NHN Cloud
  • [NHN Cloud] NHN Cloud 교육 정보 공유
  • [NHN Recruitings] NHN 채용/취업/공고 사이트
  • [Naver Cloud Recruitings] nCloud 채용/취업/공고 사이트
  • [NHN Cloud] 행사/프로모션 정보 공유
  • [NHN Cloud] NHN Kubernetes Service(NKS) 활용법
  • [NHN Cloud] NHN Kubernetes Service(NKS) 관리용 OpenSource 설치 방법
  • TIPs. [NHN Cloud] NHN Kubernetes Service(NKS) 의 LoadBalancer 사용법
  • [NHN Cloud] NHN Kubernetes Service(NKS) 를 이용한 커뮤니티 블로그 구축 사례
  • [NHN Cloud] YouTube 사용자 가이드
  • [NHN Cloud] Dooray 사용자 가이드
  • NHN, AWS, Tencent, KT Cloud Calculator
  • [취업정보] 2022's Cloud Job Infomations
  • [NHN Cloud] 공식 블로그
  • [NHN Cloud] 공식 페이스북
  • [NHN Cloud] 공식 Youtube
  • [DataUs][NHN Cloud] 클라우드 입문자를 위한 보안 가이드
  • [KISA] 클라우드 취약점 점검 가이드
  • [KISA] 주요정보통신기반시설 기술적 취약점 분석ㆍ평가 방법 상세가이드
  • [KISA] NAS 보안 가이드라인
  • AI-NAS 오류코드 분석기
  • Docker 관리 UI Manager Tool
  • 빠른 개발을 위한 docker 활용법(5분 완성)
  • 시스템 별 도커(docker) 설치 방법
  • Docker Windows 컨테이너 실행 가이드
  • Lean Startup 을 위한 docker 사용법
  • Remote - Containers 를 사용한 Visual Studio Code 원격 개발 feat.Dockerfile
  • DockerFile 을 이용하여 나만의 Docker Image 만들기
  • DockerFile 을 이용하여 나만의 Docker Image [Tomcat+Jenkins] 만들기
  • Docker-Compose 를 이용하여 Yona 사용하기
  • Docker-Compse 를 이용하여 Rocket.Chat 사용하기
  • [DataUs] Open Data Quality - 공공데이터 품질 개선 도구 to GitHub
  • 베라크립트(VeraCrypt) 을 이용하여 암호화된 가상 디스크 만들기
  • 가비아 Apache SSL 보안인증서 to Tomcat SSL 보안인증서로 변경
  • NHN Cloud Guide Document
    • [NHN Cloud] 콘솔 보안 가이드
    • [NHN Cloud] 랜섬웨어 대응 가이드
    • [NHN Cloud] 컨테이너 보안 가이드
    • [NHN Cloud] 네트워크 보안 아키텍처
    • [NHN Cloud] 개인정보보호법 준수를 위한 개인정보 보호 조치
    • [NHN Cloud] 클라우드 보안 백서 신청 하기
  • Ransomware_Decryption_Tools
    • [KISA] 랜섬웨어 대응 가이드라인('23년 개정본)
    • [NoMoreRANSOM] 랜섬웨어 복구 프로그램 및 지원 사이트
    • [KISA] 랜섬웨어 복구도구 모음
  • 외부 링크
    • [외부 링크] 자료 모음 공유
    • [과학기술정보통신부][요약본] SW 공급망 보안 가이드라인
    • [KISA] 인터넷 브라우저를 더 안전하게!
    • 카카오엔터테인먼트 불법유통대응 3차백서
    • [KISA Insight 2023 Vol.03] ChatGPT(챗GPT) 보안 위협과 시사점
    • [이글루코퍼레이션/코스닥협회] Beginner를 위한 램섬웨어 예방 및 대응 가이드
    • [행정안전부·한국인터넷진흥원] 모바일 대민서비스 보안취약 점 점검 가이드
    • [SK쉴더스][보안 가이드] 2023 클라우드 보안 가이드 - AWS
    • [SK쉴더스][보안 가이드] 2023 클라우드 보안 가이드 - Azure
    • [SK쉴더스][보안 가이드] 2023 클라우드 보안 가이드 - GCP
    • [Microsoft-Ssecurity] 하이브리드 업무 환경을 위한 마이크로소프트의 보안 전략
    • [Microsoft-Ssecurity] 보안 담당자가 꼭 알아야 할 마이크로소프트 Zero Trust 전략편
    • [KISA] ISMS-P 인증기준 안내서(2023.11.23) [PDF]
    • [KISA] ISMS-P 인증기준 안내서 [PDF]
    • [KISA] ISMS-P 세부점검항목 공지(22.04.22) [xlsx]
    • [KISA] ISMS-P_인증제도_안내서(2021.7) [PDF]
    • [KISA] 정보보호_관리체계(ISMS)_인증제도_안내서(2017.04) [PDF]
    • [KISA] PIMS 인증제도 안내서(1권) - 제도운영편 [PDF]
    • [KISA] PIMS 인증제도 안내서(2권) - 인증기준편 [PDF]
    • [KISA] PIMS_인증기준_세부점검항목(2016.11.09) [xlsx]
    • [KT Cloud] KT Cloud 보안가이드
    • [과학기술정보통신부] 민간분야 주요정보통신기반시설 클라우드 이용 가이드라인
    • [nCloud] Naver Cloud Platform 보안가이드
    • [KT Cloud] KT Cloud 보안백서
    • [ADT캡스/Infosec] 클라우드보안가이드(컨테이너 보안)-Docker, Kubernetes
    • [ADT캡스/Infosec] 2021 클라우드 보안 가이드 GCP
    • [ADT캡스/Infosec] 2021 클라우드 보안 가이드 Azure
    • [ADT캡스/Infosec] 2021클라우드보안가이드 AWS
    • [KISA] 웹 에디터 보안 가이드
    • [NHN Cloud] NHN Cloud | On.1 2022 클라우드 트렌드
    • [NHN Cloud] NHN Cloud | On.2 Cloud by default, Cloud NATIVE by default
    • [NHN Cloud] NHN Cloud | On.3 Cloud, AI and Fashion
  • [KISA] 제로트러스트가이드라인
    • [KISA] 제로트러스트가이드
  • Naver Cloud Infomation
    • [nCloud] Ubuntu 20.04 불필요한 계정 삭제 방법
  • AWS References
    • AWS 아키텍처 센터
    • [PowerPoint용] AWS Icon
    • AWS Icons Asset Package
  • Best-Practices
    • 조직 및 운영 보안(OPS)
    • 시스템 보안 권장사항(SYSTEM)
    • 앱 보안 권장사항(APP)
    • 네트워크 보안 권장사항(NETWORK)
    • 하드웨어 보안 권장사항(HARDWARE)
    • 개인정보 보호/보안 권장사항(PRIVAY)
  • 기타정보
    • 피싱 사이트 확인 하는 방법
    • [KISA] 보이스피싱 대응 방법
    • 해킹 IP 공유
    • [KISA] 공동주택 홈네트워크 시스템 보안관리 안내서
    • [개인정보보호위원회] 가명정보 처리 가이드라인(2022.4.)
    • [개인정보보호위원회] 가명정보 활용 우수사례집
    • [금융감독원/DAXA] 가상자산 연계 투자사기 사례 7선
  • GitHub-Infomations
    • NHN-Github
    • Naver-Github
    • Kakao-Github
    • Samsung-Github
    • LG_Electronics-Github
    • SKTelecom-Github
    • FaceBook-Github
    • Google-Github
    • Microsoft-Github
    • Amazon-Github
  • Killing-Time
    • [클래스101] 23년 무료 취미테스트
    • 해커스잡 NCS&인적성 무료레벨테스트
    • 해커스토플 무료레벨테스트
    • 해커스중국어 무료레벨테스트
    • 탑툰-선생님의 노력[19금]
    • 탑툰-마니또[19금]
    • 탑툰-보스의 딸[19금]
    • 무툰 도시정벌9부
    • 탑툰 취화점
    • 무툰 열혈강호
    • 무툰 요쿠르트 아줌마[19금]
    • 탑툰-엄마야 누나야[19금]
    • 탑툰-내 맘대로 장모님[19금]
    • 탑툰-치킨클럽[19금]
    • 탑툰-여동생이랑 비밀 레슨[19금]
    • 탑툰-뺏는 남자[19금]
    • 무툰 최면으로 그녀들을 함락시키는 법[19금]
    • 무툰 그 남자의 공부법[19금]
    • 무툰 모비딕[19금]
    • 무툰 건물주 누나[19금]
    • 탑툰-나의 일러레님[19금]
    • 무툰 구멍가게 구멍열었습니다[19금]
    • 무툰 치한중독[19금]
  • TIPS
    • 소상공인지식배움터(Feat. 교보문고 무료 대여)
    • 노트북 AS 기간 확인 하기
    • AI Support Tools
    • AI ChatGPT Prompt Study
  • BOOKS
    • [쿠팡] [영진닷컴]그림으로 배우는 클라우드 2nd Edition
    • [쿠팡]그림으로 배우는 클라우드 인프라와 API의 구조
    • [쿠팡] 한눈에 보는 실전 클라우드 프로젝트:클라우드 기본과 프로세스 아키텍처 설계와 구현 보안 데브옵스까지 실증
    • [쿠팡] 아마존 웹 서비스 AWS Discovery Book:클라우드 서비스 개념을 이해하고 직접 구성해보기
    • [쿠팡] 클라우드 환경에서의 데브옵스 보안:안전한 클라우드 서비스를 위한 보안 기법과 데브옵스 실천법
    • [쿠팡] 쿠버네티스 쿡북:클라우드 네이티브 애플리케이션 구축
    • [쿠팡] 클라우드 엔지니어를 위한 97가지 조언 : 클라우드 엔지니어 86명의 통찰과 지식을 담은 현실적인 이야기
    • [쿠팡] 멀티 클라우드로의 전환:알맞은 멀티 클라우드 솔루션 찾아보기
    • [쿠팡] 클라우드 AWS 자격증으로 시작하기
  • Hobby
    • [Youtube] succulent
      • [Youtube] 다육이 키우는 중. #6
      • [Youtube] 다육이 키우는 중. #5
      • [Youtube] 다육이 키우는 중. #4
      • [Youtube] 다육이 키우는 중. #3
      • [Youtube] 다육이 키우는 중. #2
      • [Youtube] 다육이 키우는 중. #1
  • 심심할때 보는 기사
    • Enjoy News
  • TEST-1 Page
  • TEST Page
  • World_ip_addr
    • 2024 Year IP Addr List
    • 2023 Year IP Addr List
  • Startup Infomation
    • Startup 정보 공유
  • Security Collections
Powered by GitBook
On this page
  • 1. Kubebox
  • 1.1 Kubebox Features
  • 1.2 Kubebox Terminal Console Install
  • 1.3 Kubebox Web Console Install
  • 1.4 Kubebox Development
  • 1.5 Kubebox Hotkeys
  • 1.6 Authentication
  • 1.7 cAdvisor
  • 1.8 FAQ
  • 1.9 출처 : https://github.com/astefanutti/kubebox
  • 2. Kubernetes Operational View
  • 2.1 Kubernetes Operational View Install
  • 2.2 Kubernetes Operational View 실행 화면
  • 2.3 Development & Building
  • 2.4 Multiple Clusters
  • 2.5 Configuration
  • 2.6 Supported Browsers
  • 2.7 License
  • 2.8 출처 : https://codeberg.org/hjacobs/kube-ops-view
  • 3. NHN Kubernetes Service(NKS) DashBoard
  • 3.1 NHN Kubernetes Service(NKS) DashBoard Install
  • 3.2 NHN Kubernetes Service(NKS) DashBoard 접속 확인
  • 3.3 출처 : https://docs.toast.com/ko/Container/Kubernetes/ko/user-guide/
  • 4. WeaveScope
  • 4.1 WeaveScope Install
  • 4.2 WeaveScope 크롬 접속 확인
  • 4.3 License
  • 4.4 출처 : https://www.weave.works/oss/scope/ , https://github.com/weaveworks/scope

Was this helpful?

[NHN Cloud] NHN Kubernetes Service(NKS) 관리용 OpenSource 설치 방법

[DataUs] NHN Kubernetes Service(NKS) 관리용 OpenSource 설치 방법

Last updated 3 years ago

Was this helpful?

2022년 NHN Cloud 무료 교육일정 :

NHN Cloud 사용자 가이드 :

2022년 NHN Cloud 행사/프로모션 정보 공유 :

1. Kubebox

Kubernetes 용 터미널 과 웹 콘솔을 제공하는 Kubebox 입니다.

1.1 Kubebox Features

  • ✓ Configuration from kubeconfig files (KUBECONFIG environment variable or $HOME/.kube)

  • ✓ Switch contexts interactively

  • ✓ (bearer token, basic auth, private key / cert, OAuth, OpenID Connect, Amazon EKS, Google Kubernetes Engine, Digital Ocean)

  • ✓ Namespace selection and pods list watching

  • ✓ Container log scrolling / watching

  • ✓ Container resources usage (memory, CPU, network, file system charts) []

  • ✓ Container remote exec terminal

  • ✓ Cluster, namespace, pod events

  • ❏ Object configuration editor and CRUD operations

  • ❏ Cluster and nodes views / monitoring

1.2 Kubebox Terminal Console Install

1.2.1 Kubebox Install

원격 접속 후 터미널로 실행이 가능하며 이를 권장 함.

Ubuntu 20.04 에 Kubebox 설치 및 실행
# Kubebox 파일 다운로드 및 실행 권한 
$ curl -Lo kubebox https://github.com/astefanutti/kubebox/releases/download/v0.9.0/kubebox-linux && chmod +x kubebox
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100   619  100   619    0     0   2292      0 --:--:-- --:--:-- --:--:--  2284
100 11.8M  100 11.8M    0     0  5401k      0  0:00:02  0:00:02 --:--:-- 10.1M

# /usr/local/bin 폴더로 이동
$ sudo mv kubebox /usr/local/bin/

# Resources(Memory/Cpu/Net/FS) 를 보기 위해 cadvisor.yaml 실행   
$ kubectl apply -f https://raw.github.com/astefanutti/kubebox/master/cadvisor.yaml
namespace/cadvisor created
serviceaccount/cadvisor created
podsecuritypolicy.policy/cadvisor unchanged
clusterrole.rbac.authorization.k8s.io/cadvisor unchanged
clusterrolebinding.rbac.authorization.k8s.io/cadvisor unchanged
daemonset.apps/cadvisor created

# 실행  
$ kubebox

1.2.2 Kubebox Terminal Console 실행 화면

1.2.3 Kubebox Download & Executable

Download the Kubebox standalone executable for your OS:

# Linux (x86_64)
$ curl -Lo kubebox https://github.com/astefanutti/kubebox/releases/download/v0.9.0/kubebox-linux && chmod +x kubebox

# Linux (ARMv7)
$ curl -Lo kubebox https://github.com/astefanutti/kubebox/releases/download/v0.9.0/kubebox-linux-arm && chmod +x kubebox

# OSX
$ curl -Lo kubebox https://github.com/astefanutti/kubebox/releases/download/v0.9.0/kubebox-macos && chmod +x kubebox

# Windows
$ curl -Lo kubebox.exe https://github.com/astefanutti/kubebox/releases/download/v0.9.0/kubebox-windows.exe

1.3 Kubebox Web Console Install

Kubebox Web Console 접속 할 때 비밀번호 없이 접속이 가능하며 이를 제한 하여야 함.

Kubebox Web Console 실행 방법 # 웹 콘솔 접속 시 ID/Pass 없으며 웹 쉘의 IP 접근 제한을 하여야 함.
# Kubebox pod 실행    
$ kubectl apply -f https://raw.github.com/astefanutti/kubebox/master/kubernetes.yaml                                                                                                                                   x/master/kubernetes.yaml
namespace/kubebox created
service/kubebox created
ingress.networking.k8s.io/kubebox created
deployment.apps/kubebox created
serviceaccount/kubebox created
clusterrolebinding.rbac.authorization.k8s.io/kubebox created
clusterrole.rbac.authorization.k8s.io/kubebox created

# Resources(Memory/Cpu/Net/FS) 를 보기 위해 cadvisor.yaml 실행  
$ kubectl apply -f https://raw.github.com/astefanutti/kubebox/master/cadvisor.yaml
namespace/cadvisor created
serviceaccount/cadvisor created
podsecuritypolicy.policy/cadvisor unchanged
clusterrole.rbac.authorization.k8s.io/cadvisor unchanged
clusterrolebinding.rbac.authorization.k8s.io/cadvisor unchanged
daemonset.apps/cadvisor created

# Kubebox pod 정보 확인     
$ kubectl get pod --namespace kubebox -o wide
NAME                     READY   STATUS    RESTARTS   AGE    IP           NODE                                      NOMINATED NODE   READINESS GATES
kubebox-8c8b4b7b-wh4dv   1/1     Running   0          100s   10.100.2.5   kube-test-default-w-ely36nnk7fog-node-1   <none>           <none>

# Kubebox Service 확인     
$ kubectl get svc --all-namespaces
NAMESPACE     NAME                        TYPE        CLUSTER-IP       EXTERNAL-IP   PORT(S)                  AGE
default       kubernetes                  ClusterIP   10.254.0.1       <none>        443/TCP                  33m
kube-system   dashboard-metrics-scraper   ClusterIP   10.254.190.192   <none>        8000/TCP                 33m
kube-system   kube-dns                    ClusterIP   10.254.0.10      <none>        53/UDP,53/TCP,9153/TCP   33m
kube-system   kubernetes-dashboard        ClusterIP   10.254.169.196   <none>        443/TCP                  33m
kube-system   metrics-server              ClusterIP   10.254.232.10    <none>        443/TCP                  33m
kubebox       kubebox                     ClusterIP   10.254.236.84    <none>        8080/TCP                 6m31s

# Kubebox LoadBalancer 등록    
$ kubectl -n kubebox  patch svc/kubebox  -p '{"spec":{"type":"LoadBalancer"}}'
service/kubebox patched

# Kubebox service 
$ kubectl get svc --all-namespaces
NAMESPACE     NAME                        TYPE           CLUSTER-IP       EXTERNAL-IP       PORT(S)                  AGE
default       kubernetes                  ClusterIP      10.254.0.1       <none>            443/TCP                  36m
kube-system   dashboard-metrics-scraper   ClusterIP      10.254.190.192   <none>            8000/TCP                 35m
kube-system   kube-dns                    ClusterIP      10.254.0.10      <none>            53/UDP,53/TCP,9153/TCP   35m
kube-system   kubernetes-dashboard        ClusterIP      10.254.169.196   <none>            443/TCP                  35m
kube-system   metrics-server              ClusterIP      10.254.232.10    <none>            443/TCP                  35m
kubebox       kubebox                     LoadBalancer   10.254.236.84    133.186.155.190   8080:30130/TCP           8m55s

# cadvisor namespace 삭제    
$ kubectl delete namespace cadvisor
namespace "cadvisor" deleted

# Kubebox namespace 삭제 
$ kubectl delete namespace kubebox
namespace "kubebox" deleted

1.3.1 Kubebox Web Console 실행 화면

1.4 Kubebox Development

$ git clone https://github.com/astefanutti/kubebox.git
$ cd kubebox
$ npm install
$ node index.js

1.5 Kubebox Hotkeys

Keybinding

Description

General

l, Ctrl+l

Login

n

Change current namespace

[Shift+]←, →

[Alt+]1, …​, 9

Navigate screens (use Shift or Alt inside exec terminal)

Tab, Shift+Tab

Change focus within the active screen

↑, ↓

Navigate list / form / log

PgUp, PgDn

Move one page up / down

Enter

Select item / submit form

Esc

Close modal window / cancel form

Ctrl+z

Close current screen

q, Ctrl+q

Login

←, →

Navigate Kube configurations

Pods

Enter

Select pod / cycle containers

r

Remote shell into container

m

Memory usage

c

CPU usage

t

Network usage

f

File system usage

e

Pod events

Shift+e

Namespace events

Ctrl+e

Cluster events

1.6 Authentication

We try to support the various authentication strategies supported by kubectl, in order to provide seamless integration with your local setup. Here are the different authentication strategies we support, depending on how you’re using Kubebox:

Executable

Docker

Online

OpenID Connect

✔️

✔️

Amazon EKS

✔️

Digital Ocean

✔️

Google Kubernetes Engine

✔️

If the mode you’re using isn’t supported, you can refresh the authentication token/certs manually and update your kubeconfig file accordingly.

1.7 cAdvisor

$ kubectl apply -f https://raw.github.com/astefanutti/kubebox/master/cadvisor.yaml

You can change the default --storage_duration and --housekeeping_interval options, added to the cAdvisor container arguments declared in the cadvisor.yaml file, to adjust the duration of the storage moving window (default to 5m0s), and the sampling period (default to 10s) respectively. You may also have to provide the path of your cluster container runtime socket, in case it’s not following the usual convention.

1.8 FAQ

  • Resources usage metrics are unavailable!

    • The metrics are retrieved from the REST API, of the cAdvisor pod running on the same node as the container for which the metrics are being requested. That REST API is accessed via the API server proxy, which requires proper RBAC permission, e.g.:

      # Permission to list the cAdvisor pods (selected using the `spec.nodeName` field selector)
      $ kubectl auth can-i list pods -n cadvisor
      yes
      # Permission to proxy the selected cAdvisor pod, to call its REST API
      $ kubectl auth can-i get pod --subresource proxy -n cadvisor
      yes

2. Kubernetes Operational View

Kubernetes Operational View?

Goal: provide a common operational picture for multiple Kubernetes clusters.

  • Render nodes and indicate their overall status ("Ready")

  • Show node capacity and resource usage (CPU, memory)

    • Render one "box" per CPU and fill up to sum of pod CPU requests/usage

    • Render vertical bar for total memory and fill up to sum of pod memory requests/usage

  • Render individual pods

    • Indicate pod status by border line color (green: ready/running, yellow: pending, red: error etc)

    • Show current CPU/memory usage (gathered from Heapster) by small vertical bars

    • System pods ("kube-system" namespace) will be grouped together at the bottom

  • Provide tooltip information for nodes and pods

  • Animate pod creation and termination

What it is not:

  • It's not a monitoring solution. Use your preferred monitoring system to alert on production issues.

  • It's not a operation management tool. Kubernetes Operational View does not allow interacting with the actual cluster.

2.1 Kubernetes Operational View Install

Kubernetes Operational View 다운로드 및 실행 방법
# Kubernetes Operational View 소스 파일 다운로드    
$ git clone https://codeberg.org/hjacobs/kube-ops-view.git
Cloning into 'kube-ops-view'...
remote: Enumerating objects: 1970, done.
remote: Counting objects: 100% (1970/1970), done.
remote: Compressing objects: 100% (766/766), done.
remote: Total 1970 (delta 1340), reused 1702 (delta 1162), pack-reused 0
Receiving objects: 100% (1970/1970), 1.11 MiB | 825.00 KiB/s, done.
Resolving deltas: 100% (1340/1340), done.

# 소스 파일 다운로드 
$ ls
kube-ops-view

# deploy 폴더에 yaml 파일 확인    
$ cd kube-ops-view/deploy/
$ ls
deployment.yaml  kustomization.yaml  rbac.yaml  redis-deployment.yaml  redis-service.yaml  service.yaml

# service.yaml 파일에 LoadBalancer IP 할당   
$ vi service.yaml
type: ClusterIP  ==> type: LoadBalancer

# Kubernetes Operational View Service 실행    
$ kubectl apply -k .
serviceaccount/kube-ops-view created
clusterrole.rbac.authorization.k8s.io/kube-ops-view created
clusterrolebinding.rbac.authorization.k8s.io/kube-ops-view created
service/kube-ops-view-redis created
service/kube-ops-view created
deployment.apps/kube-ops-view-redis created
deployment.apps/kube-ops-view created

# Kubernetes Operational View Service 실행 확인         
$ kubectl get svc --all-namespaces
NAMESPACE     NAME                        TYPE           CLUSTER-IP       EXTERNAL-IP      PORT(S)                  AGE
default       kube-ops-view               LoadBalancer   10.254.81.99     133.186.244.48   80:31174/TCP             75s
default       kube-ops-view-redis         ClusterIP      10.254.60.234    <none>           6379/TCP                 109s
default       kubernetes                  ClusterIP      10.254.0.1       <none>           443/TCP                  3h18m
kube-system   dashboard-metrics-scraper   ClusterIP      10.254.190.192   <none>           8000/TCP                 3h18m
kube-system   kube-dns                    ClusterIP      10.254.0.10      <none>           53/UDP,53/TCP,9153/TCP   3h18m
kube-system   kubernetes-dashboard        ClusterIP      10.254.169.196   <none>           443/TCP                  3h18m
kube-system   metrics-server              ClusterIP      10.254.232.10    <none>           443/TCP                  3h18m

# Kubernetes Operational View Service 중지         
$ kubectl delete -k .
serviceaccount "kube-ops-view" deleted
clusterrole.rbac.authorization.k8s.io "kube-ops-view" deleted
clusterrolebinding.rbac.authorization.k8s.io "kube-ops-view" deleted
service "kube-ops-view-redis" deleted
service "kube-ops-view" deleted
deployment.apps "kube-ops-view-redis" deleted
deployment.apps "kube-ops-view" deleted

2.2 Kubernetes Operational View 실행 화면

2.2.1 실행 화면

2.2.2 Pod Mouse Point over

2.2.3 화면 크게 하기

http://ServiceIP/#scale=2.0 로 화면 크기를 늘림.

2.3 Development & Building

2.3.1 Development

The app can be started in "mock mode" to work on UI features without running any Kubernetes cluster:

$ pipenv install && pipenv shell
$ (cd app && npm start &)  # watch and compile JS bundle
$ python3 -m kube_ops_view --mock --debug

2.3.2 Building

The provided Makefile will generate a Docker image by default:

$ make

2.4 Multiple Clusters

Multiple clusters are supported by passing a list of API servers, reading a kubeconfig file or pointing to an HTTP Cluster Registry endpoint.

2.5 Configuration

The following environment variables are supported:AUTHORIZE_URL

Optional OAuth 2 authorization endpoint URL for protecting the UI.ACCESS_TOKEN_URL

Optional token endpoint URL for the OAuth 2 Authorization Code Grant flow.SCOPE

Optional scope specifies level of access that the application is requesting.CLUSTERS

Comma separated list of Kubernetes API server URLs. It defaults to http://localhost:8001/ (default endpoint of kubectl proxy).CLUSTER_REGISTRY_URL

URL to cluster registry returning list of Kubernetes clusters.CREDENTIALS_DIR

Directory to read (OAuth) credentials from --- these credentials are only used for non-localhost cluster URLs.DEBUG

Set to "true" for local development to reload code changes.KUBECONFIG_PATH

Path to kubeconfig file to use for cluster access.KUBECONFIG_CONTEXTS

Comma separated list of contexts to use when reading the kubeconfig file from KUBECONFIG_PATH.MOCK

Set to "true" to mock Kubernetes cluster data.QUERY_INTERVAL

Interval in seconds for querying clusters (default: 5). Each cluster will at most queried once per configured interval.REDIS_URL

Optional Redis server to use for pub/sub events and job locking when running more than one replica. Example: redis://my-redis:6379SERVER_PORT

HTTP port to listen on. It defaults to 8080.NODE_LINK_URL_TEMPLATE

The URL prefix under which kube-ops-view is externally reachable (for example, if kube-ops-view is served via a reverse proxy). Used for generating relative and absolute links back to kube-ops-view itself. If the URL has a path portion, it will be used to prefix all HTTP endpoints served by kube-ops-view. If omitted, relevant URL components will be derived automatically.

2.6 Supported Browsers

The UI uses WebGL, ECMAScript 6, and EventSource features. The following browsers are known to work:

  • Chrome/Chromium 53.0+

  • Mozilla Firefox 49.0+

2.7 License

This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

3. NHN Kubernetes Service(NKS) DashBoard

3.1 NHN Kubernetes Service(NKS) DashBoard Install

Manager 서버에서 아래의 쉘(nhn_cloud_dash.sh) 파일을 이용하여 실행 하면 대시보드에 접속이 가능합니다.

nhn_cloud_dash.sh
#/bin/bash

kubectl get svc kubernetes-dashboard -n kube-system
kubectl -n kube-system patch svc/kubernetes-dashboard -p '{"spec":{"type":"LoadBalancer"}}'
kubectl get svc -n kube-system
kubectl --kubeconfig=$KUBE_CONFIG -n kube-system describe secret $(kubectl --kubeconfig=$KUBE_CONFIG -n kube-system get secret | awk '/^kubernetes-dashboard-token/{print $1}') | awk '$1=="token:"{print $2}'
nhn_cloud_dash.sh
# nhn_cloud_dash.sh 실행 권한 부여    
ubuntu@kube-manager:~$ chmod +x nhn_cloud_dash.sh

# nhn_cloud_dash.sh 파일 실행     
ubuntu@kube-manager:~$ ./nhn_cloud_dash.sh
NAME                   TYPE           CLUSTER-IP    EXTERNAL-IP       PORT(S)         AGE
kubernetes-dashboard   LoadBalancer   10.254.34.9   133.186.144.217   443:30826/TCP   4h10m
service/kubernetes-dashboard patched

# kube-system namespace 서비스 목록 확인
NAME                        TYPE           CLUSTER-IP       EXTERNAL-IP       PORT(S)                  AGE
dashboard-metrics-scraper   ClusterIP      10.254.201.131   <none>            8000/TCP                 4h10m
kube-dns                    ClusterIP      10.254.0.10      <none>            53/UDP,53/TCP,9153/TCP   4h10m
kubernetes-dashboard        LoadBalancer   10.254.34.9      133.186.144.217   443:30826/TCP            4h10m
metrics-server              ClusterIP      10.254.103.255   <none>            443/TCP                  4h10m

# 대시 보드 토큰 값(로그인 토큰)      
eyJhbGciOiJSUzI1NiIsImtpZCI6IkhPSzNnRnVibWpkOHRUXzdKVUxHZDJNV3V1Z0VHRksybnJrOWhScDVaOGcifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlLXN5c3RlbSIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJrdWJlcm5ldGVzLWRhc2hib2FyZC10b2tlbi1icmJmaCIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50Lm5hbWUiOiJrdWJlcm5ldGVzLWRhc2hib2FyZCIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50LnVpZCI6IjVjYzIzZGU2LWM4NzUtNDZmNS1iYTViLTY3OGVjOTQyODE5OSIsInN1YiI6InN5c3RlbTpzZXJ2aWNlYWNjb3VudDprdWJlLXN5c3RlbTprdWJlcm5ldGVz5-xEtugE6I5SEwoI7zhFDqYw_PJNoKhxTXXjt4DjhCumyBdPsxSHgwyeeQEqQ1KimIOQ4wSsiB1APyf8dflRF9k0I7snTBxHlDpEs9mVlhZDacV52yDBgAcomP5QwQn8ZUSuZqF-ptjuz-CXHB8IPwRLs32Qqnbf7ZB4DTU7fBc_NzCgnx_2t3bJQhNdDH89U6HxdgKsplqEQT1q0hZFNszpdtJUGF2jiXyoYLxKvZqO4ALJi_-03yziIZE4VG7IHHN81-Uf4ovGOK9dFxg28rDgDWTztZ8gcFZgDJi0c6IeyjQCE1ZZFJ81Wu8QFzmlQj_g

3.2 NHN Kubernetes Service(NKS) DashBoard 접속 확인

크롬을 이용하여 https://133.186.219.13 으로 접속 접속아이피는 설정에 따라 변함

접속 할 때 토큰 정보를 입력 하여 로그인

정상적으로 로그인 후 다양한 정보를 확인 할 수 있습니다.

4. WeaveScope

Weave Scope automatically generates a map of your application, enabling you to intuitively understand, monitor, and control your containerized, microservices-based application.

Ensure your computer is behind a firewall that blocks.

Understand your Docker containers in real time

Choose an overview of your container infrastructure, or focus on a specific microservice. Easily identify and correct issues to ensure the stability and performance of your containerized applications.

Contextual details and deep linking

View contextual metrics, tags, and metadata for your containers. Effortlessly navigate between processes inside your container to hosts your containers run on, arranged in expandable, sortable tables. Easily find the container using the most CPU or memory for a given host or service.

Interact with and manage containers

Interact with your containers directly: pause, restart, and stop containers. Launch a command line. All without leaving the scope browser window.

Extend and customize via plugins

4.1 WeaveScope Install

Manager 서버에서 쉘(nhn_cloud_weavescope.sh) 파일을 이용하여 실행 하면 Weavescope 의 웹 페이지에 접속이 가능합니다.

nhn_cloud_weavescope.sh
#/bin/bash

kubectl get pod --all-namespaces
kubectl get services --all-namespaces
kubectl apply -f 'https://cloud.weave.works/launch/k8s/weavescope.yaml'
kubectl -n weave patch svc/weave-scope-app -p '{"spec":{"type":"LoadBalancer"}}'
kubectl get services --all-namespaces
nhn_cloud_weavescope.sh
# nhn_cloud_weavescope.sh 실행 권한 부여    
ubuntu@kube-manager:~$ chmod +x nhn_cloud_weavescope.sh

# nhn_cloud_weavescope.sh 실행     
ubuntu@kube-manager:~$ ./nhn_cloud_weavescope.sh

# 전체 namespace Pod 목록 확인     
NAMESPACE     NAME                                                 READY   STATUS    RESTARTS   AGE
default       echo-799bdfb445-jnkqb                                1/1     Running   0          127m
kube-system   cluster-autoscaler-default-worker-796888b878-c22v7   1/1     Running   0          4h27m
kube-system   coredns-69785fddb8-rqmm8                             1/1     Running   0          4h28m
kube-system   coredns-69785fddb8-xtfkt                             1/1     Running   0          4h28m
kube-system   dashboard-metrics-scraper-c79c65bb7-qpplj            1/1     Running   0          4h28m
kube-system   kube-dns-autoscaler-5bfb4969c6-qwx6d                 1/1     Running   0          4h28m
kube-system   kube-flannel-ds-amd64-2t9h2                          1/1     Running   0          4h24m
kube-system   kubernetes-dashboard-7fccd7c66d-dzxwp                1/1     Running   0          4h28m
kube-system   metrics-server-7bcdd8974c-hn4h8                      1/1     Running   0          4h28m
kube-system   npd-7hzrv                                            1/1     Running   0          4h23m

# 전체 namespace 서비스 목록 확인     
NAMESPACE     NAME                        TYPE           CLUSTER-IP       EXTERNAL-IP       PORT(S)                  AGE
default       kubernetes                  ClusterIP      10.254.0.1       <none>            443/TCP                  4h28m
kube-system   dashboard-metrics-scraper   ClusterIP      10.254.201.131   <none>            8000/TCP                 4h28m
kube-system   kube-dns                    ClusterIP      10.254.0.10      <none>            53/UDP,53/TCP,9153/TCP   4h28m
kube-system   kubernetes-dashboard        LoadBalancer   10.254.34.9      133.186.144.217   443:30826/TCP            4h28m
kube-system   metrics-server              ClusterIP      10.254.103.255   <none>            443/TCP                  4h28m

# weavescope 서비스 실행    
namespace/weave created
serviceaccount/weave-scope created
clusterrole.rbac.authorization.k8s.io/weave-scope configured
clusterrolebinding.rbac.authorization.k8s.io/weave-scope configured
deployment.apps/weave-scope-app created
service/weave-scope-app created
deployment.apps/weave-scope-cluster-agent created
daemonset.apps/weave-scope-agent created

# type 을 LoadBalancer 로 변경     
service/weave-scope-app patched

# EXTERNAL-IP 에서 공인 IP 획득       
NAMESPACE     NAME                        TYPE           CLUSTER-IP       EXTERNAL-IP       PORT(S)                  AGE
default       kubernetes                  ClusterIP      10.254.0.1       <none>            443/TCP                  4h28m
kube-system   dashboard-metrics-scraper   ClusterIP      10.254.201.131   <none>            8000/TCP                 4h28m
kube-system   kube-dns                    ClusterIP      10.254.0.10      <none>            53/UDP,53/TCP,9153/TCP   4h28m
kube-system   kubernetes-dashboard        LoadBalancer   10.254.34.9      133.186.144.217   443:30826/TCP            4h28m
kube-system   metrics-server              ClusterIP      10.254.103.255   <none>            443/TCP                  4h28m
weave         weave-scope-app             LoadBalancer   10.254.226.22    133.186.159.43    80:32541/TCP             1s

4.2 WeaveScope 크롬 접속 확인

4.3 License

Exit []

✔️[]

Kubebox relies on to retrieve the resource usage metrics. Before version 0.8.0, Kubebox used to access the cAdvisor endpoints, that are embedded in the Kubelet. However, these endpoints are being deprecated, and will eventually be removed, as discussed in .

Starting version 0.8.0, Kubebox expects cAdvisor to be deployed as a . This can be achieved with:

It’s recommended to use the provided cadvisor.yaml file, that’s tested to work with Kubebox. However, the DaemonSet example, from the project, should also work just fine. Note that the cAdvisor containers must run with a privileged security context, so that they can access the container runtime on each node.

Starting version 0.8.0, Kubebox expects to be deployed as a DaemonSet. See the section for more details;

1.9 출처 :

It's not a replacement for the . The Kubernetes Dashboard is a general purpose UI which allows managing applications.

See the for details.

Template to make Nodes clickable, e.g. can point to . {cluster} (cluster ID) and {name} (Node name) will be replaced in the URL template.POD_LINK_URL_TEMPLATE

Template to make Pods clickable, e.g. can point to . {cluster} (cluster ID), {namespace} (Pod's namespace), and {name} (Pod name) will be replaced in the URL template.ROUTE_PREFIX

See the for details on supported browser versions.

You should have received a copy of the GNU General Public License along with this program. If not, see .

2.8 출처 :

NHN Kubernetes Service(NKS) 는 기본 웹 UI 대시보드(dashboard)를 제공합니다. Kubernetes 대시보드에 대한 자세한 내용은 문서를 참고하세요.

3.3 출처 :

Add custom details or interactions for your hosts, containers, and/or processes by creating Scope plugins. Or, just choose from some that others have already written at the GitHub organization.

Scope is licensed under the Apache License, Version 2.0. See for the full license text. Find more details about the licenses of vendored code in .

4.4 출처 : ,

2022년 NHN Cloud 무료 교육일정 :

NHN Cloud 사용자 가이드 :

2022년 NHN Cloud 행사/프로모션 정보 공유 :

https://doc.skill.or.kr/2022-NHN-Cloud-Education
https://doc.skill.or.kr/nhn-cloud-user-guide
https://doc.skill.or.kr/2022-NHN-Cloud-Event-Promotion
Authentication support
1
cAdvisor
kubernetes#68522
DaemonSet
cAdvisor
cAdvisor
cAdvisor
https://github.com/astefanutti/kubebox
Kubernetes Dashboard
documentation on multiple clusters
kube-web-view
kube-web-view
ECMAScript 6 Compatibility Table
http://www.gnu.org/licenses/
https://codeberg.org/hjacobs/kube-ops-view
웹 UI (대시보드)
https://docs.toast.com/ko/Container/Kubernetes/ko/user-guide/
Weaveworks Scope Plugins
LICENSE
VENDORED_CODE.md
https://www.weave.works/oss/scope/
https://github.com/weaveworks/scope
https://doc.skill.or.kr/2022-NHN-Cloud-Education
https://doc.skill.or.kr/nhn-cloud-user-guide
https://doc.skill.or.kr/2022-NHN-Cloud-Event-Promotion
3
2
398B
nhn_cloud_dash.sh
279B
nhn_cloud_weavescope.sh
그림. Kubebox Terminal Console 접속 화면
그림. Kubebox 접속 후 pod 로그 및 Resources 현황
그림. Kubebox 접속 후 pod 로 원격 쉘 접근 화면
그림. Kubebox 접속 후 Pod 의 Events Cluster 의 상세 로그 현황
그림. Kubebox Web Console 접속 화면
그림. Kubebox 접속 후 pod 로그 및 Resources 현황
그림. Kubebox 접속 후 pod 로 원격 쉘 접근 화면
그림. Kubebox 접속 후 Pod 의 Events Cluster 의 상세 로그 현황
그림. Kubernetes 대시 보드 접속 확인
그림. Kubenetes 의 다양한 정보 확인
Focus on a single container
Launch a command line.
Map you architecture