[k8s]k8s-web-terminal配置使用 & etcdui etcd browser配置 & etcdkeeper3配置
安装kube-dns后,我想看看他是怎么个配置,于是我就找到了这个参考:
https://github.com/beyondblog/k8s-web-terminal
https://images2017.cnblogs.com/blog/806469/201711/806469-20171123115105274-20738837.png
cat >> /etc/docker/daemon.json <<EOF
{
"registry-mirrors": ["https://registry.docker-cn.com"],
"hosts": [
"tcp://0.0.0.0:2375",
"unix:///var/run/docker.sock"
]
}
EOF
docker run \ --name k8s-web-terminal \
-d -p 8088:8088 \
-e K8S_API=http://KUBERNET_API_HOST:8080 \
beyondblog/k8s-web-terminal
缺点:
[*]不支持授权,类似rbac这种,所有人都能看到所有容器.
etcd browser配置-支持etcdv2
注:用火狐浏览器
https://images2017.cnblogs.com/blog/806469/201711/806469-20171123121057196-617527099.png
参考:
https://github.com/henszey/etcd-browser/tree/ff499a9e9e1e8e5936436c0d7672c504c90381b2
docker run --rm --name etcd-browser -p 0.0.0.0:8000:8000 --env ETCD_HOST=192.168.14.132 --env ETCD_PORT=2379 --env AUTH_PASS=doe -t -i buddho/etcd-browser
运行在后台: 注意端口注意etcdip
docker run --name etcd-browser -p 0.0.0.0:8000:8000 --env ETCD_HOST=192.168.2.11 --env ETCD_PORT=2379 --env AUTH_PASS=doe -itd buddho/etcd-browser
etcdkeeper3支持v2支持v3
注:v2存进去的东西v3看不到,在研究k8s时候,k8s默认v3存储的数据,我用etcdctl ls没看到,只看到了flanel.后来发现v3这玩意....
参考: https://github.com/evildecay/etcdkeeper/blob/master/Dockerfile
https://hub.docker.com/r/jim3ma/etcdkeeper3/
https://jimmysong.io/kubernetes-handbook/guide/using-etcdctl-to-access-kubernetes-data.html
https://images2017.cnblogs.com/blog/806469/201711/806469-20171123143544711-170787298.png
docker run -d -p 8080:8080 jim3ma/etcdkeeper3:latest
[*]需要在命令前加上ETCDCTL_API=3这个环境变量才能看到kuberentes在etcd中保存的数据。
ETCDCTL_API=3 etcdctl get /registry/namespaces/default -w=json|python -m json.tool
[*]使用--prefix可以看到所有的子目录,如查看集群中的namespace:
ETCDCTL_API=3 etcdctl get /registry/namespaces --prefix -w=json|python -m json.tool
[*]key的值是经过base64编码
$ echo L3JlZ2lzdHJ5L25hbWVzcGFjZXMvYXV0b21vZGVs|base64 -d
/registry/namespaces/automodel
使用shell从etcd获取namespace,结合etcdkeeper3看key.
参考:
https://jimmysong.io/kubernetes-handbook/guide/using-etcdctl-to-access-kubernetes-data.html
$ cat registry.sh
#!/bin/bash
set -ue
clear
registry=`ETCDCTL_API=3 etcdctl get /registry/namespaces --prefix -w=json|python -m json.tool|grep key|awk -F":" '{ print $2 }'|tr "," " "`
for i in $registry;do
echo $i|sed "s#\"##g"|base64 -d
echo
done
$ sh registry.sh
/registry/namespaces/default
/registry/namespaces/kube-public
/registry/namespaces/kube-system
key是base64转码的,value使用base64解码有问题.是乱码.
页:
[1]