heptio scanner 是一款k8s 集群状态的诊断工具,还是很方便的,但是有一点就是需要使用google 的镜像

参考地址

https://scanner.heptio.com/

部署

  • kubectl 部署说明
kubectl apply -f https://scanner.heptio.com/b5a7e2f93898098672771fb7d5877576/yaml/?rbac=no

yaml 定义文件

  • RBAC 模式
---

apiVersion: v1

kind: Namespace

metadata:

  name: heptio-sonobuoy

---

apiVersion: v1

kind: ServiceAccount

metadata:

  labels:

    component: sonobuoy

  name: sonobuoy-serviceaccount

  namespace: heptio-sonobuoy

---

apiVersion: rbac.authorization.k8s.io/v1

kind: ClusterRoleBinding

metadata:

  labels:

    component: sonobuoy

  name: sonobuoy-serviceaccount-heptio-sonobuoy

roleRef:

  apiGroup: rbac.authorization.k8s.io

  kind: ClusterRole

  name: sonobuoy-serviceaccount

subjects:

- kind: ServiceAccount

  name: sonobuoy-serviceaccount

  namespace: heptio-sonobuoy

---

apiVersion: rbac.authorization.k8s.io/v1

kind: ClusterRole

metadata:

  labels:

    component: sonobuoy

  name: sonobuoy-serviceaccount

rules:

- apiGroups:

  - '*'

  resources:

  - '*'

  verbs:

  - '*'

---

apiVersion: v1

data:

  config.json: |

    {

      "Description": "sonobuoy run for scanner.heptio.com",

      "Version": "v0.11.4",

      "ResultsDir": "/tmp/sonobuoy",

      "Resources": [

        "Nodes",

        "ServerVersion"

      ],

      "Filters": {

        "Namespaces": ".*",

        "LabelSelector": ""

      },

      "Server": {

        "bindaddress":"0.0.0.0",

        "bindport":8080,

        "advertiseaddress":"",

        "timeoutseconds":8000

      },

      "Plugins": [

        {

          "name":"e2e"

        }

      ],

      "WorkerImage":"gcr.io/heptio-images/sonobuoy:latest",

      "ImagePullPolicy":"Always"

    }

kind: ConfigMap

metadata:

  labels:

    component: sonobuoy

  name: sonobuoy-config-cm

  namespace: heptio-sonobuoy

---

apiVersion: v1

data:

  e2e.yaml: |

    sonobuoy-config:

      driver: Job

      plugin-name: e2e

      result-type: e2e

    spec:

      env:

      - name: E2E_FOCUS

        value: '\[Conformance\]'

      command: ["/run_e2e.sh"]

      image: gcr.io/heptio-images/kube-conformance:latest

      imagePullPolicy: Always

      name: e2e

      volumeMounts:

      - mountPath: /tmp/results

        name: results

        readOnly: false

kind: ConfigMap

metadata:

  labels:

    component: sonobuoy

  name: sonobuoy-plugins-cm

  namespace: heptio-sonobuoy

---

apiVersion: v1

kind: Pod

metadata:

  labels:

    component: sonobuoy

    run: sonobuoy-master

    tier: analysis

  name: sonobuoy

  namespace: heptio-sonobuoy

spec:

  containers:

  - env:

    - name: SONOBUOY_ADVERTISE_IP

      valueFrom:

        fieldRef:

          fieldPath: status.podIP

    image: gcr.io/heptio-images/sonobuoy:v0.11.4

    imagePullPolicy: Always

    name: kube-sonobuoy

    volumeMounts:

    - mountPath: /etc/sonobuoy

      name: sonobuoy-config-volume

    - mountPath: /plugins.d

      name: sonobuoy-plugins-volume

    - mountPath: /tmp/sonobuoy

      name: sonobuoy-output

  - env:

    - name: READ_RESULTS_DIR

      value: /tmp/sonobuoy

    - name: WRITE_RESULTS_DIR

      value: /tmp/forwarder

    - name: HEPTIO_TOKEN

      value: "b5a7e2f93898098672771fb7d5877576"

    - name: CLOUD_URL

      value: https://scanner.heptio.com

    image: gcr.io/heptio-images/scanner-forwarder:v0.0.4

    imagePullPolicy: Always

    name: forwarder

    volumeMounts:

    - mountPath: /tmp/sonobuoy

      name: sonobuoy-output

    - mountPath: /tmp/forwarder

      name: forwarder-output

  - env:

    - name: NAMESPACE

      valueFrom:

        fieldRef:

          fieldPath: metadata.namespace

    - name: READ_RESULTS_DIR

      value: /tmp/forwarder

    image: gcr.io/heptio-images/namespace-deleter:v0.0.1

    imagePullPolicy: Always

    name: cleanup

    volumeMounts:

    - mountPath: /tmp/forwarder

      name: forwarder-output

  restartPolicy: Never

  serviceAccountName: sonobuoy-serviceaccount

  volumes:

  - configMap:

      name: sonobuoy-config-cm

    name: sonobuoy-config-volume

  - configMap:

      name: sonobuoy-plugins-cm

    name: sonobuoy-plugins-volume

  - emptyDir: {}

    name: sonobuoy-output

  - emptyDir: {}

    name: forwarder-output

---

apiVersion: v1

kind: Service

metadata:

  labels:

    component: sonobuoy

    run: sonobuoy-master

  name: sonobuoy-master

  namespace: heptio-sonobuoy

spec:

  ports:

  - port: 8080

    protocol: TCP

    targetPort: 8080

  selector:

    run: sonobuoy-master

  type: ClusterIP
  • 非 RBAC模式
---

apiVersion: v1

kind: Namespace

metadata:

  name: heptio-sonobuoy

---

apiVersion: v1

kind: ServiceAccount

metadata:

  labels:

    component: sonobuoy

  name: sonobuoy-serviceaccount

  namespace: heptio-sonobuoy

---

apiVersion: v1

data:

  config.json: |

    {

      "Description": "sonobuoy run for scanner.heptio.com",

      "Version": "v0.11.4",

      "ResultsDir": "/tmp/sonobuoy",

      "Resources": [

        "Nodes",

        "ServerVersion"

      ],

      "Filters": {

        "Namespaces": ".*",

        "LabelSelector": ""

      },

      "Server": {

        "bindaddress":"0.0.0.0",

        "bindport":8080,

        "advertiseaddress":"",

        "timeoutseconds":8000

      },

      "Plugins": [

        {

          "name":"e2e"

        }

      ],

      "WorkerImage":"gcr.io/heptio-images/sonobuoy:latest",

      "ImagePullPolicy":"Always"

    }

kind: ConfigMap

metadata:

  labels:

    component: sonobuoy

  name: sonobuoy-config-cm

  namespace: heptio-sonobuoy

---

apiVersion: v1

data:

  e2e.yaml: |

    sonobuoy-config:

      driver: Job

      plugin-name: e2e

      result-type: e2e

    spec:

      env:

      - name: E2E_FOCUS

        value: '\[Conformance\]'

      command: ["/run_e2e.sh"]

      image: gcr.io/heptio-images/kube-conformance:latest

      imagePullPolicy: Always

      name: e2e

      volumeMounts:

      - mountPath: /tmp/results

        name: results

        readOnly: false

kind: ConfigMap

metadata:

  labels:

    component: sonobuoy

  name: sonobuoy-plugins-cm

  namespace: heptio-sonobuoy

---

apiVersion: v1

kind: Pod

metadata:

  labels:

    component: sonobuoy

    run: sonobuoy-master

    tier: analysis

  name: sonobuoy

  namespace: heptio-sonobuoy

spec:

  containers:

  - env:

    - name: SONOBUOY_ADVERTISE_IP

      valueFrom:

        fieldRef:

          fieldPath: status.podIP

    image: gcr.io/heptio-images/sonobuoy:v0.11.4

    imagePullPolicy: Always

    name: kube-sonobuoy

    volumeMounts:

    - mountPath: /etc/sonobuoy

      name: sonobuoy-config-volume

    - mountPath: /plugins.d

      name: sonobuoy-plugins-volume

    - mountPath: /tmp/sonobuoy

      name: sonobuoy-output

  - env:

    - name: READ_RESULTS_DIR

      value: /tmp/sonobuoy

    - name: WRITE_RESULTS_DIR

      value: /tmp/forwarder

    - name: HEPTIO_TOKEN

      value: "b5a7e2f93898098672771fb7d5877576"

    - name: CLOUD_URL

      value: https://scanner.heptio.com

    image: gcr.io/heptio-images/scanner-forwarder:v0.0.4

    imagePullPolicy: Always

    name: forwarder

    volumeMounts:

    - mountPath: /tmp/sonobuoy

      name: sonobuoy-output

    - mountPath: /tmp/forwarder

      name: forwarder-output

  - env:

    - name: NAMESPACE

      valueFrom:

        fieldRef:

          fieldPath: metadata.namespace

    - name: READ_RESULTS_DIR

      value: /tmp/forwarder

    image: gcr.io/heptio-images/namespace-deleter:v0.0.1

    imagePullPolicy: Always

    name: cleanup

    volumeMounts:

    - mountPath: /tmp/forwarder

      name: forwarder-output

  restartPolicy: Never

  serviceAccountName: sonobuoy-serviceaccount

  volumes:

  - configMap:

      name: sonobuoy-config-cm

    name: sonobuoy-config-volume

  - configMap:

      name: sonobuoy-plugins-cm

    name: sonobuoy-plugins-volume

  - emptyDir: {}

    name: sonobuoy-output

  - emptyDir: {}

    name: forwarder-output

---

apiVersion: v1

kind: Service

metadata:

  labels:

    component: sonobuoy

    run: sonobuoy-master

  name: sonobuoy-master

  namespace: heptio-sonobuoy

spec:

  ports:

  - port: 8080

    protocol: TCP

    targetPort: 8080

  selector:

    run: sonobuoy-master

  type: ClusterIP
  • 等待诊断结果界面

说明

部署是通过可视化界面,查看诊断结果的,提供的token 就是标识对应的k8s集群,同时运行过程中有点慢

参考资料

https://github.com/heptio/sonobuoy
https://scanner.heptio.com/

 
 
 
 

heptio scanner kubernetes 集群诊断工具部署说明的更多相关文章

  1. kubernetes 集群的安装部署

    本文来自我的github pages博客http://galengao.github.io/ 即www.gaohuirong.cn 摘要: 首先kubernetes得官方文档我自己看着很乱,信息很少, ...

  2. Kubernetes集群管理工具kubectl命令技巧大全

    一. kubectl概述 Kubectl是用于控制Kubernetes集群的命令行工具,通过kubectl能够对集群本身进行管理,并能够在集群上进行容器化应用的安装部署. kubectl命令的语法如下 ...

  3. Kubernetes集群的安装部署

    此文参照https://www.cnblogs.com/zhenyuyaodidiao/p/6500830.html,并根据实操过程略作修改. 1.环境介绍及准备: 1.1 物理机操作系统 物理机操作 ...

  4. K8S从入门到放弃系列-(16)Kubernetes集群Prometheus-operator监控部署

    Prometheus Operator不同于Prometheus,Prometheus Operator是 CoreOS 开源的一套用于管理在 Kubernetes 集群上的 Prometheus 控 ...

  5. kube-liveboard: kubernetes集群可视化工具

    kube-liveboard 随着kubernetes 集群的增大,对于集群数据选取恰当的形式进行展示有助于直观反映集群的状态,方便发现集群的短板,了解集群的瓶颈.因此,笔者做了kube-livebo ...

  6. K8S从入门到放弃系列-(11)kubernetes集群网络Calico部署

    摘要: 前面几个篇幅,已经介绍master与node节点集群组件部署,由于K8S本身不支持网络,当 node 全部启动后,由于网络组件(CNI)未安装会显示为 NotReady 状态,需要借助第三方网 ...

  7. K8S从入门到放弃系列-(9)kubernetes集群之kubelet部署

    摘要: Kubelet组件运行在Node节点上,维持运行中的Pods以及提供kuberntes运行时环境,主要完成以下使命: 1.监视分配给该Node节点的pods 2.挂载pod所需要的volume ...

  8. K8S从入门到放弃系列-(5)kubernetes集群之kube-apiserver部署

    摘要: 1.kube-apiserver为是整个k8s集群中的数据总线和数据中心,提供了对集群的增删改查及watch等HTTP Rest接口 2.kube-apiserver是无状态的,虽然客户端如k ...

  9. Ubuntu下搭建Kubernetes集群(3)--k8s部署

    1. 关闭swap并关闭防火墙 首先,我们需要先关闭swap和防火墙,否则在安装Kubernetes时会导致不成功: # 临时关闭 swapoff -a # 编辑/etc/fstab,注释掉包含swa ...

随机推荐

  1. tfs 2017 使用

    安装完成之后,创建一个项目管理. 初始化代码库 然后下载代理 (服务器)并设置.下载代理需要FQ才可以下载成功. 想要支持 netcore2.0  必须在代理服务器上安装 vs2017 跟netcor ...

  2. 第六节 静态的(static)和单例模式

    main函数 主函数是一个特殊的函数,作为程序的入口,可以被jvm(虚拟器)调用 主函数的定义 public 表示该函数的访问权限是最大的. static 代表主函数随着类的加载就已经存在了. voi ...

  3. Fedora的一些个人配置

    0,老传统 yum install screenfetch 1,关闭蜂鸣器 edit /etc/bashrc setterm -blength 0#setterm -bfreq 10 #这个可以设置声 ...

  4. matlab中diff的用法

    若是diff(),括号里的元素为向量,那么前一个减后一个即为diff后的结果: 若diff(),括号里的元素为矩阵,那么下一行减上一行即为diff 后的结果:

  5. spoon 更新数据

    一个小需求,被要求使用spoon 来同步数据 主要流程为: 1.查询A库未同步数据 id 2.根据步骤1查到的id,作为条件更新B库数据 3.更新B库数据成功则更改库A中的数据状态为已同步. 4.添加 ...

  6. 实力封装:Unity打包AssetBundle(四)

    →→前情提要:窗口初现←← 让用户选择要打包的文件 时至今日,我们选择打包文件的方式依然是在Project面板或Hierarchy面板中用鼠标点选.现在既然有了窗口,我们自然希望可以将所有文件罗列在窗 ...

  7. mac下python2.7升级到3.6

    1. 前言 Mac系统自带python2.7,本文目的是将自带的python升级到3.6版本. 网上有本多的做法是让python2.7和python3.X两个版本共存,博主并不知道,是两版本共存好,还 ...

  8. 使用generator生成dao、mapping和model

    我们在ssm框架开发的时候(不限于此框架),为了开发效率.有时候不得不提高一下代码速度.千篇一律的事情谁都头疼,比如写dao,写model,写mapping等等.不仅慢,而且一不留神,还会出错. 今天 ...

  9. 利用itext生成pdf的简单例子

    一.itext简介 iText是著名的开放源码的站点sourceforge一个项目,是用于生成PDF文档的一个java类库.通过iText不仅可以生成PDF或rtf的文档,而且可以将XML.Html文 ...

  10. pycharm 永久解封

    第一步   c:\windows\system32\drivers\etc    命令行输入这个 第二步     把host文件复制到桌面 第三步   记事本打开host 第四步    在最下面添加  ...