heptio scanner kubernetes 集群诊断工具部署说明
heptio scanner 是一款k8s 集群状态的诊断工具,还是很方便的,但是有一点就是需要使用google 的镜像
参考地址
https://scanner.heptio.com/部署
- kubectl 部署说明
kubectl apply -f https://scanner.heptio.com/b5a7e2f93898098672771fb7d5877576/yaml/?rbac=noyaml 定义文件
- RBAC 模式
---
apiVersion: v1
kind: Namespace
metadata:
name: heptio-sonobuoy
---
apiVersion: v1
kind: ServiceAccount
metadata:
labels:
component: sonobuoy
name: sonobuoy-serviceaccount
namespace: heptio-sonobuoy
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
labels:
component: sonobuoy
name: sonobuoy-serviceaccount-heptio-sonobuoy
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: sonobuoy-serviceaccount
subjects:
- kind: ServiceAccount
name: sonobuoy-serviceaccount
namespace: heptio-sonobuoy
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
labels:
component: sonobuoy
name: sonobuoy-serviceaccount
rules:
- apiGroups:
- '*'
resources:
- '*'
verbs:
- '*'
---
apiVersion: v1
data:
config.json: |
{
"Description": "sonobuoy run for scanner.heptio.com",
"Version": "v0.11.4",
"ResultsDir": "/tmp/sonobuoy",
"Resources": [
"Nodes",
"ServerVersion"
],
"Filters": {
"Namespaces": ".*",
"LabelSelector": ""
},
"Server": {
"bindaddress":"0.0.0.0",
"bindport":8080,
"advertiseaddress":"",
"timeoutseconds":8000
},
"Plugins": [
{
"name":"e2e"
}
],
"WorkerImage":"gcr.io/heptio-images/sonobuoy:latest",
"ImagePullPolicy":"Always"
}
kind: ConfigMap
metadata:
labels:
component: sonobuoy
name: sonobuoy-config-cm
namespace: heptio-sonobuoy
---
apiVersion: v1
data:
e2e.yaml: |
sonobuoy-config:
driver: Job
plugin-name: e2e
result-type: e2e
spec:
env:
- name: E2E_FOCUS
value: '\[Conformance\]'
command: ["/run_e2e.sh"]
image: gcr.io/heptio-images/kube-conformance:latest
imagePullPolicy: Always
name: e2e
volumeMounts:
- mountPath: /tmp/results
name: results
readOnly: false
kind: ConfigMap
metadata:
labels:
component: sonobuoy
name: sonobuoy-plugins-cm
namespace: heptio-sonobuoy
---
apiVersion: v1
kind: Pod
metadata:
labels:
component: sonobuoy
run: sonobuoy-master
tier: analysis
name: sonobuoy
namespace: heptio-sonobuoy
spec:
containers:
- env:
- name: SONOBUOY_ADVERTISE_IP
valueFrom:
fieldRef:
fieldPath: status.podIP
image: gcr.io/heptio-images/sonobuoy:v0.11.4
imagePullPolicy: Always
name: kube-sonobuoy
volumeMounts:
- mountPath: /etc/sonobuoy
name: sonobuoy-config-volume
- mountPath: /plugins.d
name: sonobuoy-plugins-volume
- mountPath: /tmp/sonobuoy
name: sonobuoy-output
- env:
- name: READ_RESULTS_DIR
value: /tmp/sonobuoy
- name: WRITE_RESULTS_DIR
value: /tmp/forwarder
- name: HEPTIO_TOKEN
value: "b5a7e2f93898098672771fb7d5877576"
- name: CLOUD_URL
value: https://scanner.heptio.com
image: gcr.io/heptio-images/scanner-forwarder:v0.0.4
imagePullPolicy: Always
name: forwarder
volumeMounts:
- mountPath: /tmp/sonobuoy
name: sonobuoy-output
- mountPath: /tmp/forwarder
name: forwarder-output
- env:
- name: NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: READ_RESULTS_DIR
value: /tmp/forwarder
image: gcr.io/heptio-images/namespace-deleter:v0.0.1
imagePullPolicy: Always
name: cleanup
volumeMounts:
- mountPath: /tmp/forwarder
name: forwarder-output
restartPolicy: Never
serviceAccountName: sonobuoy-serviceaccount
volumes:
- configMap:
name: sonobuoy-config-cm
name: sonobuoy-config-volume
- configMap:
name: sonobuoy-plugins-cm
name: sonobuoy-plugins-volume
- emptyDir: {}
name: sonobuoy-output
- emptyDir: {}
name: forwarder-output
---
apiVersion: v1
kind: Service
metadata:
labels:
component: sonobuoy
run: sonobuoy-master
name: sonobuoy-master
namespace: heptio-sonobuoy
spec:
ports:
- port: 8080
protocol: TCP
targetPort: 8080
selector:
run: sonobuoy-master
type: ClusterIP- 非 RBAC模式
---
apiVersion: v1
kind: Namespace
metadata:
name: heptio-sonobuoy
---
apiVersion: v1
kind: ServiceAccount
metadata:
labels:
component: sonobuoy
name: sonobuoy-serviceaccount
namespace: heptio-sonobuoy
---
apiVersion: v1
data:
config.json: |
{
"Description": "sonobuoy run for scanner.heptio.com",
"Version": "v0.11.4",
"ResultsDir": "/tmp/sonobuoy",
"Resources": [
"Nodes",
"ServerVersion"
],
"Filters": {
"Namespaces": ".*",
"LabelSelector": ""
},
"Server": {
"bindaddress":"0.0.0.0",
"bindport":8080,
"advertiseaddress":"",
"timeoutseconds":8000
},
"Plugins": [
{
"name":"e2e"
}
],
"WorkerImage":"gcr.io/heptio-images/sonobuoy:latest",
"ImagePullPolicy":"Always"
}
kind: ConfigMap
metadata:
labels:
component: sonobuoy
name: sonobuoy-config-cm
namespace: heptio-sonobuoy
---
apiVersion: v1
data:
e2e.yaml: |
sonobuoy-config:
driver: Job
plugin-name: e2e
result-type: e2e
spec:
env:
- name: E2E_FOCUS
value: '\[Conformance\]'
command: ["/run_e2e.sh"]
image: gcr.io/heptio-images/kube-conformance:latest
imagePullPolicy: Always
name: e2e
volumeMounts:
- mountPath: /tmp/results
name: results
readOnly: false
kind: ConfigMap
metadata:
labels:
component: sonobuoy
name: sonobuoy-plugins-cm
namespace: heptio-sonobuoy
---
apiVersion: v1
kind: Pod
metadata:
labels:
component: sonobuoy
run: sonobuoy-master
tier: analysis
name: sonobuoy
namespace: heptio-sonobuoy
spec:
containers:
- env:
- name: SONOBUOY_ADVERTISE_IP
valueFrom:
fieldRef:
fieldPath: status.podIP
image: gcr.io/heptio-images/sonobuoy:v0.11.4
imagePullPolicy: Always
name: kube-sonobuoy
volumeMounts:
- mountPath: /etc/sonobuoy
name: sonobuoy-config-volume
- mountPath: /plugins.d
name: sonobuoy-plugins-volume
- mountPath: /tmp/sonobuoy
name: sonobuoy-output
- env:
- name: READ_RESULTS_DIR
value: /tmp/sonobuoy
- name: WRITE_RESULTS_DIR
value: /tmp/forwarder
- name: HEPTIO_TOKEN
value: "b5a7e2f93898098672771fb7d5877576"
- name: CLOUD_URL
value: https://scanner.heptio.com
image: gcr.io/heptio-images/scanner-forwarder:v0.0.4
imagePullPolicy: Always
name: forwarder
volumeMounts:
- mountPath: /tmp/sonobuoy
name: sonobuoy-output
- mountPath: /tmp/forwarder
name: forwarder-output
- env:
- name: NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: READ_RESULTS_DIR
value: /tmp/forwarder
image: gcr.io/heptio-images/namespace-deleter:v0.0.1
imagePullPolicy: Always
name: cleanup
volumeMounts:
- mountPath: /tmp/forwarder
name: forwarder-output
restartPolicy: Never
serviceAccountName: sonobuoy-serviceaccount
volumes:
- configMap:
name: sonobuoy-config-cm
name: sonobuoy-config-volume
- configMap:
name: sonobuoy-plugins-cm
name: sonobuoy-plugins-volume
- emptyDir: {}
name: sonobuoy-output
- emptyDir: {}
name: forwarder-output
---
apiVersion: v1
kind: Service
metadata:
labels:
component: sonobuoy
run: sonobuoy-master
name: sonobuoy-master
namespace: heptio-sonobuoy
spec:
ports:
- port: 8080
protocol: TCP
targetPort: 8080
selector:
run: sonobuoy-master
type: ClusterIP- 等待诊断结果界面
说明
部署是通过可视化界面,查看诊断结果的,提供的token 就是标识对应的k8s集群,同时运行过程中有点慢
参考资料
https://github.com/heptio/sonobuoy
https://scanner.heptio.com/
heptio scanner kubernetes 集群诊断工具部署说明的更多相关文章
- kubernetes 集群的安装部署
本文来自我的github pages博客http://galengao.github.io/ 即www.gaohuirong.cn 摘要: 首先kubernetes得官方文档我自己看着很乱,信息很少, ...
- Kubernetes集群管理工具kubectl命令技巧大全
一. kubectl概述 Kubectl是用于控制Kubernetes集群的命令行工具,通过kubectl能够对集群本身进行管理,并能够在集群上进行容器化应用的安装部署. kubectl命令的语法如下 ...
- Kubernetes集群的安装部署
此文参照https://www.cnblogs.com/zhenyuyaodidiao/p/6500830.html,并根据实操过程略作修改. 1.环境介绍及准备: 1.1 物理机操作系统 物理机操作 ...
- K8S从入门到放弃系列-(16)Kubernetes集群Prometheus-operator监控部署
Prometheus Operator不同于Prometheus,Prometheus Operator是 CoreOS 开源的一套用于管理在 Kubernetes 集群上的 Prometheus 控 ...
- kube-liveboard: kubernetes集群可视化工具
kube-liveboard 随着kubernetes 集群的增大,对于集群数据选取恰当的形式进行展示有助于直观反映集群的状态,方便发现集群的短板,了解集群的瓶颈.因此,笔者做了kube-livebo ...
- K8S从入门到放弃系列-(11)kubernetes集群网络Calico部署
摘要: 前面几个篇幅,已经介绍master与node节点集群组件部署,由于K8S本身不支持网络,当 node 全部启动后,由于网络组件(CNI)未安装会显示为 NotReady 状态,需要借助第三方网 ...
- K8S从入门到放弃系列-(9)kubernetes集群之kubelet部署
摘要: Kubelet组件运行在Node节点上,维持运行中的Pods以及提供kuberntes运行时环境,主要完成以下使命: 1.监视分配给该Node节点的pods 2.挂载pod所需要的volume ...
- K8S从入门到放弃系列-(5)kubernetes集群之kube-apiserver部署
摘要: 1.kube-apiserver为是整个k8s集群中的数据总线和数据中心,提供了对集群的增删改查及watch等HTTP Rest接口 2.kube-apiserver是无状态的,虽然客户端如k ...
- Ubuntu下搭建Kubernetes集群(3)--k8s部署
1. 关闭swap并关闭防火墙 首先,我们需要先关闭swap和防火墙,否则在安装Kubernetes时会导致不成功: # 临时关闭 swapoff -a # 编辑/etc/fstab,注释掉包含swa ...
随机推荐
- Python实战之logging模块使用详解
用Python写代码的时候,在想看的地方写个print xx 就能在控制台上显示打印信息,这样子就能知道它是什么了,但是当我需要看大量的地方或者在一个文件中查看的时候,这时候print就不大方便了,所 ...
- MFC Release版本串口连不上的问题
项目开发过程中发现Release版本存在连接串口时,第一次开机后,出现连接不上的问题,但在Debug版本下正常:而且只要连接上一次,Release版本就能正常连接: 解决方案: 在串口配置过程中更改为 ...
- Spring接管JDBC
在Spring配置JDBC <?xml version="1.0" encoding="UTF-8"?> <beans xmlns=" ...
- matlab中diff的用法
若是diff(),括号里的元素为向量,那么前一个减后一个即为diff后的结果: 若diff(),括号里的元素为矩阵,那么下一行减上一行即为diff 后的结果:
- GNU C的定义长度为0的数组
在标准C和C++中,长度为0的数组是被禁止使用的.不过在GNU C中,存在一个非常奇怪的用法,那就是长度为0的数组,比如Array[0];很多人可能觉得不可思议,长度为0的数组是没有什么意义的,不过在 ...
- Day6作业及默写
1.使⽤循环打印以下效果: 1: * ** *** **** ***** for num in range(1,6): print('*' * num) 2: ***** **** *** ** * ...
- 四条命令快速在Ubuntu16.04上配置DNS服务器
1. apt install dnsmasq -y 2. vim /etc/dnsmasq.d/resolv.conf address=/xxx.yyy.com/21.xx.xx.x 3. servi ...
- HDU 6034 17多校1 Balala Power!(思维 排序)
Problem Description Talented Mr.Tang has n strings consisting of only lower case characters. He want ...
- MongoDb查询
1.对于时间,在java中不能模糊查询 @Query(value = "{'create_time': {'$gte': ?0},'ent_id':?1}") Page<St ...
- Too much thinking! Too much annoying.
I am now in great demand for an opportunity to yearn for, the ability to express myself, in a maximu ...