+ (for CLI)
pip install truenas-storage-monitor# Deploy monitoring stack
helm install truenas-monitor ./charts/truenas-monitor \
--namespace storage-monitoring \
--create-namespace# Check for orphaned resources
truenas-monitor orphans
# Analyze storage usage
truenas-monitor analyze --trend 30d
# Generate HTML report
truenas-monitor report --output report.html
# Validate configuration
truenas-monitor validateCreate a config.yaml file:
openshift:
kubeconfig: ~/.kube/config
namespace: democratic-csi
truenas:
url: https://truenas.example.com
username: admin
password: ${TRUENAS_PASSWORD} # Use environment variable
monitoring:
orphan_threshold: 24h
snapshot_retention: 30d
alerts:
slack:
webhook: ${SLACK_WEBHOOK}This project follows strict TDD practices:
# Run unit tests
make test-unit
# Run all tests with coverage
make test-all
# Run in watch mode
make test-watch# Build all components
make build-all
# Build containers
make docker-build-all- Architecture - System design and components
- PRD - Product requirements and roadmap
- CLAUDE.md - Development guidelines
- API Reference
This tool follows security best practices:
- Zero-trust architecture
- Minimal RBAC permissions
- No credentials in logs
- TLS 1.3+ for all connections
- Regular security scans via GitHub Actions
We welcome contributions! Please see our Contributing Guide for details.
- Fork the repository
- Create a feature branch (
git checkout -b feature/amazing-feature) - Write tests first (TDD)
- Commit your changes (
git commit -s -m 'Add amazing feature') - Push to the branch (
git push origin feature/amazing-feature) - Open a Pull Request
This project is licensed under the Apache License 2.0 - see the LICENSE file for details.
- Issues: GitHub Issues
- Discussions: GitHub Discussions
- Security: See SECURITY.md
See our Product Requirements Document for the complete roadmap. Key upcoming features:
- Grafana integration
- Auto-remediation framework
- ML-based storage predictions
- Multi-cluster support
- OpenShift/Kubernetes community
- TrueNAS Scale team
- democratic-csi project