heptio scanner kubernetes 集群诊断工具部署说明
heptio scanner 是一款k8s 集群状态的诊断工具,还是很方便的,但是有一点就是需要使用google 的镜像
参考地址
https://scanner.heptio.com/部署
- kubectl 部署说明
kubectl apply -f https://scanner.heptio.com/b5a7e2f93898098672771fb7d5877576/yaml/?rbac=noyaml 定义文件
- RBAC 模式
---
apiVersion: v1
kind: Namespace
metadata:
name: heptio-sonobuoy
---
apiVersion: v1
kind: ServiceAccount
metadata:
labels:
component: sonobuoy
name: sonobuoy-serviceaccount
namespace: heptio-sonobuoy
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
labels:
component: sonobuoy
name: sonobuoy-serviceaccount-heptio-sonobuoy
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: sonobuoy-serviceaccount
subjects:
- kind: ServiceAccount
name: sonobuoy-serviceaccount
namespace: heptio-sonobuoy
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
labels:
component: sonobuoy
name: sonobuoy-serviceaccount
rules:
- apiGroups:
- '*'
resources:
- '*'
verbs:
- '*'
---
apiVersion: v1
data:
config.json: |
{
"Description": "sonobuoy run for scanner.heptio.com",
"Version": "v0.11.4",
"ResultsDir": "/tmp/sonobuoy",
"Resources": [
"Nodes",
"ServerVersion"
],
"Filters": {
"Namespaces": ".*",
"LabelSelector": ""
},
"Server": {
"bindaddress":"0.0.0.0",
"bindport":8080,
"advertiseaddress":"",
"timeoutseconds":8000
},
"Plugins": [
{
"name":"e2e"
}
],
"WorkerImage":"gcr.io/heptio-images/sonobuoy:latest",
"ImagePullPolicy":"Always"
}
kind: ConfigMap
metadata:
labels:
component: sonobuoy
name: sonobuoy-config-cm
namespace: heptio-sonobuoy
---
apiVersion: v1
data:
e2e.yaml: |
sonobuoy-config:
driver: Job
plugin-name: e2e
result-type: e2e
spec:
env:
- name: E2E_FOCUS
value: '\[Conformance\]'
command: ["/run_e2e.sh"]
image: gcr.io/heptio-images/kube-conformance:latest
imagePullPolicy: Always
name: e2e
volumeMounts:
- mountPath: /tmp/results
name: results
readOnly: false
kind: ConfigMap
metadata:
labels:
component: sonobuoy
name: sonobuoy-plugins-cm
namespace: heptio-sonobuoy
---
apiVersion: v1
kind: Pod
metadata:
labels:
component: sonobuoy
run: sonobuoy-master
tier: analysis
name: sonobuoy
namespace: heptio-sonobuoy
spec:
containers:
- env:
- name: SONOBUOY_ADVERTISE_IP
valueFrom:
fieldRef:
fieldPath: status.podIP
image: gcr.io/heptio-images/sonobuoy:v0.11.4
imagePullPolicy: Always
name: kube-sonobuoy
volumeMounts:
- mountPath: /etc/sonobuoy
name: sonobuoy-config-volume
- mountPath: /plugins.d
name: sonobuoy-plugins-volume
- mountPath: /tmp/sonobuoy
name: sonobuoy-output
- env:
- name: READ_RESULTS_DIR
value: /tmp/sonobuoy
- name: WRITE_RESULTS_DIR
value: /tmp/forwarder
- name: HEPTIO_TOKEN
value: "b5a7e2f93898098672771fb7d5877576"
- name: CLOUD_URL
value: https://scanner.heptio.com
image: gcr.io/heptio-images/scanner-forwarder:v0.0.4
imagePullPolicy: Always
name: forwarder
volumeMounts:
- mountPath: /tmp/sonobuoy
name: sonobuoy-output
- mountPath: /tmp/forwarder
name: forwarder-output
- env:
- name: NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: READ_RESULTS_DIR
value: /tmp/forwarder
image: gcr.io/heptio-images/namespace-deleter:v0.0.1
imagePullPolicy: Always
name: cleanup
volumeMounts:
- mountPath: /tmp/forwarder
name: forwarder-output
restartPolicy: Never
serviceAccountName: sonobuoy-serviceaccount
volumes:
- configMap:
name: sonobuoy-config-cm
name: sonobuoy-config-volume
- configMap:
name: sonobuoy-plugins-cm
name: sonobuoy-plugins-volume
- emptyDir: {}
name: sonobuoy-output
- emptyDir: {}
name: forwarder-output
---
apiVersion: v1
kind: Service
metadata:
labels:
component: sonobuoy
run: sonobuoy-master
name: sonobuoy-master
namespace: heptio-sonobuoy
spec:
ports:
- port: 8080
protocol: TCP
targetPort: 8080
selector:
run: sonobuoy-master
type: ClusterIP- 非 RBAC模式
---
apiVersion: v1
kind: Namespace
metadata:
name: heptio-sonobuoy
---
apiVersion: v1
kind: ServiceAccount
metadata:
labels:
component: sonobuoy
name: sonobuoy-serviceaccount
namespace: heptio-sonobuoy
---
apiVersion: v1
data:
config.json: |
{
"Description": "sonobuoy run for scanner.heptio.com",
"Version": "v0.11.4",
"ResultsDir": "/tmp/sonobuoy",
"Resources": [
"Nodes",
"ServerVersion"
],
"Filters": {
"Namespaces": ".*",
"LabelSelector": ""
},
"Server": {
"bindaddress":"0.0.0.0",
"bindport":8080,
"advertiseaddress":"",
"timeoutseconds":8000
},
"Plugins": [
{
"name":"e2e"
}
],
"WorkerImage":"gcr.io/heptio-images/sonobuoy:latest",
"ImagePullPolicy":"Always"
}
kind: ConfigMap
metadata:
labels:
component: sonobuoy
name: sonobuoy-config-cm
namespace: heptio-sonobuoy
---
apiVersion: v1
data:
e2e.yaml: |
sonobuoy-config:
driver: Job
plugin-name: e2e
result-type: e2e
spec:
env:
- name: E2E_FOCUS
value: '\[Conformance\]'
command: ["/run_e2e.sh"]
image: gcr.io/heptio-images/kube-conformance:latest
imagePullPolicy: Always
name: e2e
volumeMounts:
- mountPath: /tmp/results
name: results
readOnly: false
kind: ConfigMap
metadata:
labels:
component: sonobuoy
name: sonobuoy-plugins-cm
namespace: heptio-sonobuoy
---
apiVersion: v1
kind: Pod
metadata:
labels:
component: sonobuoy
run: sonobuoy-master
tier: analysis
name: sonobuoy
namespace: heptio-sonobuoy
spec:
containers:
- env:
- name: SONOBUOY_ADVERTISE_IP
valueFrom:
fieldRef:
fieldPath: status.podIP
image: gcr.io/heptio-images/sonobuoy:v0.11.4
imagePullPolicy: Always
name: kube-sonobuoy
volumeMounts:
- mountPath: /etc/sonobuoy
name: sonobuoy-config-volume
- mountPath: /plugins.d
name: sonobuoy-plugins-volume
- mountPath: /tmp/sonobuoy
name: sonobuoy-output
- env:
- name: READ_RESULTS_DIR
value: /tmp/sonobuoy
- name: WRITE_RESULTS_DIR
value: /tmp/forwarder
- name: HEPTIO_TOKEN
value: "b5a7e2f93898098672771fb7d5877576"
- name: CLOUD_URL
value: https://scanner.heptio.com
image: gcr.io/heptio-images/scanner-forwarder:v0.0.4
imagePullPolicy: Always
name: forwarder
volumeMounts:
- mountPath: /tmp/sonobuoy
name: sonobuoy-output
- mountPath: /tmp/forwarder
name: forwarder-output
- env:
- name: NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: READ_RESULTS_DIR
value: /tmp/forwarder
image: gcr.io/heptio-images/namespace-deleter:v0.0.1
imagePullPolicy: Always
name: cleanup
volumeMounts:
- mountPath: /tmp/forwarder
name: forwarder-output
restartPolicy: Never
serviceAccountName: sonobuoy-serviceaccount
volumes:
- configMap:
name: sonobuoy-config-cm
name: sonobuoy-config-volume
- configMap:
name: sonobuoy-plugins-cm
name: sonobuoy-plugins-volume
- emptyDir: {}
name: sonobuoy-output
- emptyDir: {}
name: forwarder-output
---
apiVersion: v1
kind: Service
metadata:
labels:
component: sonobuoy
run: sonobuoy-master
name: sonobuoy-master
namespace: heptio-sonobuoy
spec:
ports:
- port: 8080
protocol: TCP
targetPort: 8080
selector:
run: sonobuoy-master
type: ClusterIP- 等待诊断结果界面
说明
部署是通过可视化界面,查看诊断结果的,提供的token 就是标识对应的k8s集群,同时运行过程中有点慢
参考资料
https://github.com/heptio/sonobuoy
https://scanner.heptio.com/
heptio scanner kubernetes 集群诊断工具部署说明的更多相关文章
- kubernetes 集群的安装部署
本文来自我的github pages博客http://galengao.github.io/ 即www.gaohuirong.cn 摘要: 首先kubernetes得官方文档我自己看着很乱,信息很少, ...
- Kubernetes集群管理工具kubectl命令技巧大全
一. kubectl概述 Kubectl是用于控制Kubernetes集群的命令行工具,通过kubectl能够对集群本身进行管理,并能够在集群上进行容器化应用的安装部署. kubectl命令的语法如下 ...
- Kubernetes集群的安装部署
此文参照https://www.cnblogs.com/zhenyuyaodidiao/p/6500830.html,并根据实操过程略作修改. 1.环境介绍及准备: 1.1 物理机操作系统 物理机操作 ...
- K8S从入门到放弃系列-(16)Kubernetes集群Prometheus-operator监控部署
Prometheus Operator不同于Prometheus,Prometheus Operator是 CoreOS 开源的一套用于管理在 Kubernetes 集群上的 Prometheus 控 ...
- kube-liveboard: kubernetes集群可视化工具
kube-liveboard 随着kubernetes 集群的增大,对于集群数据选取恰当的形式进行展示有助于直观反映集群的状态,方便发现集群的短板,了解集群的瓶颈.因此,笔者做了kube-livebo ...
- K8S从入门到放弃系列-(11)kubernetes集群网络Calico部署
摘要: 前面几个篇幅,已经介绍master与node节点集群组件部署,由于K8S本身不支持网络,当 node 全部启动后,由于网络组件(CNI)未安装会显示为 NotReady 状态,需要借助第三方网 ...
- K8S从入门到放弃系列-(9)kubernetes集群之kubelet部署
摘要: Kubelet组件运行在Node节点上,维持运行中的Pods以及提供kuberntes运行时环境,主要完成以下使命: 1.监视分配给该Node节点的pods 2.挂载pod所需要的volume ...
- K8S从入门到放弃系列-(5)kubernetes集群之kube-apiserver部署
摘要: 1.kube-apiserver为是整个k8s集群中的数据总线和数据中心,提供了对集群的增删改查及watch等HTTP Rest接口 2.kube-apiserver是无状态的,虽然客户端如k ...
- Ubuntu下搭建Kubernetes集群(3)--k8s部署
1. 关闭swap并关闭防火墙 首先,我们需要先关闭swap和防火墙,否则在安装Kubernetes时会导致不成功: # 临时关闭 swapoff -a # 编辑/etc/fstab,注释掉包含swa ...
随机推荐
- SQL-15 查找employees表所有emp_no为奇数,且last_name不为Mary的员工信息,并按照hire_date逆序排列
题目描述 查找employees表所有emp_no为奇数,且last_name不为Mary的员工信息,并按照hire_date逆序排列CREATE TABLE `employees` (`emp_no ...
- Oracle存储过程基础
http://blog.sina.com.cn/s/blog_67e424340100iyg1.html
- 20165326 java第四周学习笔记
第四周学习笔记 ch5 子类和父类 子类只能有一个父类 使用关键字extendsyclass 子类 extends 父类 系统默认的祖先类Object(java.lang包中) 继承:子类继承父类的方 ...
- ansible暂停模块
pause 在playbook执行的过程中暂停一定时间或者提示用户进行某些操作 常用参数: minutes:暂停多少分钟 seconds:暂停多少秒 prompt:打印一串信息提示用户操作 示例: - ...
- to linux
apt-get update // 更新 apt sudo apt-get install git // 安装git git clone git://github.com/yyuu/pyenv.git ...
- Spring+Tomcat的JNDI数据源连接池简单配置
使用Tomcat JNDI数据源与Spring一起使用步骤如下: 1.将数据库驱动复制到Tomcat的lib文件夹下面 2.配置Tomcat的server.xml配置文件,在GlobalNamingR ...
- cygwin 解压 tar.xz压缩包
今天第一次接触到Cygwin,啊,不懂Linux,, 解压分为三个步骤. 第一步,进入压缩包所在的文件目录: cd e:\ >(左边会弹出这个符号,我以为后面的解压要在这里写,其实不是,要再按一 ...
- Linux命令--1
之前一直在学习Linux,不过有点一天打鱼两天晒网的意味,现在希望通过写博客的形式,积累更多的知识,也希望可以帮到同在linux坑中的各位小伙伴们~ PS:我的笔记重点在于通俗,很多命令一百度就有,但 ...
- sequence to sequence模型
sequence to sequence模型是一类End-to-End的算法框架,也就是从序列到序列的转换模型框架,应用在机器翻译,自动应答等场景. Seq2Seq一般是通过Encoder-Decod ...
- 【转载】 5G+边缘计算,着眼可见的未来 【边缘计算】
原文地址: https://www.cnblogs.com/upyun/p/10641489.html ------------------------------------------------ ...