Troubleshooting Tools
最后更新于
最后更新于
The chapter mainly introduces the tools frequently used in troubleshooting in Kubernetes.
kubectl
: This is used to inspect the status of both Kubernetes clusters and containers, such as kubectl describe pod <pod-name>
.
journalctl
: This tool is used to peruse logs of Kubernetes components, using commands like journalctl -u kubelet -l
.
iptables
and ebtables
: These are used to troubleshoot whether a Service is working, such as with iptables -t nat -nL
, which checks if the iptables rules configured by kube-proxy are working properly.
tcpdump
: This is used to troubleshoot issues pertaining to container networks, using commands like tcpdump -nn host 10.240.0.8
.
perf
: A performance analysis tool that comes with the Linux kernel, this is often used to troubleshoot performance issues, such as the issue mentioned in .
To check the logs of system components like Kubelet, CNI, kernel, and so on, you need to first SSH into the Node. It is recommended to use the plugin instead of assigning a public IP address to every node.
sysdig is a troubleshooting tool for containers and comes in both open-source and commercial editions. For regular troubleshooting, the open-source version will suffice.
Aside from sysdig, two other auxiliary tools can be used:
csysdig: This is automatically installed with sysdig and offers a Command Line Interface (CLI).
Weave Scope is another container monitoring and troubleshooting tool that offers visualization. It does not come with the powerful CLI that sysdig offers, but it does have a simple-to-use interactive interface. It automatically outlines the topology of the entire cluster and its functionality can be expanded using plugins. According to its official site, the features provided by Weave Scope include:
The Probe collects information about the containers and hosts and sends it to the App.
The App processes this information, generates reports accordingly and presents them in the form of an interactive UI.
After installation is complete, you can use weave-scope-app to view the interactive UI:
Clicking on a Pod will permit you to see real-time statuses and metrics data for all the containers in the Pod:
There are two solutions for this problem:
Disable eBPF detection with --probe.ebpf.connections=false
.
Upgrade the kernel, for example, to 4.13.0.
: This provides a graphical interface (non-real time) for trace files saved by sysdig, such as with sudo sysdig -w filename.scap
.
For more samples and usage methods, check out the .
Weave Scope is made up of two parts - the - which carry out different tasks:
When activating --probe.ebpf.connections
on Ubuntu kernel 4.4.0 (it is activated by default), the Node might :