k8s與UI--scope簡介與部署
scope簡介
scope 是 weave公司開源的用於監控,可視化,管理kubernetes集羣的一個相似於dashbord的UI系統。有一下四大特色:node
- 實時瞭解你的docker容器。
- 相關細節和深層連接。提供了容器tags,元數據,metrics等細節,也提供了cpu和內存指標。
- 集成了容器管理。能夠pause,stop容器,也提供了webshell,方便對容器進行操做。
- 插件機制。這個很重要,能夠根據約定,寫一些本身須要的插件。官方提供的插件集中在github。
我的感受有兩個地方作的不錯。第一個是scope提供了容器之間的業務拓撲,能夠很方便的查看調用關係。
另一個是scope-traffic-control插件,該插件用來控制容器的流量。
自己k8s只提供了cpu,內存和存儲的限制。在官方不支持流控以前,也是一個不侵入的選擇。利用的原理就是linux tc。後期咱們會對該插件專門介紹。linux
scope部署
直接上yaml文件git
apiVersion: v1
kind: List
items:
- apiVersion: v1
kind: Namespace
metadata:
name: weave
annotations:
cloud.weave.works/version: v1.0.0-44-gd0d2369
- apiVersion: v1
kind: ServiceAccount
metadata:
name: weave-scope
annotations:
cloud.weave.works/launcher-info: |-
{
"original-request": {
"url": "/k8s/scope.yaml?k8s-version=1.8.0",
"date": "Sat Feb 24 2018 09:12:44 GMT+0000 (UTC)"
},
"email-address": "support@weave.works"
}
labels:
name: weave-scope
namespace: weave
- apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRole
metadata:
name: weave-scope
annotations:
cloud.weave.works/launcher-info: |-
{
"original-request": {
"url": "/k8s/scope.yaml?k8s-version=1.8.0",
"date": "Sat Feb 24 2018 09:12:44 GMT+0000 (UTC)"
},
"email-address": "support@weave.works"
}
labels:
name: weave-scope
namespace: weave
rules:
- apiGroups:
- '*'
resources:
- '*'
verbs:
- '*'
- nonResourceURLs:
- '*'
verbs:
- '*'
- apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
metadata:
name: weave-scope
annotations:
cloud.weave.works/launcher-info: |-
{
"original-request": {
"url": "/k8s/scope.yaml?k8s-version=1.8.0",
"date": "Sat Feb 24 2018 09:12:44 GMT+0000 (UTC)"
},
"email-address": "support@weave.works"
}
labels:
name: weave-scope
namespace: weave
roleRef:
kind: ClusterRole
name: weave-scope
apiGroup: rbac.authorization.k8s.io
subjects:
- kind: ServiceAccount
name: weave-scope
namespace: weave
- apiVersion: apps/v1beta1
kind: Deployment
metadata:
name: weave-scope-app
annotations:
cloud.weave.works/launcher-info: |-
{
"original-request": {
"url": "/k8s/scope.yaml?k8s-version=1.8.0",
"date": "Sat Feb 24 2018 09:12:44 GMT+0000 (UTC)"
},
"email-address": "support@weave.works"
}
labels:
name: weave-scope-app
app: weave-scope
weave-cloud-component: scope
weave-scope-component: app
namespace: weave
spec:
replicas: 1
revisionHistoryLimit: 2
template:
metadata:
labels:
name: weave-scope-app
app: weave-scope
weave-cloud-component: scope
weave-scope-component: app
spec:
containers:
- name: app
args:
- '--no-probe'
- '--weave=false'
env: []
image: 'registry.xxx.com/kubernetes/scope:1.7.3'
imagePullPolicy: IfNotPresent
ports:
- containerPort: 4040
protocol: TCP
- apiVersion: v1
kind: Service
metadata:
name: weave-scope-app
annotations:
cloud.weave.works/launcher-info: |-
{
"original-request": {
"url": "/k8s/scope.yaml?k8s-version=1.8.0",
"date": "Sat Feb 24 2018 09:12:44 GMT+0000 (UTC)"
},
"email-address": "support@weave.works"
}
labels:
name: weave-scope-app
app: weave-scope
weave-cloud-component: scope
weave-scope-component: app
namespace: weave
spec:
type: NodePort
ports:
- name: app
port: 80
protocol: TCP
targetPort: 4040
nodePort: 32404
selector:
name: weave-scope-app
app: weave-scope
weave-cloud-component: scope
weave-scope-component: app
- apiVersion: extensions/v1beta1
kind: DaemonSet
metadata:
name: weave-scope-agent
annotations:
cloud.weave.works/launcher-info: |-
{
"original-request": {
"url": "/k8s/scope.yaml?k8s-version=1.8.0",
"date": "Sat Feb 24 2018 09:12:44 GMT+0000 (UTC)"
},
"email-address": "support@weave.works"
}
labels:
name: weave-scope-agent
app: weave-scope
weave-cloud-component: scope
weave-scope-component: agent
namespace: weave
spec:
template:
metadata:
labels:
name: weave-scope-agent
app: weave-scope
weave-cloud-component: scope
weave-scope-component: agent
spec:
containers:
- name: scope-agent
args:
- '--no-app'
- '--probe.docker.bridge=docker0'
- '--probe.docker=true'
- '--probe.kubernetes=true'
- 'weave-scope-app.weave:80'
- '--weave=false'
env:
- name: KUBERNETES_HOSTNAME
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: spec.nodeName
image: 'registry.xxx.com/kubernetes/scope:1.7.3'
imagePullPolicy: IfNotPresent
securityContext:
privileged: true
volumeMounts:
- name: docker-socket
mountPath: /var/run/docker.sock
- name: scope-plugins
mountPath: /var/run/scope/plugins
- name: sys-kernel-debug
mountPath: /sys/kernel/debug
dnsPolicy: ClusterFirstWithHostNet
hostNetwork: true
hostPID: true
serviceAccountName: weave-scope
tolerations:
- effect: NoSchedule
operator: Exists
volumes:
- name: docker-socket
hostPath:
path: /var/run/docker.sock
- name: scope-plugins
hostPath:
path: /var/run/scope/plugins
- name: sys-kernel-debug
hostPath:
path: /sys/kernel/debug
updateStrategy:
type: RollingUpdate
- 將鏡像源修改成本身服務器能夠pull到便可。
- 因爲scope沒有提供登陸認證的功能。因此沒有經過ingress映射到外網。經過nodeport將service暴露,內網能夠訪問。固然能夠輕鬆改造,整個接口採用mux實現,實現一個本身的認證中間件便可,這就是後續工做了。
- 若是你的k8s版本不是1.8.0,那麼你能夠獲取yaml文件經過下面語句
curl https://cloud.weave.works/k8s/scope.yaml?k8s-version=1.6.7 -sL -o scope.yaml
最後上一張效果圖github
總結
固然若是是一個商用的k8s集羣,scope遠遠不夠。可是對於內部使用,scope是dashbord的一種很好的補充,也能夠擴展,來知足本身。web
相關文章
- 1. k8s與CICD--drone簡介和部署
- 2. Linux----Docker簡介與部署
- 3. Docker與k8s簡介
- 4. K8S集羣部署:K8S簡介&CentOS7部署
- 5. K8S安裝與部署(kubeadm)
- 6. k8s與監控--k8s部署grafana6.0
- 7. K8s(Kubernetes)簡介及安裝部署
- 8. Redis服務之簡介與部署
- 9. Kylin的簡介與安裝部署
- 10. Ansible 簡介與安裝部署
- 更多相關文章...
- • ionic 頭部與底部 - ionic 教程
- • Maven 自動化部署 - Maven教程
- • 使用阿里雲OSS+CDN部署前端頁面與加速靜態資源
- • Java Agent入門實戰(一)-Instrumentation介紹與使用
相關標籤/搜索
每日一句
-
每一个你不满意的现在,都有一个你没有努力的曾经。
歡迎關注本站公眾號,獲取更多信息
