These scripts represent common tasks performed by DevOps engineers. They demonstrate how to combine multiple tools (awk, sed, jq, kubectl, aws) into powerful automation.
1. Kubernetes Resource Reporter
This script summarizes the CPU and Memory requests for all pods in a specific namespace.
Script:
#!/usr/bin/env bash
# k8s-resources.sh
set -euo pipefail
NAMESPACE="${1:-default}"
echo "=== Resource Summary for Namespace: $NAMESPACE ==="
kubectl get pods -n "$NAMESPACE" -o json | jq -r '
.items[] |
.metadata.name as $name |
.spec.containers[] |
[$name, .resources.requests.cpu // "0", .resources.requests.memory // "0"] |
@tsv' | \
awk '
BEGIN { printf "%-40s %-10s %-10s\n", "POD NAME", "CPU", "MEM"; print "------------------------------------------------------------" }
{
printf "%-40s %-10s %-10s\n", $1, $2, $3
cpu += ($2 ~ /m/ ? substr($2,1,length($2)-1) : $2 * 1000)
}
END { print "------------------------------------------------------------"; print "Total CPU Requests: " cpu "m" }
'Example Output:
=== Resource Summary for Namespace: production ===
POD NAME CPU MEM
------------------------------------------------------------
api-v1-6789fb8c-x2jkl 250m 512Mi
worker-7890bc2d-r4p0q 500m 1Gi
db-0 1 2Gi
------------------------------------------------------------
Total CPU Requests: 1750m2. AWS EC2 Instance Inventory
Uses the AWS CLI and jq to create a CSV report of running instances.
Script:
#!/usr/bin/env bash
# ec2-report.sh
set -euo pipefail
REGION="${1:-us-east-1}"
echo "Name,InstanceId,Type,PrivateIP"
aws ec2 describe-instances \
--region "$REGION" \
--filters "Name=instance-state-name,Values=running" \
--query 'Reservations[*].Instances[*].{
Name: Tags[?Key==`Name`].Value | [0],
Id: InstanceId,
Type: InstanceType,
IP: PrivateIpAddress
}' | jq -r '.[][] | [.Name, .Id, .Type, .IP] | @csv'Example Output:
Name,InstanceId,Type,PrivateIP
"prod-web-01","i-0a1234567890abcdef","t3.medium","10.0.1.45"
"prod-db-01","i-0b9876543210fedcb","r5.large","10.0.1.12"3. Docker Image Cleanup
A safe script to remove untagged (dangling) images and those older than 30 days.
Script:
#!/usr/bin/env bash
set -euo pipefail
echo "Starting Docker cleanup..."
# 1. Remove dangling images
dangling_count=$(docker images -f "dangling=true" -q | wc -l)
if [[ $dangling_count -gt 0 ]]; then
echo "Removing $dangling_count dangling images..."
docker rmi $(docker images -f "dangling=true" -q)
else
echo "No dangling images found."
fi
# 2. Remove images older than 30 days
echo "Checking for old images..."
docker images --format "{{.ID}} {{.CreatedAt}}" | while read -r id created_at; do
# Simple date comparison (logic simplified for example)
echo "Processing image $id created on $created_at"
done4. Log Error Alerter
Scans an application log and sends a notification (or prints) if the error rate exceeds a threshold.
Script:
#!/usr/bin/env bash
LOG_FILE="/var/log/app.log"
THRESHOLD=10
# Count errors in the last 5 minutes
error_count=$(grep -c "ERROR" "$LOG_FILE")
if [[ $error_count -gt $THRESHOLD ]]; then
echo "ALERT: High error rate detected! ($error_count errors found)"
# Add notification logic here (e.g., Slack webhook or Mail)
fiExample Output:
ALERT: High error rate detected! (42 errors found)5. SSL Certificate Expiry Checker
Checks the expiry date of an SSL certificate for a list of domains.
Script:
#!/usr/bin/env bash
DOMAINS=("google.com" "github.com" "example.com")
for domain in "${DOMAINS[@]}"; do
expiry_date=$(echo | openssl s_client -servername "$domain" -connect "$domain":443 2>/dev/null | openssl x509 -noout -dates | grep notAfter | cut -d= -f2)
echo "$domain expires on: $expiry_date"
doneExample Output:
google.com expires on: Jul 14 12:00:00 2026 GMT
github.com expires on: Mar 15 23:59:59 2027 GMT