1、调试环境
(1)部署k8s集群,版本为1.24.2,参考文章:K8S源码分析系列1—搭建K8S调试集群,本文部署了2个节点:master、worker1。
(2)安装golang,版本为1.24.1,下载地址:https://golang.google.cn/dl/。
(3)安装dlv,版本为1.25.0
git clone https://github.com/go-delve/delve cd delve go install github.com/go-delve/delve/cmd/dlv dlv version
(4)下载k8s源码,切换tag v1.24.2
git clone https://github.com/kubernetes/kubernetes.git cd kubernetes git checkout v1.24.2
2、调试kubelet
(1)服务器编译kubelet
make all WHAT="cmd/kubelet" GOGCFLAGS="-N -l" DBG=1
(2)服务器停止kubelet
systemctl stop kubelet
(3)服务器启动dlv
dlv --listen=:18080 --headless=true --api-version=2 --accept-multiclient exec /data/jemuel/kubernetes/_output/bin/kubelet -- --bootstrap-kubeconfig=/etc/kubernetes/bootstrap-kubelet.conf --kubeconfig=/etc/kubernetes/kubelet.conf --config=/var/lib/kubelet/config.yaml --runtime-cgroups=/systemd/system.slice --container-runtime=remote --container-runtime-endpoint=unix:///var/run/containerd/containerd.sock --pod-infra-container-image=k8s.gcr.io/pause:3.7
(4)本地IDE配置远程调试
Goland中Run=>Debug=>Edit Configurations=>新增Go Remote
(5)本地启动调试
(6)相关问题
1. dlv启动报错:
需要设置cgroup:--runtime-cgroups=/systemd/system.slice
2. dlv启动报错:
需要设置调试选项,启用符号表、调试信息:make all WHAT=cmd/kubelet GOGCFLAGS="-N -l" DBG=1
3、调试kube-apiserver
(1)服务器编译kube-apiserver
make all WHAT="cmd/kube-apiserver" GOGCFLAGS="-N -l" DBG=1
(2)服务器停止kube-apiserver
将master节点上文件/etc/kubernetes/manifests/kube-apiserver.yaml移动到其他目录,kube-apiserver会自动停止
(3)服务器启动dlv
dlv --listen=:18081 --headless=true --api-version=2 --accept-multiclient exec /data/jemuel/kubernetes/_output/bin/kube-apiserver -- --advertise-address=10.1.8.10 --allow-privileged=true --authorization-mode=Node,RBAC --client-ca-file=/etc/kubernetes/pki/ca.crt --enable-admission-plugins=NodeRestriction --enable-bootstrap-token-auth=true --etcd-cafile=/etc/kubernetes/pki/etcd/ca.crt --etcd-certfile=/etc/kubernetes/pki/apiserver-etcd-client.crt --etcd-keyfile=/etc/kubernetes/pki/apiserver-etcd-client.key --etcd-servers=https://127.0.0.1:2379 --kubelet-client-certificate=/etc/kubernetes/pki/apiserver-kubelet-client.crt --kubelet-client-key=/etc/kubernetes/pki/apiserver-kubelet-client.key --kubelet-preferred-address-types=InternalIP,ExternalIP,Hostname --proxy-client-cert-file=/etc/kubernetes/pki/front-proxy-client.crt --proxy-client-key-file=/etc/kubernetes/pki/front-proxy-client.key --requestheader-allowed-names=front-proxy-client --requestheader-client-ca-file=/etc/kubernetes/pki/front-proxy-ca.crt --requestheader-extra-headers-prefix=X-Remote-Extra- --requestheader-group-headers=X-Remote-Group --requestheader-username-headers=X-Remote-User --secure-port=6443 --service-account-issuer=https://kubernetes.default.svc.cluster.local --service-account-key-file=/etc/kubernetes/pki/sa.pub --service-account-signing-key-file=/etc/kubernetes/pki/sa.key --service-cluster-ip-range=10.96.0.0/12 --tls-cert-file=/etc/kubernetes/pki/apiserver.crt --tls-private-key-file=/etc/kubernetes/pki/apiserver.key
(4)本地IDE配置远程调试
(5)本地启动调试
4、调试kube-controller-manager
(1)服务器编译kube-controller-manager
make all WHAT="cmd/kube-controller-manager" GOGCFLAGS="-N -l" DBG=1
(2)服务器停止kube-controller-manager
将master节点上文件/etc/kubernetes/manifests/kube-controller-manager.yaml移动到其他目录,kube-controller-manager会自动停止
(3)服务器启动dlv
dlv --listen=:18082 --headless=true --api-version=2 --accept-multiclient exec /data/jemuel/kubernetes/_output/bin/kube-controller-manager -- --allocate-node-cidrs=true --authentication-kubeconfig=/etc/kubernetes/controller-manager.conf --authorization-kubeconfig=/etc/kubernetes/controller-manager.conf --bind-address=127.0.0.1 --client-ca-file=/etc/kubernetes/pki/ca.crt --cluster-cidr=10.244.0.0/16 --cluster-name=kubernetes --cluster-signing-cert-file=/etc/kubernetes/pki/ca.crt --cluster-signing-key-file=/etc/kubernetes/pki/ca.key --controllers=*,bootstrapsigner,tokencleaner --kubeconfig=/etc/kubernetes/controller-manager.conf --leader-elect=true --requestheader-client-ca-file=/etc/kubernetes/pki/front-proxy-ca.crt --root-ca-file=/etc/kubernetes/pki/ca.crt --service-account-private-key-file=/etc/kubernetes/pki/sa.key --service-cluster-ip-range=10.96.0.0/12 --use-service-account-credentials=true
(4)本地IDE配置远程调试
(5)本地启动调试
5、调试kube-scheduler
(1)服务器编译kube-scheduler
make all WHAT="cmd/kube-scheduler" GOGCFLAGS="-N -l" DBG=1
(2)服务器停止kube-scheduler
将master节点上文件/etc/kubernetes/manifests/kube-scheduler.yaml移动到其他目录,kube-scheduler会自动停止
(3)服务器启动dlv
dlv --listen=:18083 --headless=true --api-version=2 --accept-multiclient exec /data/jemuel/kubernetes/_output/bin/kube-scheduler -- --authentication-kubeconfig=/etc/kubernetes/scheduler.conf --authorization-kubeconfig=/etc/kubernetes/scheduler.conf --bind-address=127.0.0.1 --kubeconfig=/etc/kubernetes/scheduler.conf --leader-elect=true
(4)本地IDE配置远程调试
(5)本地启动调试
6、调试kube-proxy
(1)服务器编译kube-proxy
make all WHAT="cmd/kube-proxy" GOGCFLAGS="-N -l" DBG=1
(2)服务器停止kube-proxy
本文在worker1节点上调试kube-proxy,为停止worker1上的服务且不影响master上的服务,调整daemonset/kube-proxy的nodeSelector
kubectl edit daemonset/kube-proxy -n kube-system
设置nodeSelector为kubernetes.io/hostname: master
(3)获取kube-proxy配置
kubectl get cm/kube-proxy -oyaml -n kube-system
获取configmap中config.conf内容保存为/data/jemuel/kubernetes/_output/bin/config.conf,并且调整kubeconfig配置为/root/.kube/config
(4)服务器启动dlv
dlv --listen=:18084 --headless=true --api-version=2 --accept-multiclient exec /data/jemuel/kubernetes/_output/bin/kube-proxy -- --config=/data/jemuel/kubernetes/_output/bin/config.conf --hostname-override=worker1
(5)本地IDE配置远程调试
(6)本地启动调试
