Openshift ManageIQ上次刷新：HTTP状态代码403，用户无法列出集群中的所有POD_Openshift_Monitoring_Manageiq

Openshift ManageIQ上次刷新：HTTP状态代码403，用户无法列出集群中的所有POD

openshift monitoring

Openshift ManageIQ上次刷新：HTTP状态代码403，用户无法列出集群中的所有POD,openshift,monitoring,manageiq,Openshift,Monitoring,Manageiq,我尝试使用manageiq与openshift建立监控连接。容器提供程序已成功生成但问题是此连接无法刷新。我将身份验证模式设置为httpd，如下所示但是，此配置抛出403错误请参阅ssl_error.log和evm.log ==ssl\u error.log== [Sat Jun 03 00:39:59.440542 2017] [proxy:error] [pid 2049] (111)Connection refused: AH00957: HTTP: attempt to co

我尝试使用manageiq与openshift建立监控连接。容器提供程序已成功生成

但问题是此连接无法刷新。我将身份验证模式设置为httpd，如下所示

但是，此配置抛出403错误

请参阅ssl_error.log和evm.log

==ssl\u error.log==

[Sat Jun 03 00:39:59.440542 2017] [proxy:error] [pid 2049] (111)Connection refused: AH00957: HTTP: attempt to connect to 0.0.0.0:3002 (0.0.0.0) failed
[Sat Jun 03 00:39:59.440548 2017] [proxy:error] [pid 2049] AH00959: ap_proxy_connect_backend disabling worker for (0.0.0.0) for 60s
[Sat Jun 03 00:39:59.440550 2017] [proxy_http:error] [pid 2049] [client 172.17.0.1:43722] AH01114: HTTP: failed to make connection to backend: 0.0.0.0, referer: https://localhost:8443/ems_container/1
[Sat Jun 03 00:39:59.570938 2017] [proxy:error] [pid 2049] (111)Connection refused: AH00957: HTTP: attempt to connect to 0.0.0.0:3001 (0.0.0.0) failed
[Sat Jun 03 00:39:59.570960 2017] [proxy:error] [pid 2049] AH00959: ap_proxy_connect_backend disabling worker for (0.0.0.0) for 60s
[Sat Jun 03 00:39:59.570963 2017] [proxy_http:error] [pid 2049] [client 172.17.0.1:43722] AH01114: HTTP: failed to make connection to backend: 0.0.0.0, referer: https://localhost:8443/ems_container/1

==evm.log==

[----] E, [2017-06-03T00:43:41.697865 #2327:2ad9e81e2b4c] ERROR -- : MIQ(ManageIQ::Providers::Openshift::ContainerManager::EventCatcher::Runner#start_event_monitor) EMS [console.starter-us-east-1.openshift.com] as [] Event Monitor Thread aborted because [User "gladiator67@naver.com" cannot list all events in the cluster]
[----] E, [2017-06-03T00:43:41.698127 #2327:2ad9e81e2b4c] ERROR -- : [KubeException]: User "gladiator67@naver.com" cannot list all events in the cluster  Method:[rescue in block in start_event_monitor]
[----] E, [2017-06-03T00:43:41.698272 #2327:2ad9e81e2b4c] ERROR -- : /opt/rubies/ruby-2.3.1/lib/ruby/gems/2.3.0/gems/kubeclient-2.3.0/lib/kubeclient/common.rb:107:in `rescue in handle_exception'
/opt/rubies/ruby-2.3.1/lib/ruby/gems/2.3.0/gems/kubeclient-2.3.0/lib/kubeclient/common.rb:99:in `handle_exception'
/opt/rubies/ruby-2.3.1/lib/ruby/gems/2.3.0/gems/kubeclient-2.3.0/lib/kubeclient/common.rb:258:in `get_entities'
/opt/rubies/ruby-2.3.1/lib/ruby/gems/2.3.0/gems/kubeclient-2.3.0/lib/kubeclient/common.rb:169:in `block (2 levels) in define_entity_methods'
/opt/rubies/ruby-2.3.1/lib/ruby/gems/2.3.0/gems/kubeclient-2.3.0/lib/kubeclient/common.rb:79:in `method_missing'
/opt/rubies/ruby-2.3.1/lib/ruby/gems/2.3.0/bundler/gems/manageiq-gems-pending-e0f3ea8755bf/lib/gems/pending/kubernetes/events/kubernetes_event_monitor.rb:32:in `each'
/var/www/miq/vmdb/app/models/manageiq/providers/kubernetes/container_manager/event_catcher_mixin.rb:41:in `monitor_events'
/var/www/miq/vmdb/app/models/manageiq/providers/base_manager/event_catcher/runner.rb:164:in `block in start_event_monitor'

更新那么我如何在openshift online上只监控我自己的项目呢？在manageiq Docker容器上不可能吗？下面的代码是显示我的openshift项目的openshift Java客户端代码

    IClient client = new ClientBuilder("https://console.starter-us-east-1.openshift.com")
                        .withUserName("gladiator67@naver.com")
                        .withPassword("111111")
                        .build();

client.getAuthorizationContext().setToken("is-ildn...");

                System.out.println("=======================================================================");
System.out.println(client.getOpenShiftAPIVersion() + ", " + client.getServerReadyStatus());
    System.out.println("\n========================Openshift Project====================================");
    IProject project = (IProject)client.getResourceFactory().stub(ResourceKind.PROJECT, "josephproject-openshift");
    System.out.println("Openshift API version : " + project.getApiVersion() 
                    +", Project namespace : " + project.getNamespace() + ", Project name : " + project.getName());

结果显示了我的openshift项目信息

=======================================================================
v1, ok

========================Openshift Project====================================
Openshift API version : v1, Project namespace : josephproject-openshift, Project name : josephproject-openshift

我想我可以在manageiq上监视我的openshift项目，就像这些客户端代码一样。

openshift Online没有为您提供足够的访问权限来授予应用程序

群集读取器

访问权限。给你

集群阅读器

访问权限意味着你可以看到集群中每个人的项目列表，对于其他人使用的共享环境来说，这并不是你真正想要给非管理员的人的东西

您在OpenShift Online中运行ManageIQ的能力将非常有限。它打算由管理员为整个群集安装，只有在管理员需要时才授予非管理员用户访问权限。

谢谢您的详细解释。云你检查我的更新部分的线程，请？你到底想监测什么，OpenShift网络控制台没有提供给你？web控制台为应用程序pod提供度量图表，并具有日志记录功能。us-east-1上的这些应用程序出现了一些问题，而且由于ManageIQ可能使用相同的基础度量提供程序，因此现在也可能无法对这些应用程序起作用。此外，这是为以后尝试监控您可能在付费层中运行的应用程序做准备。在初学者层中使用ManageIQ并没有多大意义，因为ManageIQ会占用您一半或更多的资源分配，使您很难部署要监视的应用程序。非常感谢您的建议。这真的很有帮助。api.starter-us-east-1.openshift.com的一些问题已经解决，然后，我再次尝试在ManageIQ中配置openshift监控实例。但同样可怕的错误消息被抛出HTTP状态代码403，用户“gladiator67@naver.com“无法列出集群中的所有POD，evm.log中出现相同错误，如有任何想法，将不胜感激！