kubectl 命令行工具

发布时间: 更新时间: 总字数:2278 阅读时间:5m 作者: IP上海 分享 网址

k8s 常用命令

kubectl 命令分类

kubectl 的命令分为3类:

  • 陈述式命令(Imperative Commands),如run、expose、delete、get等
  • 陈述式对象命令(Imperative Object Commands):create -f, delete -f, replace -f
  • 声明式对象命令(Declarative Object Commands):apply -f

基础命令

bash completion

# 在 bash 中设置当前 shell 的自动补全,依赖:apt install bash-completion
source <(kubectl completion bash)

# 在 bash 中设置永久自动补全
echo "source <(kubectl completion bash)" >> ~/.bashrc

version

client和server的版本信息

  • client端kubectl版本信息
  • server端k8s版本信息
kubectl version

config

切换空间

$ kubectl config set-context $(kubectl config current-context) --namespace=<insert-namespace-name-here>
# Validate it
$ kubectl config view | grep namespace:

namespace

kubectl get ns
kubectl get namespaces
kubectl get ns/default
kubectl get ns/default -o [wide|yaml|json]

kubectl create namespace dev
kubectl describe ns/default

kubectl delete namespace dev
kubectl delete ns/dev
kubectl delete ns/dev ns/testing
# cat namespace-dev.yaml
apiVersion: v1
kind: Namespace
metadata:
name: dev
  • 切换空间
kubectl config set-context $(kubectl config current-context) --namespace=<insert-namespace-name-here>

components

查看scheduler/controller-manager/etcd等组件 Healthy

kubectl get cs -o wide
kubectl get componentstatus

cluster info

查看kubernetes master(apiserver)组件running

kubectl cluster-info

api-resources

kubectl api-resources

api-versions

kubectl api-versions

get

  • 获取当前命名空间的所有资源
kubectl get all
  • 获取指定类型的跨命名空间的所有资源
kubectl get pod -A
kubectl get ingress -A
kubectl get ingressroute -A

set

更新镜像

kubectl set image deployment/nginx-deployment nginx=nginx:1.9.1

patch

kubectl patch deployment nginx-deployment -p '{"spec":{"replicas":5}}'
kubectl patch deployment nginx-deployment -p '{"spec":{"strategy":{"roolingUpdate": {"maxSurge":1, "maxUnavailable": 0}}}}'

Nodes

get

kubectl get nodes
kubectl get nodes -o wide
kubectl get nodes --show-labels

describe

kubectl describe nodes

cordon

cordon 用来为节点配置警戒线:设置完后 node 节点的 STATUS 会加上 SchedulingDisabled 标记,表示此节点处于不可调度的状态。已经在此节点上运行的 Pod 不会被删除

kubectl cordon node1
kubectl uncordon node1

drain

drain 用来为节点配置污点:设置完后该节点不可调度,容器会驱散

kubectl drain node1 --ignore-daemonsets

explain

kube api 文档,帮助开发人员查看yaml配置信息

kubectl explain <type>.<fieldName>[.<fieldName>]

kubectl explain pod
kubectl explain pod.kind
kubectl explain pod.spec
kubectl explain pod.spec.containers.lifecycle
...
  • kubectl explain pod
kubectl explain pod
# kubectl explain pod
KIND:     Pod
VERSION:  v1

DESCRIPTION:
     Pod is a collection of containers that can run on a host. This resource is
     created by clients and scheduled onto hosts.

FIELDS:
   apiVersion	<string>
     APIVersion defines the versioned schema of this representation of an
     object. Servers should convert recognized schemas to the latest internal
     value, and may reject unrecognized values. More info:
     https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources

   kind	<string>
     Kind is a string value representing the REST resource this object
     represents. Servers may infer this from the endpoint the client submits
     requests to. Cannot be updated. In CamelCase. More info:
     https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds

   metadata	<Object>
     Standard object's metadata. More info:
     https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata

   spec	<Object>
     Specification of the desired behavior of the pod. More info:
     https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status

   status	<Object>
     Most recently observed status of the pod. This data may not be up to date.
     Populated by the system. Read-only. More info:
     https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
  • kubectl explain pod.spec.containers.lifecycle
kubectl explain pod lifecycle
# kubectl explain pod.spec.containers.lifecycle
KIND:     Pod
VERSION:  v1

RESOURCE: lifecycle <Object>

DESCRIPTION:
     Actions that the management system should take in response to container
     lifecycle events. Cannot be updated.

     Lifecycle describes actions that the management system should take in
     response to container lifecycle events. For the PostStart and PreStop
     lifecycle handlers, management of the container blocks until the action is
     complete, unless the container process fails, in which case the handler is
     aborted.

FIELDS:
   postStart	<Object>
     PostStart is called immediately after a container is created. If the
     handler fails, the container is terminated and restarted according to its
     restart policy. Other management of the container blocks until the hook
     completes. More info:
     https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks

   preStop	<Object>
     PreStop is called immediately before a container is terminated due to an
     API request or management event such as liveness/startup probe failure,
     preemption, resource contention, etc. The handler is not called if the
     container crashes or exits. The reason for termination is passed to the
     handler. The Pod's termination grace period countdown begins before the
     PreStop hooked is executed. Regardless of the outcome of the handler, the
     container will eventually terminate within the Pod's termination grace
     period. Other management of the container blocks until the hook completes
     or until the termination grace period is reached. More info:
     https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks

Pod, Pod Controller, Service

示例:

  • Deployment -> nginx-dp -> nginx pod
  • Service -> nginx-dp

下面依次创建Pod、svc,资源如下:

kubectl get all
NAME                                          READY   STATUS    RESTARTS   AGE
pod/nginx-dp-5cc7cc95cb-ll4s4                 1/1     Running   0          71s

NAME                             TYPE        CLUSTER-IP     EXTERNAL-IP   PORT(S)   AGE
service/kubernetes               ClusterIP   10.116.0.1     <none>        443/TCP   2d1h

NAME                                     READY   UP-TO-DATE   AVAILABLE   AGE
deployment.apps/nginx-dp                 1/1     1            1           72s

NAME                                                DESIRED   CURRENT   READY   AGE
replicaset.apps/nginx-dp-5cc7cc95cb                 1         1         1       73s

Pod

查看所有集群pod状态

kubectl get pods
kubectl get pods -n kube-public
kubectl get pods -n kube-system
kubectl get pods --all-namespaces
kubectl get pods --all-namespaces -o wide

# 查看 pod 的 uuid,与 /var/lib/kubelet/pods/<uuid> 向对应
kubectl get pods -A -o custom-columns=NodeName:.spec.nodeName,PodName:.metadata.name,PodUID:.metadata.uid

根据标签获取pod

kubectl get pod -l app,release
kubectl get pod -l app=demo --show-labels
kubectl get pod -l app=nginx --show-labels

kubectl get pod -l "app in (nginx, demo)"

kubectl get pod nginx -o wide

# 非默认namespace,需要指定具体namespace
kubectl -n kube-system get pods -o wide

强制删除pod

kubectl delete pods <pod> --grace-period=0 --force

kubectl exec

进入容器执行命令:

kubectl exec (POD | TYPE/NAME) [-c CONTAINER] [flags] -- COMMAND [args...] [options]
kubectl exec <pod-name> -- pwd
kubectl exec pod/<pod-name> -it -- [/bin/sh|bash]
  • sidecar容器访问
kubectl exec -n <namespace> -it <pod-name> -c <container-name> -- [/bin/sh|bash]

kubectl logs

查看容器日志:

kubectl logs -f pod/<pod-name>
  • sidecar容器访问
kubectl logs [-f] [-p] (POD | TYPE/NAME) [-c CONTAINER] [options]
kubect logs --tail=5 -n <namespace> <pod-name> -c <container-name>
  • 之前崩溃容器的日志
kubectl logs --previous (POD | TYPE/NAME) [-c CONTAINER] [options]

kubectl port-forward

解决服务暴露问题

kubectl port-forward <pod-name> 8080:<pod-port>
kubectl port-forward service/<service-name> 8080:<service-port>
kubectl port-forward <ingress-pod-name> 8080:<ingress-port>

示例:

kubectl port-forward svc/kubernetes-dashboard 8443:443 -n kubernetes-dashboard

Deployment

kubectl get deployment
  • 创建资源
kubectl create deployment nginx-dp --image=nginx
kubectl get pod -o wide
# 在master节点访问资源
curl <pod-ip>
# 删除pod
kubectl delete pod/nginx-dp-5cc7cc95cb-ll4s4

SVC

kubectl create service -h
# kubectl create service -h
Create a service using specified subcommand.

Aliases:
service, svc

Available Commands:
  clusterip    Create a ClusterIP service.
  externalname Create an ExternalName service.
  loadbalancer Create a LoadBalancer service.
  nodeport     Create a NodePort service.

Usage:
  kubectl create service [flags] [options]

Use "kubectl <command> --help" for more information about a given command.
Use "kubectl options" for a list of global command-line options (applies to all commands).
# kubectl create service clusterip -h
Create a ClusterIP service with the specified name.

Examples:
  # Create a new ClusterIP service named my-cs
  kubectl create service clusterip my-cs --tcp=5678:8080

  # Create a new ClusterIP service named my-cs (in headless mode)
  kubectl create service clusterip my-cs --clusterip="None"

Options:
      --allow-missing-template-keys=true: If true, ignore any errors in templates when a field or
map key is missing in the template. Only applies to golang and jsonpath output formats.
      --clusterip='': Assign your own ClusterIP or set to 'None' for a 'headless' service (no
loadbalancing).
      --dry-run='none': Must be "none", "server", or "client". If client strategy, only print the
object that would be sent, without sending it. If server strategy, submit server-side request
without persisting the resource.
      --field-manager='kubectl-create': Name of the manager used to track field ownership.
  -o, --output='': Output format. One of:
json|yaml|name|go-template|go-template-file|template|templatefile|jsonpath|jsonpath-as-json|jsonpath-file.
      --save-config=false: If true, the configuration of current object will be saved in its
annotation. Otherwise, the annotation will be unchanged. This flag is useful when you want to
perform kubectl apply on this object in the future.
      --tcp=[]: Port pairs can be specified as '<port>:<targetPort>'.
      --template='': Template string or path to template file to use when -o=go-template,
-o=go-template-file. The template format is golang templates
[http://golang.org/pkg/text/template/#pkg-overview].
      --validate=true: If true, use a schema to validate the input before sending it

Usage:
  kubectl create service clusterip NAME [--tcp=<port>:<targetPort>] [--dry-run=server|client|none]
[options]

Use "kubectl options" for a list of global command-line options (applies to all commands).
  • 查看所有集群服务状态
kubectl get svc --all-namespaces

创建clusterip

kubectl create service clusterip nginx-dp --tcp=80:80
  • 查看
kubectl get svc/nginx-dp -o wide
kubectl describe svc/nginx-dp
  • 访问
  1. 通过clusterip可以访问到nginx的服务
kubectl get svc -n kube-system
  1. 通过域名访问,查看coredns/kube-dns的地址,修改/etc/resolv.confnameserver
  2. 访问域名nginx-dp.default.svc.cluster.local

创建nodeport

# kubectl create service nodeport nginx-dp --tcp=80:80
service/nginx-dp created
# kubectl get svc
NAME                     TYPE        CLUSTER-IP      EXTERNAL-IP   PORT(S)        AGE
nginx-dp                 NodePort    10.116.14.211   <none>        80:32761/TCP   45s

通过nodeip:32761访问,该实现通过iptable dnat实现

Label

为指定节点设置label

kubectl label nodes <node-name> <label-key>=<label-value>
kubectl label nodes 172.20.20.20 edgenode=true

确认节点label是否设置成功

kubectl get nodes -l ‘label_key=label_value’

获取 statefulset

kubectl get statefulset

删除statefulsets

[root@xiexianbin_cn ~]# kubectl get statefulsets
NAME            DESIRED   CURRENT   AGE
mariadb   2         2         1d
[root@xiexianbin_cn ~]# kubectl delete statefulsets mariadb
statefulset "mariadb" deleted
kubectl delete statefulsets mariadb -n openstack --force

弹性伸缩

# kubectl scale --replicas=3 deployment nginx-dp
deployment.apps/nginx-dp scaled
# kubectl describe svc/nginx-dp
Name:              nginx-dp
Namespace:         default
Labels:            app=nginx-dp
Annotations:       <none>
Selector:          app=nginx-dp
Type:              ClusterIP
IP:                10.116.6.228
Port:              80-80  80/TCP
TargetPort:        80/TCP
Endpoints:         10.112.0.7:80,10.112.1.9:80,10.112.2.7:80
Session Affinity:  None
Events:            <none>

autoscale

kubectl autoscale deployment nginx-deployment --min=10 --max=15 --cpu-percent=80

rollout

# 查看 rollout 情况
kubectl rollout status deployment
kubectl rollout status deployment nginx-deployment

# 查看历史
kubectl rollout history

# 回滚
kubectl rollout undo deployment/nginx-deployment

# 暂停更新,仅创建新 pod ,不执行删除动作
kubectl rollout pause deployment/nginx-deployment
# 继续更新,执行删除动作
kubectl rollout resume deployment/nginx-deployment

YAML 文件

快速编写 YAML

  • kubectl run 生成模板
kubectl create deployment nginx --image=nginx:latest -o yaml --dry-run=client > nginx-deploy.yaml
  • kubectl get 导出已有应用模板
kubectl get my-deploy/nginx -o yaml --export  > my-deploy.yaml

create/apply

kubectl create -f a.yaml
kubectl apply -f a.yaml
kubectl replace -f a.yaml

其他工具

Home Archives Categories Tags Statistics
本文总阅读量 次 本站总访问量 次 本站总访客数