Illustration for “GROOT 1.0 — stable archives for Kubernetes incidents”

GROOT 1.0 — stable archives for Kubernetes incidents


I have not published a note on this site since the container digest detective story in April. Most of my writing energy went into shipping and hardening open-source toolsGROOT, kzero, and the selfhosted repos that wrap them — rather than long-form posts here.

Today that work crossed a line worth writing down: GROOT v1.0.0.

What 1.0 means

GROOT is a read-only Go CLI for Kubernetes on-call: groot validate (RBAC and disk preflight), groot collect (parallel client-go capture into one .tar.gz), groot inspect (offline review without cluster access). It collects evidence; it does not pretend to diagnose.

Version 1.0.0 is the compatibility boundary: config_version: 1, archive_layout_version: 1, --output json on collect, SFTP known_hosts hardening, and the operator tooling that landed in 0.9.x (kubectl plugin, profiles, stable exit codes).

Read the full article on dev.to

The long-form post — comparison tables vs kubectl-gather and live tools, GROOT + kzero capture-before-reset, migration notes, and honest gaps — lives on DEV Community (canonical):

GROOT 1.0: One Stable Archive for Kubernetes Incidents

Follow-up to the earlier walkthrough: GROOT: One archive for cluster diagnostics.

Thank you for reading — here and on dev.to. If GROOT saves you a round of copy-paste on the next page, star the repo or open an issue with what your team collects that I have not thought of yet.