All Products
Search
Document Center

Container Service for Kubernetes:View cluster information

最終更新日:Apr 23, 2024

You can view information about Container Service for Kubernetes (ACK) clusters on the cluster information page, including the basic cluster information, cluster inspection information, relevant cloud resources, and cluster resource monitoring data. This topic describes how to view cluster information and introduces the information displayed on each tab.

Procedure

  1. Log on to the ACK console. In the left-side navigation pane, click Clusters.

  2. On the Clusters page, click the name of the cluster that you want to manage and click Cluster Information in the left-side navigation pane.

  3. Click a tab to view the corresponding information.

    For more information, see Cluster information.

Cluster information

Tab

Description

Overview

Select a namespace to view the status of applications and components and view resource monitoring data in charts.

  • Application Status: This section displays charts that provide information about the status of Deployments, StatefulSets, and pods in the namespace. The green color indicates that applications are running as expected. The yellow color indicates that errors have occurred in applications.

  • Node Status: This section displays a chart that shows the status of the nodes in the cluster.

  • Cluster Risk Report: This section displays the potential risks that are detected during cluster scans and provides suggestions on how to mitigate the risks. You can click Configure Inspection Rules to configure the inspection interval and cycle.

  • Events: This section displays cluster events, such as warnings and errors.

  • Monitoring: This section displays the charts for CPU and memory utilization. The CPU utilization is measured in cores and is accurate to three decimal places. The smallest unit is millicores. A millicore is one-thousandth of a core. The memory utilization is measured in GiB and is accurate to three decimal places. For more information, see Meaning of CPU and Meaning of memory.

Security Overview

Click the Security Overview tab to view the cluster security inspection results, including node vulnerabilities, container image risks, and container runtime risks. This helps you learn the potential risks in application configurations.

An inspection report is generated after a security inspection is performed. The report includes the description of each inspection item and suggestions on how to fix the related security issues. You can also configure periodic inspections. The results of each periodic inspection are logged to the specified Logstore in Simple Log Service. For more information, see Use the inspection feature to detect security risks in the workloads of an ACK cluster.

Only ACK Pro clusters support this feature. To use this feature, submit a ticket to apply to be added to the whitelist.

Basic Information

  • Basic Information: displays the ID, region, and time zone of the cluster, the status of deletion protection, and the status of Secret encryption.

    You can use the CLI to query the time zones of the control plane and worker nodes.

    View steps

    To view the time zone of the control plane, connect to the cluster by using kubectl and run the following command:

    kubectl get configmap -n kube-system ack-cluster-profile -o yaml | grep timezone

    Expected output:

    timezone: Asia/Shanghai

    To view the time zone of a worker node, connect to the worker node by using SSH and run the following command:

    ls -l /etc/localtime

    Expected output:

    lrwxrwxrwx 1 root root 30 Sep 30 18:44 /etc/localtime -> /usr/share/zoneinfo/Asia/Shanghai
  • Cluster Information: displays information such as the endpoints of the API server, Service CIDR block, RRSA OIDC, kube-proxy mode, and custom certificate subject alternative names (SANs).

  • Cluster Maintenance: displays information about the cluster maintenance window.

Connection Information

You can obtain the kubeconfig file that can be used to connect a kubectl client to the cluster over the Internet or internal network.

Cluster Resources

You can view all Alibaba Cloud services and resources used by the cluster, including Resource Orchestration Service (ROS), Virtual Private Cloud (VPC), Elastic Compute Service (ECS) security group, worker Resource Access Management (RAM) role, Simple Log Service, and Server Load Balancer (SLB). To check a resource in the corresponding console, click the resource ID.

Important

The resources are managed by ACK. Do not delete or modify the resources in case your cluster and the applications in the cluster cannot function as normal.

Cluster Monitoring

ACK is integrated with Managed Service for Prometheus to allow you to monitor resources in your cluster. You can view the utilization of CPU, memory, and network resources and create alert rules. For more information, see Monitoring management.

Cluster Logs

You can view cluster logs.

Cluster Tasks

You can view information about cluster tasks, including the task status, associated resources, and start time and end time of each task. Error information is displayed for failed tasks to help you troubleshoot issues.