commit
16fdfe34cd
|
@ -32,7 +32,7 @@ NAME SEVERITY TIME MESSAGE
|
|||
scheduler Fatal 2020-11-27T17:09:59+08:00 Get http://127.0.0.1:10251/healthz: dial tcp 127.0.0.1:10251: connect: connection refused
|
||||
etcd-0 Fatal 2020-11-27T17:56:37+08:00 Get https://192.168.13.8:2379/health: dial tcp 192.168.13.8:2379: connect: connection refused
|
||||
|
||||
NAMESPACE SEVERITY NODENAME EVENTTIME REASON MESSAGE
|
||||
NAMESPACE SEVERITY PODNAME EVENTTIME REASON MESSAGE
|
||||
default Warning node3.164b53d23ea79fc7 2020-11-27T17:37:34+08:00 ContainerGCFailed rpc error: code = Unknown desc = Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?
|
||||
default Warning node3.164b553ca5740aae 2020-11-27T18:03:31+08:00 FreeDiskSpaceFailed failed to garbage collect required amount of images. Wanted to free 5399374233 bytes, but freed 416077545 bytes
|
||||
default Warning nginx-b8ffcf679-q4n9v.16491643e6b68cd7 2020-11-27T17:09:24+08:00 Failed Error: ImagePullBackOff
|
||||
|
@ -54,6 +54,7 @@ insights-agent Warning cronjob-executor Job 2020-11-27T1
|
|||
kube-system Warning calico-kube-controllers Deployment 2020-11-27T17:09:59+08:00 [cpuLimitsMissing livenessProbeMissing]
|
||||
kube-system Warning coredns Deployment 2020-11-27T17:09:59+08:00 [cpuLimitsMissing]
|
||||
```
|
||||
> You can refer to the [FAQ](./docs/FAQ.md) content to optimize your cluster.
|
||||
|
||||
## What kubeye can do
|
||||
|
||||
|
@ -111,6 +112,7 @@ kube-system Warning coredns Deployment 2020-11-27T1
|
|||
| :white_check_mark: | PodDangerousCapabilities | You have the dangerous option in capabilities such as ALL/SYS_ADMIN/NET_ADMIN|
|
||||
| :white_check_mark: | PodlivenessProbeMissing | ReadinessProbe was not declared|
|
||||
| :white_check_mark: | privilegeEscalationAllowed | Privilege escalation is allowed|
|
||||
| | NodeNotReadyAndUseOfClosedNetworkConnection | http2-max-streams-per-connection |
|
||||
> unmarked items are under heavy development
|
||||
|
||||
|
||||
|
|
|
@ -0,0 +1,41 @@
|
|||
The main purpose of this document is how to recover and eliminate the problem when you diagnose certain problems by executing the Kubeye command.
|
||||
|
||||
## Node-level issues
|
||||
|
||||
1. Container runtime not ready: RuntimeReady=false reason:DockerDaemonNotReady message:docker: failed to get docker version: Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?
|
||||
```
|
||||
Message: There is a problem with the docker service that causes the node NotReady.
|
||||
Solution Ideas:
|
||||
1. On the corresponding node, such as: systemctl status docker, see if the service is Running or exist?
|
||||
2. If it's not running, start it. such as: systemctl start docker.
|
||||
3. If it's not exist, it means that the corresponding node is reset and need to add node or delete node.
|
||||
4. If start fails, such as: journalctl -u docker -f, see detailed docker logs.
|
||||
```
|
||||
|
||||
## Pod-level issues
|
||||
|
||||
1. message: Error, ImagePullBackOff
|
||||
```
|
||||
Message: ImagePullBackOff
|
||||
Solution Ideas:
|
||||
1. kubectl describe pod -n <namespace> <podName>, such as: kubectl describe pod -n default nginx-b8ffcf679-q4n9v.16491643e6b68cd7, see event's log.
|
||||
2. Compare the pulled image with the actual one needed.
|
||||
3. Whether the pulled image exists in the mirror repositroy?
|
||||
4. Check the mirror repositroy or try pulling it manually on another node in the cluster to see if it succeeds.
|
||||
5. If another node can pull, check if the corresponding node is configured to pull the mirror repository trust source.
|
||||
```
|
||||
|
||||
## Best Practice issues
|
||||
|
||||
1. message: cpuLimitsMissing
|
||||
```
|
||||
Message: The CPU Limits parameter is not set at the corresponding pod resource
|
||||
Solution Ideas:
|
||||
Specific values refer to the actual application, such as,
|
||||
spec:
|
||||
containers:
|
||||
- image: nginx:latest
|
||||
resources:
|
||||
limits:
|
||||
cpu: 200m
|
||||
```
|
|
@ -99,7 +99,7 @@ func Cluster(configuration string, ctx context.Context, allInformation bool) err
|
|||
}
|
||||
|
||||
if len(clusterCheckResults) != 0 {
|
||||
fmt.Fprintln(w, "\nNAMESPACE\tSEVERITY\tNODENAME\tEVENTTIME\tREASON\tMESSAGE")
|
||||
fmt.Fprintln(w, "\nNAMESPACE\tSEVERITY\tPODNAME\tEVENTTIME\tREASON\tMESSAGE")
|
||||
for _, clusterCheckResult := range clusterCheckResults {
|
||||
s := fmt.Sprintf("%s\t%s\t%s\t%s\t%s\t%-8v",
|
||||
clusterCheckResult.Namespace,
|
||||
|
|
Loading…
Reference in New Issue