heptio scanner 是一款k8s 集群状态的诊断工具,还是很方便的,但是有一点就是需要使用google 的镜像

参考地址

https://scanner.heptio.com/

部署

  • kubectl 部署说明
kubectl apply -f https://scanner.heptio.com/b5a7e2f93898098672771fb7d5877576/yaml/?rbac=no

yaml 定义文件

  • RBAC 模式
---

apiVersion: v1

kind: Namespace

metadata:

  name: heptio-sonobuoy

---

apiVersion: v1

kind: ServiceAccount

metadata:

  labels:

    component: sonobuoy

  name: sonobuoy-serviceaccount

  namespace: heptio-sonobuoy

---

apiVersion: rbac.authorization.k8s.io/v1

kind: ClusterRoleBinding

metadata:

  labels:

    component: sonobuoy

  name: sonobuoy-serviceaccount-heptio-sonobuoy

roleRef:

  apiGroup: rbac.authorization.k8s.io

  kind: ClusterRole

  name: sonobuoy-serviceaccount

subjects:

- kind: ServiceAccount

  name: sonobuoy-serviceaccount

  namespace: heptio-sonobuoy

---

apiVersion: rbac.authorization.k8s.io/v1

kind: ClusterRole

metadata:

  labels:

    component: sonobuoy

  name: sonobuoy-serviceaccount

rules:

- apiGroups:

  - '*'

  resources:

  - '*'

  verbs:

  - '*'

---

apiVersion: v1

data:

  config.json: |

    {

      "Description": "sonobuoy run for scanner.heptio.com",

      "Version": "v0.11.4",

      "ResultsDir": "/tmp/sonobuoy",

      "Resources": [

        "Nodes",

        "ServerVersion"

      ],

      "Filters": {

        "Namespaces": ".*",

        "LabelSelector": ""

      },

      "Server": {

        "bindaddress":"0.0.0.0",

        "bindport":8080,

        "advertiseaddress":"",

        "timeoutseconds":8000

      },

      "Plugins": [

        {

          "name":"e2e"

        }

      ],

      "WorkerImage":"gcr.io/heptio-images/sonobuoy:latest",

      "ImagePullPolicy":"Always"

    }

kind: ConfigMap

metadata:

  labels:

    component: sonobuoy

  name: sonobuoy-config-cm

  namespace: heptio-sonobuoy

---

apiVersion: v1

data:

  e2e.yaml: |

    sonobuoy-config:

      driver: Job

      plugin-name: e2e

      result-type: e2e

    spec:

      env:

      - name: E2E_FOCUS

        value: '\[Conformance\]'

      command: ["/run_e2e.sh"]

      image: gcr.io/heptio-images/kube-conformance:latest

      imagePullPolicy: Always

      name: e2e

      volumeMounts:

      - mountPath: /tmp/results

        name: results

        readOnly: false

kind: ConfigMap

metadata:

  labels:

    component: sonobuoy

  name: sonobuoy-plugins-cm

  namespace: heptio-sonobuoy

---

apiVersion: v1

kind: Pod

metadata:

  labels:

    component: sonobuoy

    run: sonobuoy-master

    tier: analysis

  name: sonobuoy

  namespace: heptio-sonobuoy

spec:

  containers:

  - env:

    - name: SONOBUOY_ADVERTISE_IP

      valueFrom:

        fieldRef:

          fieldPath: status.podIP

    image: gcr.io/heptio-images/sonobuoy:v0.11.4

    imagePullPolicy: Always

    name: kube-sonobuoy

    volumeMounts:

    - mountPath: /etc/sonobuoy

      name: sonobuoy-config-volume

    - mountPath: /plugins.d

      name: sonobuoy-plugins-volume

    - mountPath: /tmp/sonobuoy

      name: sonobuoy-output

  - env:

    - name: READ_RESULTS_DIR

      value: /tmp/sonobuoy

    - name: WRITE_RESULTS_DIR

      value: /tmp/forwarder

    - name: HEPTIO_TOKEN

      value: "b5a7e2f93898098672771fb7d5877576"

    - name: CLOUD_URL

      value: https://scanner.heptio.com

    image: gcr.io/heptio-images/scanner-forwarder:v0.0.4

    imagePullPolicy: Always

    name: forwarder

    volumeMounts:

    - mountPath: /tmp/sonobuoy

      name: sonobuoy-output

    - mountPath: /tmp/forwarder

      name: forwarder-output

  - env:

    - name: NAMESPACE

      valueFrom:

        fieldRef:

          fieldPath: metadata.namespace

    - name: READ_RESULTS_DIR

      value: /tmp/forwarder

    image: gcr.io/heptio-images/namespace-deleter:v0.0.1

    imagePullPolicy: Always

    name: cleanup

    volumeMounts:

    - mountPath: /tmp/forwarder

      name: forwarder-output

  restartPolicy: Never

  serviceAccountName: sonobuoy-serviceaccount

  volumes:

  - configMap:

      name: sonobuoy-config-cm

    name: sonobuoy-config-volume

  - configMap:

      name: sonobuoy-plugins-cm

    name: sonobuoy-plugins-volume

  - emptyDir: {}

    name: sonobuoy-output

  - emptyDir: {}

    name: forwarder-output

---

apiVersion: v1

kind: Service

metadata:

  labels:

    component: sonobuoy

    run: sonobuoy-master

  name: sonobuoy-master

  namespace: heptio-sonobuoy

spec:

  ports:

  - port: 8080

    protocol: TCP

    targetPort: 8080

  selector:

    run: sonobuoy-master

  type: ClusterIP
  • 非 RBAC模式
---

apiVersion: v1

kind: Namespace

metadata:

  name: heptio-sonobuoy

---

apiVersion: v1

kind: ServiceAccount

metadata:

  labels:

    component: sonobuoy

  name: sonobuoy-serviceaccount

  namespace: heptio-sonobuoy

---

apiVersion: v1

data:

  config.json: |

    {

      "Description": "sonobuoy run for scanner.heptio.com",

      "Version": "v0.11.4",

      "ResultsDir": "/tmp/sonobuoy",

      "Resources": [

        "Nodes",

        "ServerVersion"

      ],

      "Filters": {

        "Namespaces": ".*",

        "LabelSelector": ""

      },

      "Server": {

        "bindaddress":"0.0.0.0",

        "bindport":8080,

        "advertiseaddress":"",

        "timeoutseconds":8000

      },

      "Plugins": [

        {

          "name":"e2e"

        }

      ],

      "WorkerImage":"gcr.io/heptio-images/sonobuoy:latest",

      "ImagePullPolicy":"Always"

    }

kind: ConfigMap

metadata:

  labels:

    component: sonobuoy

  name: sonobuoy-config-cm

  namespace: heptio-sonobuoy

---

apiVersion: v1

data:

  e2e.yaml: |

    sonobuoy-config:

      driver: Job

      plugin-name: e2e

      result-type: e2e

    spec:

      env:

      - name: E2E_FOCUS

        value: '\[Conformance\]'

      command: ["/run_e2e.sh"]

      image: gcr.io/heptio-images/kube-conformance:latest

      imagePullPolicy: Always

      name: e2e

      volumeMounts:

      - mountPath: /tmp/results

        name: results

        readOnly: false

kind: ConfigMap

metadata:

  labels:

    component: sonobuoy

  name: sonobuoy-plugins-cm

  namespace: heptio-sonobuoy

---

apiVersion: v1

kind: Pod

metadata:

  labels:

    component: sonobuoy

    run: sonobuoy-master

    tier: analysis

  name: sonobuoy

  namespace: heptio-sonobuoy

spec:

  containers:

  - env:

    - name: SONOBUOY_ADVERTISE_IP

      valueFrom:

        fieldRef:

          fieldPath: status.podIP

    image: gcr.io/heptio-images/sonobuoy:v0.11.4

    imagePullPolicy: Always

    name: kube-sonobuoy

    volumeMounts:

    - mountPath: /etc/sonobuoy

      name: sonobuoy-config-volume

    - mountPath: /plugins.d

      name: sonobuoy-plugins-volume

    - mountPath: /tmp/sonobuoy

      name: sonobuoy-output

  - env:

    - name: READ_RESULTS_DIR

      value: /tmp/sonobuoy

    - name: WRITE_RESULTS_DIR

      value: /tmp/forwarder

    - name: HEPTIO_TOKEN

      value: "b5a7e2f93898098672771fb7d5877576"

    - name: CLOUD_URL

      value: https://scanner.heptio.com

    image: gcr.io/heptio-images/scanner-forwarder:v0.0.4

    imagePullPolicy: Always

    name: forwarder

    volumeMounts:

    - mountPath: /tmp/sonobuoy

      name: sonobuoy-output

    - mountPath: /tmp/forwarder

      name: forwarder-output

  - env:

    - name: NAMESPACE

      valueFrom:

        fieldRef:

          fieldPath: metadata.namespace

    - name: READ_RESULTS_DIR

      value: /tmp/forwarder

    image: gcr.io/heptio-images/namespace-deleter:v0.0.1

    imagePullPolicy: Always

    name: cleanup

    volumeMounts:

    - mountPath: /tmp/forwarder

      name: forwarder-output

  restartPolicy: Never

  serviceAccountName: sonobuoy-serviceaccount

  volumes:

  - configMap:

      name: sonobuoy-config-cm

    name: sonobuoy-config-volume

  - configMap:

      name: sonobuoy-plugins-cm

    name: sonobuoy-plugins-volume

  - emptyDir: {}

    name: sonobuoy-output

  - emptyDir: {}

    name: forwarder-output

---

apiVersion: v1

kind: Service

metadata:

  labels:

    component: sonobuoy

    run: sonobuoy-master

  name: sonobuoy-master

  namespace: heptio-sonobuoy

spec:

  ports:

  - port: 8080

    protocol: TCP

    targetPort: 8080

  selector:

    run: sonobuoy-master

  type: ClusterIP
  • 等待诊断结果界面

说明

部署是通过可视化界面,查看诊断结果的,提供的token 就是标识对应的k8s集群,同时运行过程中有点慢

参考资料

https://github.com/heptio/sonobuoy
https://scanner.heptio.com/

 
 
 
 

heptio scanner kubernetes 集群诊断工具部署说明的更多相关文章

  1. kubernetes 集群的安装部署

    本文来自我的github pages博客http://galengao.github.io/ 即www.gaohuirong.cn 摘要: 首先kubernetes得官方文档我自己看着很乱,信息很少, ...

  2. Kubernetes集群管理工具kubectl命令技巧大全

    一. kubectl概述 Kubectl是用于控制Kubernetes集群的命令行工具,通过kubectl能够对集群本身进行管理,并能够在集群上进行容器化应用的安装部署. kubectl命令的语法如下 ...

  3. Kubernetes集群的安装部署

    此文参照https://www.cnblogs.com/zhenyuyaodidiao/p/6500830.html,并根据实操过程略作修改. 1.环境介绍及准备: 1.1 物理机操作系统 物理机操作 ...

  4. K8S从入门到放弃系列-(16)Kubernetes集群Prometheus-operator监控部署

    Prometheus Operator不同于Prometheus,Prometheus Operator是 CoreOS 开源的一套用于管理在 Kubernetes 集群上的 Prometheus 控 ...

  5. kube-liveboard: kubernetes集群可视化工具

    kube-liveboard 随着kubernetes 集群的增大,对于集群数据选取恰当的形式进行展示有助于直观反映集群的状态,方便发现集群的短板,了解集群的瓶颈.因此,笔者做了kube-livebo ...

  6. K8S从入门到放弃系列-(11)kubernetes集群网络Calico部署

    摘要: 前面几个篇幅,已经介绍master与node节点集群组件部署,由于K8S本身不支持网络,当 node 全部启动后,由于网络组件(CNI)未安装会显示为 NotReady 状态,需要借助第三方网 ...

  7. K8S从入门到放弃系列-(9)kubernetes集群之kubelet部署

    摘要: Kubelet组件运行在Node节点上,维持运行中的Pods以及提供kuberntes运行时环境,主要完成以下使命: 1.监视分配给该Node节点的pods 2.挂载pod所需要的volume ...

  8. K8S从入门到放弃系列-(5)kubernetes集群之kube-apiserver部署

    摘要: 1.kube-apiserver为是整个k8s集群中的数据总线和数据中心,提供了对集群的增删改查及watch等HTTP Rest接口 2.kube-apiserver是无状态的,虽然客户端如k ...

  9. Ubuntu下搭建Kubernetes集群(3)--k8s部署

    1. 关闭swap并关闭防火墙 首先,我们需要先关闭swap和防火墙,否则在安装Kubernetes时会导致不成功: # 临时关闭 swapoff -a # 编辑/etc/fstab,注释掉包含swa ...

随机推荐

  1. pragma comment的使用 pragma预处理指令详解

    pragma comment的使用 pragma预处理指令详解   #pragma comment( comment-type [,"commentstring"] ) 该宏放置一 ...

  2. python23的区别-日常记录

    1. xrange:python3 中取消了range函数,把python2中的xrange重新命名为range,所以在python3中直接用range就行. 2. print:python3中pri ...

  3. Java语法基础DayFive

    一.继承 1.格式:class 子类 extends 父类 2.好处:提高代码的复用性:让类与类之间产生了关系,是多态的前提. 3.弊端: (1)类的耦合性增强了,而开发的原则是高内聚,低耦合.内聚是 ...

  4. day 41 mysql 函数 事物

    mysql 函数 事务   mysql 中提供了许多内置函数 CHAR_LENGTH(str) 返回值为字符串str 的长度,长度的单位为字符.一个多字节字符算作一个单字符. 对于一个包含五个二字节字 ...

  5. Linux:软件包安装

    软件包安装 一.rpm安装 1.挂载系统:mount /dev/cdrom/ /mnt/cdrom/ 2.进入相应的目录(Centos7 为Packages,有一些是Server):cd /mnt/c ...

  6. VC下CString类型与int 、float等数据类型的相互转换

    一.常用转换 1. CString --> int转换 CString str("1234");    int i= _ttoi(str); 2. CString --> ...

  7. android 8.0 intent安装apk失败屏幕闪过

    需要做两处设置: 1.android8.0要加一条权限: <uses-permission android:name="android.permission.REQUEST_INSTA ...

  8. 配置JAVA 环境变量

    首先 下载好JDK后 打开环境变量配置 配置JAVA_HOME: C:\Program Files\Java\jdk1.8.0_144(也就是jdk下载后的文件夹)   之后配置PATH:这时用到%J ...

  9. TCP/IP协议的四个层及作用

  10. LeetCode--122、167、169、189、217 Array(Easy)

    122. Best Time to Buy and Sell Stock II Say you have an array for which the ith element is the price ...