heptio scanner 是一款k8s 集群状态的诊断工具,还是很方便的,但是有一点就是需要使用google 的镜像

参考地址

https://scanner.heptio.com/

部署

  • kubectl 部署说明
kubectl apply -f https://scanner.heptio.com/b5a7e2f93898098672771fb7d5877576/yaml/?rbac=no

yaml 定义文件

  • RBAC 模式
---

apiVersion: v1

kind: Namespace

metadata:

  name: heptio-sonobuoy

---

apiVersion: v1

kind: ServiceAccount

metadata:

  labels:

    component: sonobuoy

  name: sonobuoy-serviceaccount

  namespace: heptio-sonobuoy

---

apiVersion: rbac.authorization.k8s.io/v1

kind: ClusterRoleBinding

metadata:

  labels:

    component: sonobuoy

  name: sonobuoy-serviceaccount-heptio-sonobuoy

roleRef:

  apiGroup: rbac.authorization.k8s.io

  kind: ClusterRole

  name: sonobuoy-serviceaccount

subjects:

- kind: ServiceAccount

  name: sonobuoy-serviceaccount

  namespace: heptio-sonobuoy

---

apiVersion: rbac.authorization.k8s.io/v1

kind: ClusterRole

metadata:

  labels:

    component: sonobuoy

  name: sonobuoy-serviceaccount

rules:

- apiGroups:

  - '*'

  resources:

  - '*'

  verbs:

  - '*'

---

apiVersion: v1

data:

  config.json: |

    {

      "Description": "sonobuoy run for scanner.heptio.com",

      "Version": "v0.11.4",

      "ResultsDir": "/tmp/sonobuoy",

      "Resources": [

        "Nodes",

        "ServerVersion"

      ],

      "Filters": {

        "Namespaces": ".*",

        "LabelSelector": ""

      },

      "Server": {

        "bindaddress":"0.0.0.0",

        "bindport":8080,

        "advertiseaddress":"",

        "timeoutseconds":8000

      },

      "Plugins": [

        {

          "name":"e2e"

        }

      ],

      "WorkerImage":"gcr.io/heptio-images/sonobuoy:latest",

      "ImagePullPolicy":"Always"

    }

kind: ConfigMap

metadata:

  labels:

    component: sonobuoy

  name: sonobuoy-config-cm

  namespace: heptio-sonobuoy

---

apiVersion: v1

data:

  e2e.yaml: |

    sonobuoy-config:

      driver: Job

      plugin-name: e2e

      result-type: e2e

    spec:

      env:

      - name: E2E_FOCUS

        value: '\[Conformance\]'

      command: ["/run_e2e.sh"]

      image: gcr.io/heptio-images/kube-conformance:latest

      imagePullPolicy: Always

      name: e2e

      volumeMounts:

      - mountPath: /tmp/results

        name: results

        readOnly: false

kind: ConfigMap

metadata:

  labels:

    component: sonobuoy

  name: sonobuoy-plugins-cm

  namespace: heptio-sonobuoy

---

apiVersion: v1

kind: Pod

metadata:

  labels:

    component: sonobuoy

    run: sonobuoy-master

    tier: analysis

  name: sonobuoy

  namespace: heptio-sonobuoy

spec:

  containers:

  - env:

    - name: SONOBUOY_ADVERTISE_IP

      valueFrom:

        fieldRef:

          fieldPath: status.podIP

    image: gcr.io/heptio-images/sonobuoy:v0.11.4

    imagePullPolicy: Always

    name: kube-sonobuoy

    volumeMounts:

    - mountPath: /etc/sonobuoy

      name: sonobuoy-config-volume

    - mountPath: /plugins.d

      name: sonobuoy-plugins-volume

    - mountPath: /tmp/sonobuoy

      name: sonobuoy-output

  - env:

    - name: READ_RESULTS_DIR

      value: /tmp/sonobuoy

    - name: WRITE_RESULTS_DIR

      value: /tmp/forwarder

    - name: HEPTIO_TOKEN

      value: "b5a7e2f93898098672771fb7d5877576"

    - name: CLOUD_URL

      value: https://scanner.heptio.com

    image: gcr.io/heptio-images/scanner-forwarder:v0.0.4

    imagePullPolicy: Always

    name: forwarder

    volumeMounts:

    - mountPath: /tmp/sonobuoy

      name: sonobuoy-output

    - mountPath: /tmp/forwarder

      name: forwarder-output

  - env:

    - name: NAMESPACE

      valueFrom:

        fieldRef:

          fieldPath: metadata.namespace

    - name: READ_RESULTS_DIR

      value: /tmp/forwarder

    image: gcr.io/heptio-images/namespace-deleter:v0.0.1

    imagePullPolicy: Always

    name: cleanup

    volumeMounts:

    - mountPath: /tmp/forwarder

      name: forwarder-output

  restartPolicy: Never

  serviceAccountName: sonobuoy-serviceaccount

  volumes:

  - configMap:

      name: sonobuoy-config-cm

    name: sonobuoy-config-volume

  - configMap:

      name: sonobuoy-plugins-cm

    name: sonobuoy-plugins-volume

  - emptyDir: {}

    name: sonobuoy-output

  - emptyDir: {}

    name: forwarder-output

---

apiVersion: v1

kind: Service

metadata:

  labels:

    component: sonobuoy

    run: sonobuoy-master

  name: sonobuoy-master

  namespace: heptio-sonobuoy

spec:

  ports:

  - port: 8080

    protocol: TCP

    targetPort: 8080

  selector:

    run: sonobuoy-master

  type: ClusterIP
  • 非 RBAC模式
---

apiVersion: v1

kind: Namespace

metadata:

  name: heptio-sonobuoy

---

apiVersion: v1

kind: ServiceAccount

metadata:

  labels:

    component: sonobuoy

  name: sonobuoy-serviceaccount

  namespace: heptio-sonobuoy

---

apiVersion: v1

data:

  config.json: |

    {

      "Description": "sonobuoy run for scanner.heptio.com",

      "Version": "v0.11.4",

      "ResultsDir": "/tmp/sonobuoy",

      "Resources": [

        "Nodes",

        "ServerVersion"

      ],

      "Filters": {

        "Namespaces": ".*",

        "LabelSelector": ""

      },

      "Server": {

        "bindaddress":"0.0.0.0",

        "bindport":8080,

        "advertiseaddress":"",

        "timeoutseconds":8000

      },

      "Plugins": [

        {

          "name":"e2e"

        }

      ],

      "WorkerImage":"gcr.io/heptio-images/sonobuoy:latest",

      "ImagePullPolicy":"Always"

    }

kind: ConfigMap

metadata:

  labels:

    component: sonobuoy

  name: sonobuoy-config-cm

  namespace: heptio-sonobuoy

---

apiVersion: v1

data:

  e2e.yaml: |

    sonobuoy-config:

      driver: Job

      plugin-name: e2e

      result-type: e2e

    spec:

      env:

      - name: E2E_FOCUS

        value: '\[Conformance\]'

      command: ["/run_e2e.sh"]

      image: gcr.io/heptio-images/kube-conformance:latest

      imagePullPolicy: Always

      name: e2e

      volumeMounts:

      - mountPath: /tmp/results

        name: results

        readOnly: false

kind: ConfigMap

metadata:

  labels:

    component: sonobuoy

  name: sonobuoy-plugins-cm

  namespace: heptio-sonobuoy

---

apiVersion: v1

kind: Pod

metadata:

  labels:

    component: sonobuoy

    run: sonobuoy-master

    tier: analysis

  name: sonobuoy

  namespace: heptio-sonobuoy

spec:

  containers:

  - env:

    - name: SONOBUOY_ADVERTISE_IP

      valueFrom:

        fieldRef:

          fieldPath: status.podIP

    image: gcr.io/heptio-images/sonobuoy:v0.11.4

    imagePullPolicy: Always

    name: kube-sonobuoy

    volumeMounts:

    - mountPath: /etc/sonobuoy

      name: sonobuoy-config-volume

    - mountPath: /plugins.d

      name: sonobuoy-plugins-volume

    - mountPath: /tmp/sonobuoy

      name: sonobuoy-output

  - env:

    - name: READ_RESULTS_DIR

      value: /tmp/sonobuoy

    - name: WRITE_RESULTS_DIR

      value: /tmp/forwarder

    - name: HEPTIO_TOKEN

      value: "b5a7e2f93898098672771fb7d5877576"

    - name: CLOUD_URL

      value: https://scanner.heptio.com

    image: gcr.io/heptio-images/scanner-forwarder:v0.0.4

    imagePullPolicy: Always

    name: forwarder

    volumeMounts:

    - mountPath: /tmp/sonobuoy

      name: sonobuoy-output

    - mountPath: /tmp/forwarder

      name: forwarder-output

  - env:

    - name: NAMESPACE

      valueFrom:

        fieldRef:

          fieldPath: metadata.namespace

    - name: READ_RESULTS_DIR

      value: /tmp/forwarder

    image: gcr.io/heptio-images/namespace-deleter:v0.0.1

    imagePullPolicy: Always

    name: cleanup

    volumeMounts:

    - mountPath: /tmp/forwarder

      name: forwarder-output

  restartPolicy: Never

  serviceAccountName: sonobuoy-serviceaccount

  volumes:

  - configMap:

      name: sonobuoy-config-cm

    name: sonobuoy-config-volume

  - configMap:

      name: sonobuoy-plugins-cm

    name: sonobuoy-plugins-volume

  - emptyDir: {}

    name: sonobuoy-output

  - emptyDir: {}

    name: forwarder-output

---

apiVersion: v1

kind: Service

metadata:

  labels:

    component: sonobuoy

    run: sonobuoy-master

  name: sonobuoy-master

  namespace: heptio-sonobuoy

spec:

  ports:

  - port: 8080

    protocol: TCP

    targetPort: 8080

  selector:

    run: sonobuoy-master

  type: ClusterIP
  • 等待诊断结果界面

说明

部署是通过可视化界面,查看诊断结果的,提供的token 就是标识对应的k8s集群,同时运行过程中有点慢

参考资料

https://github.com/heptio/sonobuoy
https://scanner.heptio.com/

 
 
 
 

heptio scanner kubernetes 集群诊断工具部署说明的更多相关文章

  1. kubernetes 集群的安装部署

    本文来自我的github pages博客http://galengao.github.io/ 即www.gaohuirong.cn 摘要: 首先kubernetes得官方文档我自己看着很乱,信息很少, ...

  2. Kubernetes集群管理工具kubectl命令技巧大全

    一. kubectl概述 Kubectl是用于控制Kubernetes集群的命令行工具,通过kubectl能够对集群本身进行管理,并能够在集群上进行容器化应用的安装部署. kubectl命令的语法如下 ...

  3. Kubernetes集群的安装部署

    此文参照https://www.cnblogs.com/zhenyuyaodidiao/p/6500830.html,并根据实操过程略作修改. 1.环境介绍及准备: 1.1 物理机操作系统 物理机操作 ...

  4. K8S从入门到放弃系列-(16)Kubernetes集群Prometheus-operator监控部署

    Prometheus Operator不同于Prometheus,Prometheus Operator是 CoreOS 开源的一套用于管理在 Kubernetes 集群上的 Prometheus 控 ...

  5. kube-liveboard: kubernetes集群可视化工具

    kube-liveboard 随着kubernetes 集群的增大,对于集群数据选取恰当的形式进行展示有助于直观反映集群的状态,方便发现集群的短板,了解集群的瓶颈.因此,笔者做了kube-livebo ...

  6. K8S从入门到放弃系列-(11)kubernetes集群网络Calico部署

    摘要: 前面几个篇幅,已经介绍master与node节点集群组件部署,由于K8S本身不支持网络,当 node 全部启动后,由于网络组件(CNI)未安装会显示为 NotReady 状态,需要借助第三方网 ...

  7. K8S从入门到放弃系列-(9)kubernetes集群之kubelet部署

    摘要: Kubelet组件运行在Node节点上,维持运行中的Pods以及提供kuberntes运行时环境,主要完成以下使命: 1.监视分配给该Node节点的pods 2.挂载pod所需要的volume ...

  8. K8S从入门到放弃系列-(5)kubernetes集群之kube-apiserver部署

    摘要: 1.kube-apiserver为是整个k8s集群中的数据总线和数据中心,提供了对集群的增删改查及watch等HTTP Rest接口 2.kube-apiserver是无状态的,虽然客户端如k ...

  9. Ubuntu下搭建Kubernetes集群(3)--k8s部署

    1. 关闭swap并关闭防火墙 首先,我们需要先关闭swap和防火墙,否则在安装Kubernetes时会导致不成功: # 临时关闭 swapoff -a # 编辑/etc/fstab,注释掉包含swa ...

随机推荐

  1. VSTO:使用C#开发Excel、Word【5】

    <Visual Studio Tools for Office: Using C# with Excel, Word, Outlook, and InfoPath >——By Eric C ...

  2. 4.3 C++虚成员函数表vtable

    参考:http://www.weixueyuan.net/view/6372.html 总结: 在C++中通过虚成员函数表vtable实现多态,虚函数表中存储的是类中虚函数的入口地址. 使用多态会降低 ...

  3. 几种序列化与get、set方法的关系

    若get开头且第四个字母是大写的方法中有空指针异常时(无论有没有对应属性) 1.阿里巴巴的FastJson会出现空指针异常,证明与get开头的方法有关 2.Google的Gson不会出现异常,因为只和 ...

  4. jmeter中添加压力机

    在压测的时候,可能并发比较大,一台机子已经启动不了那么多并发了,这个时候就是有多台机子一起来并发,就要添加压力机 如何添加压力机呢: 1.其他电脑上也安装了jmeter,和其他电脑都能ping通当前电 ...

  5. wx小程序功能总结

    注:1. 微信默认的宽度为750rpx , 不会变化. 2.bindtap 绑定触摸事件,可冒泡 catchtap 绑定触摸事件,不可冒泡 1.唤出系统菜单 2.上传图片 showSelection( ...

  6. 如何通过创建切片器窗格节省PowerBI报告空间

    许多用户在使用Power BI的过程中,都会有这么一个困扰:在Power BI 开发中,切片器一旦过多就会占用非常多的空间.发生这种情况时,您显示数据的页面也会更加小.但另一方面,如果您没有切片器,报 ...

  7. idea 中新建Servlet

    本文转载自 :itellij idea创建javaWeb以及Servlet简单实现  一.创建并设置javaweb工程 1.创建javaweb工程File --> New --> Proj ...

  8. spark-streaming first insight

    一. Spark Streaming 构建在Spark core API之上,具备可伸缩,高吞吐,可容错的流处理模块. 1)支持多种数据源,如Kafka,Flume,Socket,文件等: Basic ...

  9. Buildroot lmbench使用方法

    /********************************************************************** * Buildroot lmbench使用方法 * 说明 ...

  10. HDU - 2892:area (圆与多边形交 求面积)

    pro:飞行员去轰炸一个小岛,给出炸弹落地点的位置信息,以及轰炸半径:按顺时针或者逆时针给出小岛的边界点. 求被轰炸的小岛面积. sol:即是求圆和多边形的面积交. (只会套板子的我改头换面,先理解然 ...