クベエ
v1.0.2 ?
英語 | 中国語
KubeEye は、Kubernetes 用に特別に設計されたクラウドネイティブのクラスター検査ツールで、カスタム ルールに基づいて Kubernetes クラスター内の問題とリスクを特定できます。
リリースからインストール パッケージをダウンロードします。これには、Helm チャート、デモ ルール、オフライン インストール用のイメージが含まれています。
VERSION=v1.0.0
wget https://github.com/kubesphere/kubeeye/releases/download/ ${VERSION} /kubeeye-offline- ${VERSION} .tar.gz
tar -zxvf kubeeye-offline- ${VERSION} .tar.gz
cd kubeeye-offline- ${VERSION}
# offline installation, please import the images in the 'images' folder into the local container repository yourself and modify the images repo in `chart/kubeeye/values.yaml`.
helm upgrade --install kubeeye chart/kubeeye -n kubeeye-system --create-namespace
インストール パッケージ内の
rule
ディレクトリには、特定のニーズに応じてカスタマイズできるデモ ルールが用意されています。
注意: Prometheus ルールには、事前に Prometheus のエンドポイントを設定する必要があります。
kubectl apply -f rule
オンデマンドで検査計画を構成します。
cat > plan.yaml << EOF
apiVersion: kubeeye.kubesphere.io/v1alpha2
kind: InspectPlan
metadata:
name: inspectplan
spec:
# The planned time for executing inspections only supports cron expressions. For example, '*/30 * * * ?' means that the inspection will be performed every 30 minutes.'
# If only a single inspection is required, then remove this parameter.
schedule: "*/30 * * * ?"
# The maximum number of retained inspection results, if not filled in, will retain all.
maxTasks: 10
# Should the inspection plan be paused, applicable only to periodic inspections, true or false (default is false).
suspend: false
# Inspection timeout, default 10 minutes.
timeout: 10m
# Inspection rule list, used to associate corresponding inspection rules, please fill in the inspectRule name.
# Execute ` kubectl get inspectrule ` to view the inspection rules in the cluster.
ruleNames:
- name: inspect-rule-filter-file
- name: inspect-rule-node-info
- name: inspect-rule-node
- name: inspect-rule-sbnormalpodstatus
- name: inspect-rule-deployment
- name: inspect-rule-sysctl
- name: inspect-rule-prometheus
- name: inspect-rule-filechange
- name: inspect-rule-systemd
# nodeName: master
# nodeSelector:
# node-role.kubernetes.io/master: ""
# Multi-cluster inspection (currently only supports multi-cluster inspection in KubeSphere)
# clusterName:
# - name: host
EOF
kubectl apply -f plan.yaml
# View the name of the inspection result for inspection report download.
kubectl get inspectresult
# # Get the address and port of kubeeye-apiserver service.
kubectl get svc -n kubeeye-system kubeeye-apiserver -o custom-columns=CLUSTER-IP:.spec.clusterIP,PORT:.spec.ports[ * ].port
# # Download the inspection report, and please replace <> with the actual information obtained from the environment.
curl http:// < svc-ip > :9090/kapis/kubeeye.kubesphere.io/v1alpha2/inspectresults/ < result name > ? type = html -o inspectReport.html
# # After downloading, you can use a browser to open the HTML file for viewing.
# # Create a nodePort type svc for kubeeye-apiserver.
kubectl -n kubeeye-system expose deploy kubeeye-apiserver --port=9090 --type=NodePort --name=ke-apiserver-node-port
# # Enter the inspection report URL in the browser to view, and remember to replace <> with the actual information obtained from the environment.
http:// < node address > : < node port > /kapis/kubeeye.kubesphere.io/v1alpha2/inspectresults/ < result name > ? type=html