4.6. 在受限网络中使用远程健康报告
您可以手动收集和上传 Insights Operator 存档,以便从受限网络中诊断问题。 要在受限网络中使用 Insights Operator,您必须: 创建 Insights Operator 归档的副本。 将 Insights Operator 存档上传到 console.redhat.com 。 另外,您可以选择在上传前 模糊处理 Insights Operator 数据。
4.6.1. 运行 Insights Operator 收集操作
您必须运行收集操作来创建 Insights Operator 存档。
以
cluster-admin
用户身份登录 OpenShift Container Platform。
使用此模板创建名为
gather-job.yaml
的文件:
apiVersion: batch/v1 kind: Job metadata: name: insights-operator-job annotations: config.openshift.io/inject-proxy: insights-operator spec: backoffLimit: 6 ttlSecondsAfterFinished: 600 template: spec: restartPolicy: OnFailure serviceAccountName: operator nodeSelector: beta.kubernetes.io/os: linux node-role.kubernetes.io/master: "" tolerations: - effect: NoSchedule key: node-role.kubernetes.io/master operator: Exists - effect: NoExecute key: node.kubernetes.io/unreachable operator: Exists tolerationSeconds: 900 - effect: NoExecute key: node.kubernetes.io/not-ready operator: Exists tolerationSeconds: 900 volumes: - name: snapshots emptyDir: {} - name: service-ca-bundle configMap: name: service-ca-bundle optional: true initContainers: - name: insights-operator image: quay.io/openshift/origin-insights-operator:latest terminationMessagePolicy: FallbackToLogsOnError volumeMounts: - name: snapshots mountPath: /var/lib/insights-operator - name: service-ca-bundle mountPath: /var/run/configmaps/service-ca-bundle readOnly: true ports: - containerPort: 8443 name: https resources: requests: cpu: 10m memory: 70Mi args: - gather - -v=4 - --config=/etc/insights-operator/server.yaml containers: - name: sleepy image: quay.io/openshift/origin-base:latest args: - /bin/sh - sleep 10m volumeMounts: [{name: snapshots, mountPath: /var/lib/insights-operator}]
复制
insights-operator
镜像版本:
$ oc get -n openshift-insights deployment insights-operator -o yaml
将您的镜像版本粘贴到
gather-job.yaml
中:
initContainers:
- name: insights-operator
image: <your_insights_operator_image_version>
terminationMessagePolicy: FallbackToLogsOnError
volumeMounts:
创建收集作业:
$ oc apply -n openshift-insights -f gather-job.yaml
查找作业 pod 的名称:
$ oc describe -n openshift-insights job/insights-operator-job
输出示例
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal SuccessfulCreate 7m18s job-controller Created pod: insights-operator-job-<your_job>
其中
insights-operator-job-
<your_job>
是 pod 的名称。
验证操作是否已完成:
$ oc logs -n openshift-insights insights-operator-job-<your_job> insights-operator
输出示例
I0407 11:55:38.192084 1 diskrecorder.go:34] Wrote 108 records to disk in 33ms保存创建的归档:
$ oc cp openshift-insights/insights-operator-job-<your_job>:/var/lib/insights-operator ./insights-data
清理作业:
$ oc delete -n openshift-insights job insights-operator-job
4.6.2. 上传 Insights Operator 存档
您可以将 Insights Operator 存档手动上传到
console.redhat.com
,以诊断潜在的问题。
以
cluster-admin
用户身份登录 OpenShift Container Platform。
您有一个没有互联网访问限制的工作站。
您已创建了 Insights Operator 归档的副本。
下载
dockerconfig.json
文件:
$ oc extract secret/pull-secret -n openshift-config --to=.
复制来自
dockerconfig.json
文件的
"cloud.openshift.com"
"auth"
令牌:
"auths": {
"cloud.openshift.com": {
"auth": "
<your_token>
",
"email": "[email protected]"
将存档上传到
console.redhat.com
:
$ curl -v -H "User-Agent: insights-operator/one10time200gather184a34f6a168926d93c330 cluster/<cluster_id>" -H "Authorization: Bearer <your_token>" -F "upload=@<path_to_archive>; type=application/vnd.redhat.openshift.periodic+tar" https://console.redhat.com/api/ingress/v1/upload
其中
<cluster_id>
是集群 ID,
<your_token>
是来自 pull secret 的令牌,
<path_to_archive>
是 Insights Operator 归档的路径。
如果操作成功,该命令会返回
"request_id"
和
"account_number"
:
* Connection #0 to host console.redhat.com left intact {"request_id":"393a7cf1093e434ea8dd4ab3eb28884c","upload":{"account_number":"6274079"}}%登录到 https://console.redhat.com/openshift 。 点左侧面板中的 Cluster 菜单。 要显示集群详情,点集群名称。 打开集群的 Insights Advisor 选项卡。 如果上传成功,标签会显示以下之一: 如果 Insights Advisor 没有发现任何问题,代表 您的集群已通过了所有建议 。 Insights Advisor 检测到的问题列表,按风险级别排列(低、中、重要和严重)。