# Node Problem Detector 完整部署 # 建立者: Claude Code (首席架構師) # 日期: 2026-03-28 (台北) # 用途: 偵測節點問題 (OOM, 磁碟壓力, 內核問題等) --- apiVersion: v1 kind: Namespace metadata: name: node-problem-detector labels: app: node-problem-detector --- apiVersion: v1 kind: ServiceAccount metadata: name: node-problem-detector namespace: node-problem-detector --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: name: node-problem-detector rules: - apiGroups: [""] resources: ["nodes"] verbs: ["get"] - apiGroups: [""] resources: ["nodes/status"] verbs: ["patch"] - apiGroups: [""] resources: ["events"] verbs: ["create", "patch", "update"] --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: name: node-problem-detector roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: node-problem-detector subjects: - kind: ServiceAccount name: node-problem-detector namespace: node-problem-detector --- apiVersion: apps/v1 kind: DaemonSet metadata: name: node-problem-detector namespace: node-problem-detector labels: app: node-problem-detector spec: selector: matchLabels: app: node-problem-detector template: metadata: labels: app: node-problem-detector spec: serviceAccountName: node-problem-detector containers: - name: node-problem-detector image: registry.k8s.io/node-problem-detector/node-problem-detector:v0.8.17 command: - /node-problem-detector - --logtostderr - --config.system-log-monitor=/config/kernel-monitor.json,/config/docker-monitor.json resources: limits: cpu: 100m memory: 100Mi requests: cpu: 20m memory: 50Mi securityContext: privileged: true env: - name: NODE_NAME valueFrom: fieldRef: fieldPath: spec.nodeName volumeMounts: - name: log mountPath: /var/log readOnly: true - name: kmsg mountPath: /dev/kmsg readOnly: true - name: localtime mountPath: /etc/localtime readOnly: true tolerations: - operator: Exists effect: NoSchedule - operator: Exists effect: NoExecute volumes: - name: log hostPath: path: /var/log/ - name: kmsg hostPath: path: /dev/kmsg - name: localtime hostPath: path: /etc/localtime