Debug & Troubleshooting

Kubernetes调试和故障排除工具。

kubernetes-dashboard
lens
octant
weave scope
k9s

crictl

用于对node调试.

https://github.com/kubernetes-sigs/cri-tools

https://kubernetes.io/docs/tasks/debug/debug-cluster/crictl/

nerdctl

调试node。

https://github.com/containerd/nerdctl

telepresence

用于本地调试集群上的服务.

https://github.com/telepresenceio/telepresence

kubernetes-dashboard

https://github.com/kubernetes/dashboard

// 部署dashboard
$ kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.2.0/aio/deploy/recommended.yaml

// check
$ kubectl -n kubernetes-dashboard get pods --watch

// 删除已安装的dashboard
$ kubectl delete ns kubernetes-dashboard

dashboard arguments

使用basic auth:

--enable-skip-login
--enable-insecure-login
--system-banner="Welcome to Kubernetes"
--authentication-mode="basic" // 默认是 token 登陆.

access control

kubeconfig
authorization header
token
basic

username/password login

access dashboard

本机访问

$ kubectl proxy
#> http://localhost:8001/api/v1/namespaces/kubernetes-dashboard/services/https:kubernetes-dashboard:/proxy/

远程访问

port-forward:

$ kubectl port-forward -n kubernetes-dashboard service/kubernetes-dashboard 8080:443 --address 0.0.0.0

nodePort:

kind: Service
apiVersion: v1
metadata:
  labels:
    k8s-app: kubernetes-dashboard
  name: kubernetes-dashboard
  namespace: kubernetes-dashboard
spec:
  type: NodePort
  ports:
    - port: 443
    targetPort: 8443
    nodePort: 30001
selector:
  k8s-app: kubernetes-dashboard

#> https://<node-ip>:30001

ingress:

#> https://<ingress-host>:<ingress-port>

metrics-server

kubectl top 命令依赖于 metrics-server。

https://github.com/kubernetes-sigs/metrics-server

参数:

--kubelet-preferred-address-types
--kubelet-insecure-tls
--requestheader-client-ca-file

部署:

# deploy 0.3.6
# 修改image为  registry.aliyuncs.com/google_containers/metrics-server-amd64:v0.3.6
$ kubectl apply -f https://github.com/kubernetes-sigs/metrics-server/releases/latest/download/components.yaml