heptio scanner 是一款k8s 集群状态的诊断工具,还是很方便的,但是有一点就是需要使用google 的镜像

参考地址

https://scanner.heptio.com/

部署

  • kubectl 部署说明
kubectl apply -f https://scanner.heptio.com/b5a7e2f93898098672771fb7d5877576/yaml/?rbac=no

yaml 定义文件

  • RBAC 模式
---

apiVersion: v1

kind: Namespace

metadata:

  name: heptio-sonobuoy

---

apiVersion: v1

kind: ServiceAccount

metadata:

  labels:

    component: sonobuoy

  name: sonobuoy-serviceaccount

  namespace: heptio-sonobuoy

---

apiVersion: rbac.authorization.k8s.io/v1

kind: ClusterRoleBinding

metadata:

  labels:

    component: sonobuoy

  name: sonobuoy-serviceaccount-heptio-sonobuoy

roleRef:

  apiGroup: rbac.authorization.k8s.io

  kind: ClusterRole

  name: sonobuoy-serviceaccount

subjects:

- kind: ServiceAccount

  name: sonobuoy-serviceaccount

  namespace: heptio-sonobuoy

---

apiVersion: rbac.authorization.k8s.io/v1

kind: ClusterRole

metadata:

  labels:

    component: sonobuoy

  name: sonobuoy-serviceaccount

rules:

- apiGroups:

  - '*'

  resources:

  - '*'

  verbs:

  - '*'

---

apiVersion: v1

data:

  config.json: |

    {

      "Description": "sonobuoy run for scanner.heptio.com",

      "Version": "v0.11.4",

      "ResultsDir": "/tmp/sonobuoy",

      "Resources": [

        "Nodes",

        "ServerVersion"

      ],

      "Filters": {

        "Namespaces": ".*",

        "LabelSelector": ""

      },

      "Server": {

        "bindaddress":"0.0.0.0",

        "bindport":8080,

        "advertiseaddress":"",

        "timeoutseconds":8000

      },

      "Plugins": [

        {

          "name":"e2e"

        }

      ],

      "WorkerImage":"gcr.io/heptio-images/sonobuoy:latest",

      "ImagePullPolicy":"Always"

    }

kind: ConfigMap

metadata:

  labels:

    component: sonobuoy

  name: sonobuoy-config-cm

  namespace: heptio-sonobuoy

---

apiVersion: v1

data:

  e2e.yaml: |

    sonobuoy-config:

      driver: Job

      plugin-name: e2e

      result-type: e2e

    spec:

      env:

      - name: E2E_FOCUS

        value: '\[Conformance\]'

      command: ["/run_e2e.sh"]

      image: gcr.io/heptio-images/kube-conformance:latest

      imagePullPolicy: Always

      name: e2e

      volumeMounts:

      - mountPath: /tmp/results

        name: results

        readOnly: false

kind: ConfigMap

metadata:

  labels:

    component: sonobuoy

  name: sonobuoy-plugins-cm

  namespace: heptio-sonobuoy

---

apiVersion: v1

kind: Pod

metadata:

  labels:

    component: sonobuoy

    run: sonobuoy-master

    tier: analysis

  name: sonobuoy

  namespace: heptio-sonobuoy

spec:

  containers:

  - env:

    - name: SONOBUOY_ADVERTISE_IP

      valueFrom:

        fieldRef:

          fieldPath: status.podIP

    image: gcr.io/heptio-images/sonobuoy:v0.11.4

    imagePullPolicy: Always

    name: kube-sonobuoy

    volumeMounts:

    - mountPath: /etc/sonobuoy

      name: sonobuoy-config-volume

    - mountPath: /plugins.d

      name: sonobuoy-plugins-volume

    - mountPath: /tmp/sonobuoy

      name: sonobuoy-output

  - env:

    - name: READ_RESULTS_DIR

      value: /tmp/sonobuoy

    - name: WRITE_RESULTS_DIR

      value: /tmp/forwarder

    - name: HEPTIO_TOKEN

      value: "b5a7e2f93898098672771fb7d5877576"

    - name: CLOUD_URL

      value: https://scanner.heptio.com

    image: gcr.io/heptio-images/scanner-forwarder:v0.0.4

    imagePullPolicy: Always

    name: forwarder

    volumeMounts:

    - mountPath: /tmp/sonobuoy

      name: sonobuoy-output

    - mountPath: /tmp/forwarder

      name: forwarder-output

  - env:

    - name: NAMESPACE

      valueFrom:

        fieldRef:

          fieldPath: metadata.namespace

    - name: READ_RESULTS_DIR

      value: /tmp/forwarder

    image: gcr.io/heptio-images/namespace-deleter:v0.0.1

    imagePullPolicy: Always

    name: cleanup

    volumeMounts:

    - mountPath: /tmp/forwarder

      name: forwarder-output

  restartPolicy: Never

  serviceAccountName: sonobuoy-serviceaccount

  volumes:

  - configMap:

      name: sonobuoy-config-cm

    name: sonobuoy-config-volume

  - configMap:

      name: sonobuoy-plugins-cm

    name: sonobuoy-plugins-volume

  - emptyDir: {}

    name: sonobuoy-output

  - emptyDir: {}

    name: forwarder-output

---

apiVersion: v1

kind: Service

metadata:

  labels:

    component: sonobuoy

    run: sonobuoy-master

  name: sonobuoy-master

  namespace: heptio-sonobuoy

spec:

  ports:

  - port: 8080

    protocol: TCP

    targetPort: 8080

  selector:

    run: sonobuoy-master

  type: ClusterIP
  • 非 RBAC模式
---

apiVersion: v1

kind: Namespace

metadata:

  name: heptio-sonobuoy

---

apiVersion: v1

kind: ServiceAccount

metadata:

  labels:

    component: sonobuoy

  name: sonobuoy-serviceaccount

  namespace: heptio-sonobuoy

---

apiVersion: v1

data:

  config.json: |

    {

      "Description": "sonobuoy run for scanner.heptio.com",

      "Version": "v0.11.4",

      "ResultsDir": "/tmp/sonobuoy",

      "Resources": [

        "Nodes",

        "ServerVersion"

      ],

      "Filters": {

        "Namespaces": ".*",

        "LabelSelector": ""

      },

      "Server": {

        "bindaddress":"0.0.0.0",

        "bindport":8080,

        "advertiseaddress":"",

        "timeoutseconds":8000

      },

      "Plugins": [

        {

          "name":"e2e"

        }

      ],

      "WorkerImage":"gcr.io/heptio-images/sonobuoy:latest",

      "ImagePullPolicy":"Always"

    }

kind: ConfigMap

metadata:

  labels:

    component: sonobuoy

  name: sonobuoy-config-cm

  namespace: heptio-sonobuoy

---

apiVersion: v1

data:

  e2e.yaml: |

    sonobuoy-config:

      driver: Job

      plugin-name: e2e

      result-type: e2e

    spec:

      env:

      - name: E2E_FOCUS

        value: '\[Conformance\]'

      command: ["/run_e2e.sh"]

      image: gcr.io/heptio-images/kube-conformance:latest

      imagePullPolicy: Always

      name: e2e

      volumeMounts:

      - mountPath: /tmp/results

        name: results

        readOnly: false

kind: ConfigMap

metadata:

  labels:

    component: sonobuoy

  name: sonobuoy-plugins-cm

  namespace: heptio-sonobuoy

---

apiVersion: v1

kind: Pod

metadata:

  labels:

    component: sonobuoy

    run: sonobuoy-master

    tier: analysis

  name: sonobuoy

  namespace: heptio-sonobuoy

spec:

  containers:

  - env:

    - name: SONOBUOY_ADVERTISE_IP

      valueFrom:

        fieldRef:

          fieldPath: status.podIP

    image: gcr.io/heptio-images/sonobuoy:v0.11.4

    imagePullPolicy: Always

    name: kube-sonobuoy

    volumeMounts:

    - mountPath: /etc/sonobuoy

      name: sonobuoy-config-volume

    - mountPath: /plugins.d

      name: sonobuoy-plugins-volume

    - mountPath: /tmp/sonobuoy

      name: sonobuoy-output

  - env:

    - name: READ_RESULTS_DIR

      value: /tmp/sonobuoy

    - name: WRITE_RESULTS_DIR

      value: /tmp/forwarder

    - name: HEPTIO_TOKEN

      value: "b5a7e2f93898098672771fb7d5877576"

    - name: CLOUD_URL

      value: https://scanner.heptio.com

    image: gcr.io/heptio-images/scanner-forwarder:v0.0.4

    imagePullPolicy: Always

    name: forwarder

    volumeMounts:

    - mountPath: /tmp/sonobuoy

      name: sonobuoy-output

    - mountPath: /tmp/forwarder

      name: forwarder-output

  - env:

    - name: NAMESPACE

      valueFrom:

        fieldRef:

          fieldPath: metadata.namespace

    - name: READ_RESULTS_DIR

      value: /tmp/forwarder

    image: gcr.io/heptio-images/namespace-deleter:v0.0.1

    imagePullPolicy: Always

    name: cleanup

    volumeMounts:

    - mountPath: /tmp/forwarder

      name: forwarder-output

  restartPolicy: Never

  serviceAccountName: sonobuoy-serviceaccount

  volumes:

  - configMap:

      name: sonobuoy-config-cm

    name: sonobuoy-config-volume

  - configMap:

      name: sonobuoy-plugins-cm

    name: sonobuoy-plugins-volume

  - emptyDir: {}

    name: sonobuoy-output

  - emptyDir: {}

    name: forwarder-output

---

apiVersion: v1

kind: Service

metadata:

  labels:

    component: sonobuoy

    run: sonobuoy-master

  name: sonobuoy-master

  namespace: heptio-sonobuoy

spec:

  ports:

  - port: 8080

    protocol: TCP

    targetPort: 8080

  selector:

    run: sonobuoy-master

  type: ClusterIP
  • 等待诊断结果界面

说明

部署是通过可视化界面,查看诊断结果的,提供的token 就是标识对应的k8s集群,同时运行过程中有点慢

参考资料

https://github.com/heptio/sonobuoy
https://scanner.heptio.com/

 
 
 
 

heptio scanner kubernetes 集群诊断工具部署说明的更多相关文章

  1. kubernetes 集群的安装部署

    本文来自我的github pages博客http://galengao.github.io/ 即www.gaohuirong.cn 摘要: 首先kubernetes得官方文档我自己看着很乱,信息很少, ...

  2. Kubernetes集群管理工具kubectl命令技巧大全

    一. kubectl概述 Kubectl是用于控制Kubernetes集群的命令行工具,通过kubectl能够对集群本身进行管理,并能够在集群上进行容器化应用的安装部署. kubectl命令的语法如下 ...

  3. Kubernetes集群的安装部署

    此文参照https://www.cnblogs.com/zhenyuyaodidiao/p/6500830.html,并根据实操过程略作修改. 1.环境介绍及准备: 1.1 物理机操作系统 物理机操作 ...

  4. K8S从入门到放弃系列-(16)Kubernetes集群Prometheus-operator监控部署

    Prometheus Operator不同于Prometheus,Prometheus Operator是 CoreOS 开源的一套用于管理在 Kubernetes 集群上的 Prometheus 控 ...

  5. kube-liveboard: kubernetes集群可视化工具

    kube-liveboard 随着kubernetes 集群的增大,对于集群数据选取恰当的形式进行展示有助于直观反映集群的状态,方便发现集群的短板,了解集群的瓶颈.因此,笔者做了kube-livebo ...

  6. K8S从入门到放弃系列-(11)kubernetes集群网络Calico部署

    摘要: 前面几个篇幅,已经介绍master与node节点集群组件部署,由于K8S本身不支持网络,当 node 全部启动后,由于网络组件(CNI)未安装会显示为 NotReady 状态,需要借助第三方网 ...

  7. K8S从入门到放弃系列-(9)kubernetes集群之kubelet部署

    摘要: Kubelet组件运行在Node节点上,维持运行中的Pods以及提供kuberntes运行时环境,主要完成以下使命: 1.监视分配给该Node节点的pods 2.挂载pod所需要的volume ...

  8. K8S从入门到放弃系列-(5)kubernetes集群之kube-apiserver部署

    摘要: 1.kube-apiserver为是整个k8s集群中的数据总线和数据中心,提供了对集群的增删改查及watch等HTTP Rest接口 2.kube-apiserver是无状态的,虽然客户端如k ...

  9. Ubuntu下搭建Kubernetes集群(3)--k8s部署

    1. 关闭swap并关闭防火墙 首先,我们需要先关闭swap和防火墙,否则在安装Kubernetes时会导致不成功: # 临时关闭 swapoff -a # 编辑/etc/fstab,注释掉包含swa ...

随机推荐

  1. selenium登录界面,创建表单并填写提交

    #! python3 # -*- coding:utf8 -*- # https://selenium-python.readthedocs.io/api.html#selenium.webdrive ...

  2. 网页的MVC模式简介

    #! /usr/bin/env python3 # -*- coding:utf-8 -*- #MVC:Model-View-Controller 模型-视图-控制器 #Python处理URL的函数就 ...

  3. Oracle创建database link(dblink)和同义词(synonym)

    同一个数据库不同用户之间建立dblink和synonym 1.建立dblink 实现在A用户下通过dblink访问B用户下的数据库表,需要在A用户下创建访问B库的dblink连接 --创建远程连接db ...

  4. 4.Python爬虫入门四之Urllib库的高级用法

    1.设置Headers 有些网站不会同意程序直接用上面的方式进行访问,如果识别有问题,那么站点根本不会响应,所以为了完全模拟浏览器的工作,我们需要设置一些Headers 的属性. 首先,打开我们的浏览 ...

  5. <Redis Advance><Pipelining><Memory Optimization><Expire><Transactions>

    Overview About Redis pipelining About Redis memory optimization About Redis expire About Redis trans ...

  6. git 实现提交远程分支步骤

    git clone git branch [分支名] 创建分支 git branch 查看本地所有分支 git checkout [分支名称] 切换分支 ---写代码--- git status (查 ...

  7. Java学习笔记13(equals()方法;toString()方法)

    equals()方法: equals方法是Object类中的方法:Object是所有类的祖宗,所以所有类都有equals()方法: boolean equals(Object obj); equals ...

  8. python day05--字典

    一.字典结构 {key:valu} 注意: key必须是不可变(可哈希)的. value没有要求.可以保存任意类型的数据. dic = {123: 456, True: 999, "id&q ...

  9. 微信公众号开发遇到simplexml_load_string 未定义

    1.Go to /etc/php/7.0/fpm and edit php.ini 取消注释:     extension=php_xmlrpc.dll 2. sudo apt-get update ...

  10. Java 继承extends、关键字super和this、多态、动态绑定

    Manager 经理  extends Employee 雇员 "is-a"(是)关系是继承的一个明显特征.每个经理都是一名雇员. 从术语的角度讲,Manager是子类,Emplo ...