# \[NHN Cloud] NHN Kubernetes Service(NKS) 관리용 OpenSource 설치 방법 {% hint style="info" %} **2022년 NHN Cloud ****무료**** 교육일정** : {% endhint %} {% hint style="info" %} **NHN Cloud ****사용자 가이드** : {% endhint %} {% hint style="warning" %} **2022년 NHN Cloud ****행사/프로모션**** 정보 공유** : {% endhint %} ## 1. Kubebox > Kubernetes 용 터미널 과 웹 콘솔을 제공하는 Kubebox 입니다. ### 1.1 Kubebox Features > * ✓ Configuration from *kubeconfig* files (`KUBECONFIG` environment variable or `$HOME/.kube`) > * ✓ Switch contexts interactively > * ✓ [Authentication support](https://github.com/astefanutti/kubebox#authentication) (bearer token, basic auth, private key / cert, OAuth, OpenID Connect, Amazon EKS, Google Kubernetes Engine, Digital Ocean) > * ✓ Namespace selection and pods list watching > * ✓ Container log scrolling / watching > * ✓ Container resources usage (memory, CPU, network, file system charts) \[[1](https://github.com/astefanutti/kubebox#_footnotedef_1)] > * ✓ Container remote exec terminal > * ✓ Cluster, namespace, pod events > * ❏ Object configuration editor and CRUD operations > * ❏ Cluster and nodes views / monitoring ### 1.2 Kubebox Terminal Console Install #### 1.2.1 Kubebox Install > 원격 접속 후 터미널로 실행이 가능하며 이를 권장 함. {% code title="Ubuntu 20.04 에 Kubebox 설치 및 실행" %} ```bash # Kubebox 파일 다운로드 및 실행 권한 $ curl -Lo kubebox https://github.com/astefanutti/kubebox/releases/download/v0.9.0/kubebox-linux && chmod +x kubebox % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 100 619 100 619 0 0 2292 0 --:--:-- --:--:-- --:--:-- 2284 100 11.8M 100 11.8M 0 0 5401k 0 0:00:02 0:00:02 --:--:-- 10.1M # /usr/local/bin 폴더로 이동 $ sudo mv kubebox /usr/local/bin/ # Resources(Memory/Cpu/Net/FS) 를 보기 위해 cadvisor.yaml 실행 $ kubectl apply -f https://raw.github.com/astefanutti/kubebox/master/cadvisor.yaml namespace/cadvisor created serviceaccount/cadvisor created podsecuritypolicy.policy/cadvisor unchanged clusterrole.rbac.authorization.k8s.io/cadvisor unchanged clusterrolebinding.rbac.authorization.k8s.io/cadvisor unchanged daemonset.apps/cadvisor created # 실행 $ kubebox ``` {% endcode %} #### 1.2.2 Kubebox Terminal Console 실행 화면 ![그림. Kubebox Terminal Console 접속 화면 ](https://674794822-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-MXjvaK4Gw77FbwOuHWJ%2F-Mb48frM9PxspD_YM1wX%2F-Mb4CARFC5cOTiLaUVn8%2Fimage.png?alt=media\&token=0f895fc0-f747-4259-90b9-a3edfe6ea793) ![그림. Kubebox 접속 후 pod 로그 및 Resources 현황 ](https://674794822-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-MXjvaK4Gw77FbwOuHWJ%2F-Mb48frM9PxspD_YM1wX%2F-Mb4IZrEMGT-iw-p7SSP%2Fimage.png?alt=media\&token=1daec0b5-9fe0-4493-9b8a-e17ccdde088f) ![그림. Kubebox 접속 후 pod 로 원격 쉘 접근 화면 ](https://674794822-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-MXjvaK4Gw77FbwOuHWJ%2F-Mb48frM9PxspD_YM1wX%2F-Mb4Iy5NVOTEYyJD5Gp-%2Fimage.png?alt=media\&token=16a3eec6-eeb8-407c-9702-ac2d8fa995d0) ![그림. Kubebox 접속 후 Pod 의 Events Cluster 의 상세 로그 현황 ](https://674794822-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-MXjvaK4Gw77FbwOuHWJ%2F-Mb48frM9PxspD_YM1wX%2F-Mb4JNwQMMvTrErXsXpA%2Fimage.png?alt=media\&token=faa00004-ba6e-40fc-8d1e-972d72bfca3f) #### 1.2.3 Kubebox Download & Executable > Download the Kubebox standalone executable for your OS: > > ``` > # Linux (x86_64) > $ curl -Lo kubebox https://github.com/astefanutti/kubebox/releases/download/v0.9.0/kubebox-linux && chmod +x kubebox > > # Linux (ARMv7) > $ curl -Lo kubebox https://github.com/astefanutti/kubebox/releases/download/v0.9.0/kubebox-linux-arm && chmod +x kubebox > > # OSX > $ curl -Lo kubebox https://github.com/astefanutti/kubebox/releases/download/v0.9.0/kubebox-macos && chmod +x kubebox > > # Windows > $ curl -Lo kubebox.exe https://github.com/astefanutti/kubebox/releases/download/v0.9.0/kubebox-windows.exe > ``` ### 1.3 Kubebox Web Console Install > Kubebox Web Console 접속 할 때 비밀번호 없이 접속이 가능하며 이를 ***제한*** 하여야 함. {% code title="Kubebox Web Console 실행 방법 # 웹 콘솔 접속 시 ID/Pass 없으며 웹 쉘의 IP 접근 제한을 하여야 함. " %} ```bash # Kubebox pod 실행 $ kubectl apply -f https://raw.github.com/astefanutti/kubebox/master/kubernetes.yaml x/master/kubernetes.yaml namespace/kubebox created service/kubebox created ingress.networking.k8s.io/kubebox created deployment.apps/kubebox created serviceaccount/kubebox created clusterrolebinding.rbac.authorization.k8s.io/kubebox created clusterrole.rbac.authorization.k8s.io/kubebox created # Resources(Memory/Cpu/Net/FS) 를 보기 위해 cadvisor.yaml 실행 $ kubectl apply -f https://raw.github.com/astefanutti/kubebox/master/cadvisor.yaml namespace/cadvisor created serviceaccount/cadvisor created podsecuritypolicy.policy/cadvisor unchanged clusterrole.rbac.authorization.k8s.io/cadvisor unchanged clusterrolebinding.rbac.authorization.k8s.io/cadvisor unchanged daemonset.apps/cadvisor created # Kubebox pod 정보 확인 $ kubectl get pod --namespace kubebox -o wide NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES kubebox-8c8b4b7b-wh4dv 1/1 Running 0 100s 10.100.2.5 kube-test-default-w-ely36nnk7fog-node-1 # Kubebox Service 확인 $ kubectl get svc --all-namespaces NAMESPACE NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE default kubernetes ClusterIP 10.254.0.1 443/TCP 33m kube-system dashboard-metrics-scraper ClusterIP 10.254.190.192 8000/TCP 33m kube-system kube-dns ClusterIP 10.254.0.10 53/UDP,53/TCP,9153/TCP 33m kube-system kubernetes-dashboard ClusterIP 10.254.169.196 443/TCP 33m kube-system metrics-server ClusterIP 10.254.232.10 443/TCP 33m kubebox kubebox ClusterIP 10.254.236.84 8080/TCP 6m31s # Kubebox LoadBalancer 등록 $ kubectl -n kubebox patch svc/kubebox -p '{"spec":{"type":"LoadBalancer"}}' service/kubebox patched # Kubebox service $ kubectl get svc --all-namespaces NAMESPACE NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE default kubernetes ClusterIP 10.254.0.1 443/TCP 36m kube-system dashboard-metrics-scraper ClusterIP 10.254.190.192 8000/TCP 35m kube-system kube-dns ClusterIP 10.254.0.10 53/UDP,53/TCP,9153/TCP 35m kube-system kubernetes-dashboard ClusterIP 10.254.169.196 443/TCP 35m kube-system metrics-server ClusterIP 10.254.232.10 443/TCP 35m kubebox kubebox LoadBalancer 10.254.236.84 133.186.155.190 8080:30130/TCP 8m55s # cadvisor namespace 삭제 $ kubectl delete namespace cadvisor namespace "cadvisor" deleted # Kubebox namespace 삭제 $ kubectl delete namespace kubebox namespace "kubebox" deleted ``` {% endcode %} #### 1.3.1 Kubebox Web Console 실행 화면 ![그림. Kubebox Web Console 접속 화면 ](https://674794822-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-MXjvaK4Gw77FbwOuHWJ%2F-Mb48frM9PxspD_YM1wX%2F-Mb4IH_Br2GVx73S-7-e%2Fimage.png?alt=media\&token=a2d1d3f8-f6ef-46af-95a6-a2391aa9a58b) ![그림. Kubebox 접속 후 pod 로그 및 Resources 현황 ](https://674794822-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-MXjvaK4Gw77FbwOuHWJ%2F-Mb48frM9PxspD_YM1wX%2F-Mb4Ig7BAZ2zjteCZb0h%2Fimage.png?alt=media\&token=642ca7e8-13e6-42d8-9b08-3a1b13eca11b) ![그림. Kubebox 접속 후 pod 로 원격 쉘 접근 화면 ](https://674794822-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-MXjvaK4Gw77FbwOuHWJ%2F-Mb48frM9PxspD_YM1wX%2F-Mb4J42RKQ0Al6YYy7UH%2Fimage.png?alt=media\&token=31d45149-5db5-46bb-8ff4-ab0a78d680ea) ![그림. Kubebox 접속 후 Pod 의 Events Cluster 의 상세 로그 현황 ](https://674794822-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-MXjvaK4Gw77FbwOuHWJ%2F-Mb48frM9PxspD_YM1wX%2F-Mb4JU-oHePpk7Qw2Pxo%2Fimage.png?alt=media\&token=db2797a1-9eb5-4ecf-be50-1843daf7d4a6) ### 1.4 Kubebox Development ```bash $ git clone https://github.com/astefanutti/kubebox.git $ cd kubebox $ npm install $ node index.js ``` ### 1.5 Kubebox Hotkeys | | Keybinding | Description | | --------- | ------------------------------------------- | ------------------------------------------------------------------ | | *General* | l, Ctrl+l | Login | | | n | Change current namespace | | |

\[Shift+]←, →

\[Alt+]1, …​, 9

| Navigate screens (use Shift or Alt inside exec terminal) | | | Tab, Shift+Tab | Change focus within the active screen | | | ↑, ↓ | Navigate list / form / log | | | PgUp, PgDn | Move one page up / down | | | Enter | Select item / submit form | | | Esc | Close modal window / cancel form | | | Ctrl+z | Close current screen | | | q, Ctrl+q | Exit \[[3](https://github.com/astefanutti/kubebox#_footnotedef_3)] | | *Login* | ←, → | Navigate Kube configurations | | *Pods* | Enter | Select pod / cycle containers | | | r | Remote shell into container | | | m | Memory usage | | | c | CPU usage | | | t | Network usage | | | f | File system usage | | | e | Pod events | | | Shift+e | Namespace events | | | Ctrl+e | Cluster events | ### 1.6 Authentication > We try to support the various authentication strategies supported by `kubectl`, in order to provide seamless integration with your local setup. Here are the different authentication strategies we support, depending on how you’re using Kubebox: | | Executable | Docker | Online | | ------------------------ | ---------- | ------ | --------------------------------------------------------------------------------------- | | OpenID Connect | ✔️ | ✔️ | ✔️\[[2](https://github.com/astefanutti/kubebox/blob/master/README.adoc#_footnotedef_2)] | | Amazon EKS | ✔️ | | | | Digital Ocean | ✔️ | | | | Google Kubernetes Engine | ✔️ | | | > If the mode you’re using isn’t supported, you can refresh the authentication token/certs manually and update your *kubeconfig* file accordingly. ### 1.7 cAdvisor > Kubebox relies on [cAdvisor](https://github.com/google/cadvisor) to retrieve the resource usage metrics. Before version 0.8.0, Kubebox used to access the cAdvisor endpoints, that are embedded in the *Kubelet*. However, these endpoints are being deprecated, and will eventually be removed, as discussed in [kubernetes#68522](https://github.com/kubernetes/kubernetes/issues/68522). > > Starting version 0.8.0, Kubebox expects cAdvisor to be deployed as a [DaemonSet](https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/). This can be achieved with: > > ```bash > $ kubectl apply -f https://raw.github.com/astefanutti/kubebox/master/cadvisor.yaml > ``` > > It’s recommended to use the provided `cadvisor.yaml` file, that’s tested to work with Kubebox. However, the DaemonSet example, from the [cAdvisor](https://github.com/google/cadvisor) project, should also work just fine. Note that the cAdvisor containers must run with a *privileged* security context, so that they can access the container runtime on each node. > > You can change the default `--storage_duration` and `--housekeeping_interval` options, added to the cAdvisor container arguments declared in the `cadvisor.yaml` file, to adjust the duration of the storage moving window (default to `5m0s`), and the sampling period (default to `10s`) respectively. You may also have to provide the path of your cluster container runtime socket, in case it’s not following the usual convention. ### 1.8 FAQ > * ***Resources usage metrics are unavailable!*** > * Starting version 0.8.0, Kubebox expects [cAdvisor](https://github.com/google/cadvisor) to be deployed as a DaemonSet. See the [cAdvisor](https://github.com/astefanutti/kubebox#cadvisor) section for more details; > * The metrics are retrieved from the REST API, of the cAdvisor pod running on the same node as the container for which the metrics are being requested. That REST API is accessed via the API server proxy, which requires proper RBAC permission, e.g.: > > ``` > # Permission to list the cAdvisor pods (selected using the `spec.nodeName` field selector) > $ kubectl auth can-i list pods -n cadvisor > yes > # Permission to proxy the selected cAdvisor pod, to call its REST API > $ kubectl auth can-i get pod --subresource proxy -n cadvisor > yes > ``` ### 1.9 출처 : ## 2. Kubernetes Operational View > Kubernetes Operational View? > > Goal: provide a common operational picture for multiple Kubernetes clusters. > > * Render nodes and indicate their overall status ("Ready") > * Show node capacity and resource usage (CPU, memory) > * Render one "box" per CPU and fill up to sum of pod CPU requests/usage > * Render vertical bar for total memory and fill up to sum of pod memory requests/usage > * Render individual pods > * Indicate pod status by border line color (green: ready/running, yellow: pending, red: error etc) > * Show current CPU/memory usage (gathered from Heapster) by small vertical bars > * System pods ("kube-system" namespace) will be grouped together at the bottom > * Provide tooltip information for nodes and pods > * Animate pod creation and termination > What it is not: > > * It's not a replacement for the [Kubernetes Dashboard](https://github.com/kubernetes/dashboard). The Kubernetes Dashboard is a general purpose UI which allows managing applications. > * It's not a monitoring solution. Use your preferred monitoring system to alert on production issues. > * It's not a operation management tool. Kubernetes Operational View does not allow interacting with the actual cluster. ### 2.1 Kubernetes Operational View Install {% code title="Kubernetes Operational View 다운로드 및 실행 방법" %} ```bash # Kubernetes Operational View 소스 파일 다운로드 $ git clone https://codeberg.org/hjacobs/kube-ops-view.git Cloning into 'kube-ops-view'... remote: Enumerating objects: 1970, done. remote: Counting objects: 100% (1970/1970), done. remote: Compressing objects: 100% (766/766), done. remote: Total 1970 (delta 1340), reused 1702 (delta 1162), pack-reused 0 Receiving objects: 100% (1970/1970), 1.11 MiB | 825.00 KiB/s, done. Resolving deltas: 100% (1340/1340), done. # 소스 파일 다운로드 $ ls kube-ops-view # deploy 폴더에 yaml 파일 확인 $ cd kube-ops-view/deploy/ $ ls deployment.yaml kustomization.yaml rbac.yaml redis-deployment.yaml redis-service.yaml service.yaml # service.yaml 파일에 LoadBalancer IP 할당 $ vi service.yaml type: ClusterIP ==> type: LoadBalancer # Kubernetes Operational View Service 실행 $ kubectl apply -k . serviceaccount/kube-ops-view created clusterrole.rbac.authorization.k8s.io/kube-ops-view created clusterrolebinding.rbac.authorization.k8s.io/kube-ops-view created service/kube-ops-view-redis created service/kube-ops-view created deployment.apps/kube-ops-view-redis created deployment.apps/kube-ops-view created # Kubernetes Operational View Service 실행 확인 $ kubectl get svc --all-namespaces NAMESPACE NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE default kube-ops-view LoadBalancer 10.254.81.99 133.186.244.48 80:31174/TCP 75s default kube-ops-view-redis ClusterIP 10.254.60.234 6379/TCP 109s default kubernetes ClusterIP 10.254.0.1 443/TCP 3h18m kube-system dashboard-metrics-scraper ClusterIP 10.254.190.192 8000/TCP 3h18m kube-system kube-dns ClusterIP 10.254.0.10 53/UDP,53/TCP,9153/TCP 3h18m kube-system kubernetes-dashboard ClusterIP 10.254.169.196 443/TCP 3h18m kube-system metrics-server ClusterIP 10.254.232.10 443/TCP 3h18m # Kubernetes Operational View Service 중지 $ kubectl delete -k . serviceaccount "kube-ops-view" deleted clusterrole.rbac.authorization.k8s.io "kube-ops-view" deleted clusterrolebinding.rbac.authorization.k8s.io "kube-ops-view" deleted service "kube-ops-view-redis" deleted service "kube-ops-view" deleted deployment.apps "kube-ops-view-redis" deleted deployment.apps "kube-ops-view" deleted ``` {% endcode %} ### 2.2 Kubernetes Operational View 실행 화면 #### 2.2.1 실행 화면 ![](https://674794822-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-MXjvaK4Gw77FbwOuHWJ%2F-Mb4Wqwrr7LV9oYUW9_9%2F-Mb4XFYuG4GBvH_zkPID%2Fimage.png?alt=media\&token=0f89b734-2891-4676-ab4e-aba30f1d27a4) #### 2.2.2 Pod Mouse Point over ![](https://674794822-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-MXjvaK4Gw77FbwOuHWJ%2F-Mb4Wqwrr7LV9oYUW9_9%2F-Mb4XXyb1S0nbjVWowqi%2Fimage.png?alt=media\&token=55db9828-5c2b-4792-8be6-06ffac3fd4c0) #### 2.2.3 화면 크게 하기 > \*\*\_ 로 화면 크기를 늘림. ![](https://674794822-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-MXjvaK4Gw77FbwOuHWJ%2F-Mb4Wqwrr7LV9oYUW9_9%2F-Mb4Y9GkJFvxluRO_1ng%2Fimage.png?alt=media\&token=57b087ed-dcea-4cf5-80f7-14ca9b85e2a1) ### 2.3 Development & Building #### 2.3.1 Development > The app can be started in "mock mode" to work on UI features without running any Kubernetes cluster: > > ``` > $ pipenv install && pipenv shell > $ (cd app && npm start &) # watch and compile JS bundle > $ python3 -m kube_ops_view --mock --debug > ``` #### 2.3.2 Building > The provided `Makefile` will generate a Docker image by default: > > ``` > $ make > ``` ### 2.4 Multiple Clusters > Multiple clusters are supported by passing a list of API servers, reading a kubeconfig file or pointing to an HTTP Cluster Registry endpoint. > > See the [documentation on multiple clusters](https://kubernetes-operational-view.readthedocs.io/en/latest/multiple-clusters.html) for details. ### 2.5 Configuration > The following environment variables are supported:`AUTHORIZE_URL` > > Optional OAuth 2 authorization endpoint URL for protecting the UI.`ACCESS_TOKEN_URL` > > Optional token endpoint URL for the OAuth 2 Authorization Code Grant flow.`SCOPE` > > Optional scope specifies level of access that the application is requesting.`CLUSTERS` > > Comma separated list of Kubernetes API server URLs. It defaults to `http://localhost:8001/` (default endpoint of `kubectl proxy`).`CLUSTER_REGISTRY_URL` > > URL to cluster registry returning list of Kubernetes clusters.`CREDENTIALS_DIR` > > Directory to read (OAuth) credentials from --- these credentials are only used for non-localhost cluster URLs.`DEBUG` > > Set to "true" for local development to reload code changes.`KUBECONFIG_PATH` > > Path to kubeconfig file to use for cluster access.`KUBECONFIG_CONTEXTS` > > Comma separated list of contexts to use when reading the kubeconfig file from `KUBECONFIG_PATH`.`MOCK` > > Set to "true" to mock Kubernetes cluster data.`QUERY_INTERVAL` > > Interval in seconds for querying clusters (default: 5). Each cluster will at most queried once per configured interval.`REDIS_URL` > > Optional Redis server to use for pub/sub events and job locking when running more than one replica. Example: `redis://my-redis:6379SERVER_PORT` > > HTTP port to listen on. It defaults to `8080`.`NODE_LINK_URL_TEMPLATE` > > Template to make Nodes clickable, e.g. can point to [kube-web-view](https://codeberg.org/hjacobs/kube-web-view/). `{cluster}` (cluster ID) and `{name}` (Node name) will be replaced in the URL template.`POD_LINK_URL_TEMPLATE` > > Template to make Pods clickable, e.g. can point to [kube-web-view](https://codeberg.org/hjacobs/kube-web-view/). `{cluster}` (cluster ID), `{namespace}` (Pod's namespace), and `{name}` (Pod name) will be replaced in the URL template.`ROUTE_PREFIX` > > The URL prefix under which kube-ops-view is externally reachable (for example, if kube-ops-view is served via a reverse proxy). Used for generating relative and absolute links back to kube-ops-view itself. If the URL has a path portion, it will be used to prefix all HTTP endpoints served by kube-ops-view. If omitted, relevant URL components will be derived automatically. ### 2.6 Supported Browsers > The UI uses WebGL, ECMAScript 6, and EventSource features. The following browsers are known to work: > > * Chrome/Chromium 53.0+ > * Mozilla Firefox 49.0+ > > See the [ECMAScript 6 Compatibility Table](https://kangax.github.io/compat-table/es6/) for details on supported browser versions. ### 2.7 License > This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. > > This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. > > You should have received a copy of the GNU General Public License along with this program. If not, see . ### 2.8 출처 : ## 3. NHN Kubernetes Service(NKS) DashBoard > NHN Kubernetes Service(NKS) 는 기본 웹 UI 대시보드(dashboard)를 제공합니다. Kubernetes 대시보드에 대한 자세한 내용은 [웹 UI (대시보드)](https://kubernetes.io/ko/docs/tasks/access-application-cluster/web-ui-dashboard/) 문서를 참고하세요. ### 3.1 NHN Kubernetes Service(NKS) DashBoard Install > Manager 서버에서 아래의 쉘(nhn\_cloud\_dash.sh) 파일을 이용하여 실행 하면 대시보드에 접속이 가능합니다. {% code title="nhn\_cloud\_dash.sh" %} ```bash #/bin/bash kubectl get svc kubernetes-dashboard -n kube-system kubectl -n kube-system patch svc/kubernetes-dashboard -p '{"spec":{"type":"LoadBalancer"}}' kubectl get svc -n kube-system kubectl --kubeconfig=$KUBE_CONFIG -n kube-system describe secret $(kubectl --kubeconfig=$KUBE_CONFIG -n kube-system get secret | awk '/^kubernetes-dashboard-token/{print $1}') | awk '$1=="token:"{print $2}' ``` {% endcode %} {% file src="" %} {% code title="nhn\_cloud\_dash.sh" %} ```bash # nhn_cloud_dash.sh 실행 권한 부여 ubuntu@kube-manager:~$ chmod +x nhn_cloud_dash.sh # nhn_cloud_dash.sh 파일 실행 ubuntu@kube-manager:~$ ./nhn_cloud_dash.sh NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE kubernetes-dashboard LoadBalancer 10.254.34.9 133.186.144.217 443:30826/TCP 4h10m service/kubernetes-dashboard patched # kube-system namespace 서비스 목록 확인 NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE dashboard-metrics-scraper ClusterIP 10.254.201.131 8000/TCP 4h10m kube-dns ClusterIP 10.254.0.10 53/UDP,53/TCP,9153/TCP 4h10m kubernetes-dashboard LoadBalancer 10.254.34.9 133.186.144.217 443:30826/TCP 4h10m metrics-server ClusterIP 10.254.103.255 443/TCP 4h10m # 대시 보드 토큰 값(로그인 토큰) eyJhbGciOiJSUzI1NiIsImtpZCI6IkhPSzNnRnVibWpkOHRUXzdKVUxHZDJNV3V1Z0VHRksybnJrOWhScDVaOGcifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlLXN5c3RlbSIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJrdWJlcm5ldGVzLWRhc2hib2FyZC10b2tlbi1icmJmaCIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50Lm5hbWUiOiJrdWJlcm5ldGVzLWRhc2hib2FyZCIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50LnVpZCI6IjVjYzIzZGU2LWM4NzUtNDZmNS1iYTViLTY3OGVjOTQyODE5OSIsInN1YiI6InN5c3RlbTpzZXJ2aWNlYWNjb3VudDprdWJlLXN5c3RlbTprdWJlcm5ldGVz5-xEtugE6I5SEwoI7zhFDqYw_PJNoKhxTXXjt4DjhCumyBdPsxSHgwyeeQEqQ1KimIOQ4wSsiB1APyf8dflRF9k0I7snTBxHlDpEs9mVlhZDacV52yDBgAcomP5QwQn8ZUSuZqF-ptjuz-CXHB8IPwRLs32Qqnbf7ZB4DTU7fBc_NzCgnx_2t3bJQhNdDH89U6HxdgKsplqEQT1q0hZFNszpdtJUGF2jiXyoYLxKvZqO4ALJi_-03yziIZE4VG7IHHN81-Uf4ovGOK9dFxg28rDgDWTztZ8gcFZgDJi0c6IeyjQCE1ZZFJ81Wu8QFzmlQj_g ``` {% endcode %} ### 3.2 NHN Kubernetes Service(NKS) DashBoard 접속 확인 > 크롬을 이용하여 으로 접속 `접속아이피는 설정에 따라 변함` > > 접속 할 때 토큰 정보를 입력 하여 로그인 ![그림. Kubernetes 대시 보드 접속 확인](https://674794822-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-MXjvaK4Gw77FbwOuHWJ%2F-MZAr9ubb-0zceYxIK5r%2F-MZArEBFkQ3yBcdc1ZPt%2Fimage.png?alt=media\&token=9c4b49e6-dcb0-487e-86d9-036ac6dc4b07) > 정상적으로 로그인 후 다양한 정보를 확인 할 수 있습니다. ![그림. Kubenetes 의 다양한 정보 확인 ](https://674794822-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-MXjvaK4Gw77FbwOuHWJ%2F-MZAt8TVS36fQ2WWTWWG%2F-MZAupdhgJE9lUnLsQrt%2Fimage.png?alt=media\&token=c1c12713-4a52-4ee4-856b-cf61f2e91169) ### 3.3 출처 : ## 4. WeaveScope > Weave Scope automatically generates a map of your application, enabling you to intuitively understand, monitor, and control your containerized, microservices-based application. > > **Ensure your computer is behind a firewall that blocks.** > > #### Understand your Docker containers in real time > > [![Map you architecture](https://github.com/weaveworks/scope/raw/master/imgs/topology.png)](https://github.com/weaveworks/scope/blob/master/imgs/topology.png) > > Choose an overview of your container infrastructure, or focus on a specific microservice. Easily identify and correct issues to ensure the stability and performance of your containerized applications. > > #### Contextual details and deep linking > > [![Focus on a single container](https://github.com/weaveworks/scope/raw/master/imgs/selected.png)](https://github.com/weaveworks/scope/blob/master/imgs/selected.png) > > View contextual metrics, tags, and metadata for your containers. Effortlessly navigate between processes inside your container to hosts your containers run on, arranged in expandable, sortable tables. Easily find the container using the most CPU or memory for a given host or service. > > #### Interact with and manage containers > > [![Launch a command line.](https://github.com/weaveworks/scope/raw/master/imgs/terminals.png)](https://github.com/weaveworks/scope/blob/master/imgs/terminals.png) > > Interact with your containers directly: pause, restart, and stop containers. Launch a command line. All without leaving the scope browser window. > > #### Extend and customize via plugins > > Add custom details or interactions for your hosts, containers, and/or processes by creating Scope plugins. Or, just choose from some that others have already written at the GitHub [Weaveworks Scope Plugins](https://github.com/weaveworks-plugins/) organization. ### 4.1 WeaveScope Install > Manager 서버에서 쉘(nhn\_cloud\_weavescope.sh) 파일을 이용하여 실행 하면 Weavescope 의 웹 페이지에 접속이 가능합니다. {% code title="nhn\_cloud\_weavescope.sh" %} ```bash #/bin/bash kubectl get pod --all-namespaces kubectl get services --all-namespaces kubectl apply -f 'https://cloud.weave.works/launch/k8s/weavescope.yaml' kubectl -n weave patch svc/weave-scope-app -p '{"spec":{"type":"LoadBalancer"}}' kubectl get services --all-namespaces ``` {% endcode %} {% file src="" %} {% code title="nhn\_cloud\_weavescope.sh" %} ```bash # nhn_cloud_weavescope.sh 실행 권한 부여 ubuntu@kube-manager:~$ chmod +x nhn_cloud_weavescope.sh # nhn_cloud_weavescope.sh 실행 ubuntu@kube-manager:~$ ./nhn_cloud_weavescope.sh # 전체 namespace Pod 목록 확인 NAMESPACE NAME READY STATUS RESTARTS AGE default echo-799bdfb445-jnkqb 1/1 Running 0 127m kube-system cluster-autoscaler-default-worker-796888b878-c22v7 1/1 Running 0 4h27m kube-system coredns-69785fddb8-rqmm8 1/1 Running 0 4h28m kube-system coredns-69785fddb8-xtfkt 1/1 Running 0 4h28m kube-system dashboard-metrics-scraper-c79c65bb7-qpplj 1/1 Running 0 4h28m kube-system kube-dns-autoscaler-5bfb4969c6-qwx6d 1/1 Running 0 4h28m kube-system kube-flannel-ds-amd64-2t9h2 1/1 Running 0 4h24m kube-system kubernetes-dashboard-7fccd7c66d-dzxwp 1/1 Running 0 4h28m kube-system metrics-server-7bcdd8974c-hn4h8 1/1 Running 0 4h28m kube-system npd-7hzrv 1/1 Running 0 4h23m # 전체 namespace 서비스 목록 확인 NAMESPACE NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE default kubernetes ClusterIP 10.254.0.1 443/TCP 4h28m kube-system dashboard-metrics-scraper ClusterIP 10.254.201.131 8000/TCP 4h28m kube-system kube-dns ClusterIP 10.254.0.10 53/UDP,53/TCP,9153/TCP 4h28m kube-system kubernetes-dashboard LoadBalancer 10.254.34.9 133.186.144.217 443:30826/TCP 4h28m kube-system metrics-server ClusterIP 10.254.103.255 443/TCP 4h28m # weavescope 서비스 실행 namespace/weave created serviceaccount/weave-scope created clusterrole.rbac.authorization.k8s.io/weave-scope configured clusterrolebinding.rbac.authorization.k8s.io/weave-scope configured deployment.apps/weave-scope-app created service/weave-scope-app created deployment.apps/weave-scope-cluster-agent created daemonset.apps/weave-scope-agent created # type 을 LoadBalancer 로 변경 service/weave-scope-app patched # EXTERNAL-IP 에서 공인 IP 획득 NAMESPACE NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE default kubernetes ClusterIP 10.254.0.1 443/TCP 4h28m kube-system dashboard-metrics-scraper ClusterIP 10.254.201.131 8000/TCP 4h28m kube-system kube-dns ClusterIP 10.254.0.10 53/UDP,53/TCP,9153/TCP 4h28m kube-system kubernetes-dashboard LoadBalancer 10.254.34.9 133.186.144.217 443:30826/TCP 4h28m kube-system metrics-server ClusterIP 10.254.103.255 443/TCP 4h28m weave weave-scope-app LoadBalancer 10.254.226.22 133.186.159.43 80:32541/TCP 1s ``` {% endcode %} ### 4.2 WeaveScope 크롬 접속 확인 ![](https://674794822-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-MXjvaK4Gw77FbwOuHWJ%2F-MZBqNm7YL8_OkP63E0i%2F-MZBrM3--nDdFy9nTvYL%2Fimage.png?alt=media\&token=59cab579-6cf1-4717-8752-2c4f65256877) ### 4.3 License > Scope is licensed under the Apache License, Version 2.0. See [LICENSE](https://github.com/weaveworks/scope/blob/master/LICENSE) for the full license text.\ > Find more details about the licenses of vendored code in [VENDORED\_CODE.md](https://github.com/weaveworks/scope/blob/master/VENDORED_CODE.md). ### 4.4 출처 : , {% hint style="info" %} **2022년 NHN Cloud ****무료**** 교육일정** : {% endhint %} {% hint style="info" %} **NHN Cloud ****사용자 가이드** : {% endhint %} {% hint style="warning" %} **2022년 NHN Cloud ****행사/프로모션**** 정보 공유** : {% endhint %}