cka真题笔记

1.列出pod并排序

[root@node-21-243 ~]# kubectl get pods -n kube-system --sort-by={.metadata.name}
NAME                                       READY   STATUS    RESTARTS   AGE
calico-kube-controllers-7cbcff948f-tlwvj   1/1     Running   0          78d
calico-node-ls4vc                          1/1     Running   0          78d
coredns-w9p7k                              1/1     Running   0          78d
etcd-node-21-243                           1/1     Running   12         78d
kube-apiserver-node-21-243                 1/1     Running   15         78d
kube-controller-manager-node-21-243        1/1     Running   36         78d
kube-proxy-vvh4m                           1/1     Running   0          78d
kube-scheduler-node-21-243                 1/1     Running   35         78d
tiller-deploy-c67dm                        1/1     Running   0          78d

2.找出pod中的错误日志

平时的使用中,常用到-f和--since=3s参数,-f持续输出,--since只输出前面多久的,防止日志太多。

下面的原理,使用kubectl logs打印所有日志,通过管道传送,使用grep进行过滤之后写入文件中。

[root@node-21-243 ~]# kubectl logs  kube-apiserver-node-21-243 -n kube-system | grep error > error.log

3.创建一个pod ,并调度到某个节点上

[root@node-21-243 ~]# kubectl label node node-21-243 teststatus=lxh
node/node-21-243 labeled

[root@node-21-243 ~]# vi pods.yaml
apiVersion: v1
kind: Pod
metadata:
  name: nginx
  labels:
    env: test
spec:
  containers:
  - name: nginx
    image: nginx
    imagePullPolicy: IfNotPresent
  nodeSelector:
    teststatus: lxh
[root@node-21-243 ~]# kubectl create -f pods.yaml

如果记不住pods格式的,直接官网查https://kubernetes.io/zh/docs/concepts/scheduling-eviction/assign-pod-node/。

4.列出正常节点的个数

[root@node-21-243 ~]# kubectl get nodes | awk '{print $2}' |grep Ready | wc -l
1

5.pod中挂载volume

[root@node-21-243 ~]# vi pods.yaml
apiVersion: v1
kind: Pod
metadata:
  name: test-pd
spec:
  containers:
  - image: k8s.gcr.io/test-webserver
    name: test-container
    volumeMounts:
    - mountPath: /cache
      name: cache-volume
  volumes:
  - name: cache-volume
    emptyDir: {}
[root@node-21-243 ~]# kubectl create -f pods.yaml

官方链接:https://kubernetes.io/zh/docs/concepts/storage/volumes/

6.提供一个pod,添加init-container ,在container中添加一个空文件,启动的时候。在另一个containre中检测是否有这个文件,否则退出

[root@node-21-243 ~]# vi pods.yaml
apiVersion: v1
kind: Pod
metadata:
  name: myapp-pod
  labels:
    app: myapp
spec:
  containers:
  - name: myapp-container
    image: busybox:1.28
    command: ['sh', '-c', 'cat /tmp/001.txt']
    volumeMounts:
    - mountPath: /tmp
      name: cache-volume
  initContainers:
  - name: init-myservice
    image: busybox:1.28
    command: ['sh', '-c', "touch /tmp/001.txt"]
    volumeMounts:
    - mountPath: /tmp
      name: cache-volume
  volumes:
  - name: cache-volume
    emptyDir: {}
[root@node-21-243 ~]# kubectl create -f pods.yaml

参考:

https://kubernetes.io/zh/docs/concepts/storage/volumes/

https://kubernetes.io/zh/docs/concepts/workloads/pods/init-containers/

7.创建pod,再创建一个service

[root@node-21-243 ~]# vi services.yaml
apiVersion: v1
kind: Service
metadata:
  name: my-service
spec:
  selector:
    app: MyApp
  ports:
    - protocol: TCP
      port: 80
      targetPort: 9376
[root@node-21-243 ~]# vi pods.yaml
apiVersion: v1
kind: Pod
metadata:
  name: nginx
  labels:
    app: MyApp
spec:
  containers:
  - name: nginx
    image: nginx
    imagePullPolicy: IfNotPresent
[root@node-21-243 ~]# kubectl create -f pods.yaml
[root@node-21-243 ~]# kubectl create -f services.yaml

如果pods已经存在的话,可以用label命令添加或者修改label:

kubectl label pods nginx app=MyApp

8.在一个pod中创建2个容器,如redis+nginx

[root@node-21-243 ~]# vi pods.yaml
apiVersion: v1
kind: Pod
metadata:
  name: nginx
  labels:
    app: MyApp
spec:
  containers:
  - name: nginx
    image: nginx
    imagePullPolicy: IfNotPresent
  - name: redis
    image: redis
    imagePullPolicy: IfNotPresent
[root@node-21-243 ~]# kubectl create -f pods.yaml

9.找到指定service下的pod中,cpu利用率按高到底排序

kubectl top pods --selector="app=demo" | grep -v NAME | sort -k 2 -nr

10.创建一个简单的daemonset

[root@node-21-243 ~]# vi daemonset.yaml
apiVersion: apps/v1
kind: DaemonSet
metadata:
  name: fluentd-elasticsearch
  namespace: kube-system
  labels:
    k8s-app: fluentd-logging
spec:
  selector:
    matchLabels:
      name: fluentd-elasticsearch
  template:
    metadata:
      labels:
        name: fluentd-elasticsearch
    spec:
      containers:
      - name: fluentd-elasticsearch
        image: quay.io/fluentd_elasticsearch/fluentd:v2.5.2
[root@node-21-243 ~]# kubectl create -f daemonset.yaml

官方:https://kubernetes.io/zh/docs/concepts/workloads/controllers/daemonset/

11.deployment的扩容 ,scale命令

kubectl scale --current-replicas=2 --replicas=3 deployment/mysql

直接kubectl scale --help,就可以看到官方命令案例。

12 创建secret,有一个password字段(手动base64加密),创建两个pod引用该secret,一个用env ,一个用volume来调用

[root@node-21-243 ~]# base64
adminYWRtaW4=
[root@node-21-243 ~]# echo -n admin | base64
YWRtaW4=
[root@node-21-243 ~]# echo -n password | base64
cGFzc3dvcmQ=
[root@node-21-243 ~]# echo -n "password" | base64
cGFzc3dvcmQ=

[root@node-21-243 ~]# vi secret.yaml
apiVersion: v1
data:
  username: YWRtaW4=
  password: MWYyZDFlMmU2N2Rm
kind: Secret
metadata:
  name: mysecret
  namespace: default
type: Opaque
[root@node-21-243 ~]# kubectl create -f secret.yaml

[root@node-21-243 ~]# vi pod.yaml
apiVersion: v1
kind: Pod
metadata:
  name: mypod
spec:
  containers:
  - name: mypod
    image: redis
    volumeMounts:
    - name: foo
      mountPath: "/etc/foo"
      readOnly: true
  volumes:
  - name: foo
    secret:
      secretName: mysecret
[root@node-21-243 ~]# kubectl create -f pod.yaml

[root@node-21-243 ~]# vi pod1.yaml
apiVersion: v1
kind: Pod
metadata:
  name: secret-env-pod
spec:
  containers:
  - name: mycontainer
    image: redis
    env:
      - name: SECRET_USERNAME
        valueFrom:
          secretKeyRef:
            name: mysecret
            key: username
      - name: SECRET_PASSWORD
        valueFrom:
          secretKeyRef:
            name: mysecret
            key: password
  restartPolicy: Never
[root@node-21-243 ~]# kubectl create -f pod1.yaml

官方:https://kubernetes.io/zh/docs/concepts/configuration/secret/

13.先将nginx:1.9的deployment,升级到nginx:1.11,记录下来(—record),然后回滚到1.9

14.使用 nslookup 查看service 和pod的dns

# 查看 dns
$ kubectl run -it --image busybox:1.28.4  dnstest --rm /bin/sh

# 查看 sevice
$ nslookup svc-demo.kube-system.svc.cluster.local

# 查看 pod
# 查看pod ip时,要把1.2.3.4换成1-2-3-4,否则会报错
$ nslookup 1-2-3-4.default.pod.cluster.local

官方:https://kubernetes.io/zh/docs/tasks/debug-application-cluster/debug-service/

15.etcdctl 来 备份etcd

ETCDCTL_API=3 etcdctl --cacert=/opt/kubernetes/ssl/ca.pem --cert=/opt/kubernetes/ssl/server.pem --key=/opt/kubernetes/ssl/server-key.pem --endpoints=https://192.168.1.36:2379 snapshot save date.db

官方:https://kubernetes.io/docs/tasks/administer-cluster/configure-upgrade-etcd/

16.static pod 的使用

mkdir /etc/kubelet.d/
cat <<EOF >/etc/kubelet.d/static-web.yaml
apiVersion: v1
kind: Pod
metadata:
  name: static-web
  labels:
    role: myrole
spec:
  containers:
    - name: web
      image: nginx
      ports:
        - name: web
          containerPort: 80
          protocol: TCP
EOF

#配置这个节点上的 kubelet,使用这个参数执行 --pod-manifest-path=/etc/kubelet.d/。 在 Fedora 上编辑 /etc/kubernetes/kubelet 以包含下行:
KUBELET_ARGS="--cluster-dns=10.254.0.10 --cluster-domain=kube.local --pod-manifest-path=/etc/kubelet.d/"

systemctl restart kubelet

17.在一个新的namespace创建pod

[root@node-21-243 ~]# kubectl create namespace my-namespace
[root@node-21-243 ~]# vi pods.yaml
apiVersion: v1
kind: Pod
metadata:
  name: nginx
  namespace: my-namespace
  labels:
    app: MyApp
spec:
  containers:
  - name: nginx
    image: nginx
    imagePullPolicy: IfNotPresent
  - name: redis
    image: redis
    imagePullPolicy: IfNotPresent
[root@node-21-243 ~]# kubectl create -f pods.yaml

18.pv 类型 hostpath 位置在/data,大小为1G, readonly 模式

[root@node-21-243 ~]# vi PersistentVolume.yaml
apiVersion: v1
kind: PersistentVolume
metadata:
  name: example-pv
spec:
  capacity:
    storage: 1Gi
  volumeMode: Filesystem
  accessModes:
  - ReadOnlyMany
  persistentVolumeReclaimPolicy: Delete
  storageClassName: local-storage
  local:
    path: /data
[root@node-21-243 ~]# kubectl create -f PersistentVolume.yaml

官方:https://kubernetes.io/docs/concepts/storage/volumes/

19.给pod创建service

[root@node-21-243 ~]# vi services.yaml
apiVersion: v1
kind: Service
metadata:
  name: my-service
spec:
  selector:
    app: MyApp
  ports:
    - protocol: TCP
      port: 80
      targetPort: 9376
[root@node-21-243 ~]# kubectl create -f services.yaml

20.使用node selector,选择disk为ssd的机器调度

[root@node-21-243 ~]# kubectl label node node-21-243 disk=ssd
node/node-21-243 labeled

[root@node-21-243 ~]# vi pods.yaml
apiVersion: v1
kind: Pod
metadata:
  name: nginx
  labels:
    env: test
spec:
  containers:
  - name: nginx
    image: nginx
    imagePullPolicy: IfNotPresent
  nodeSelector:
    disk: ssd
[root@node-21-243 ~]# kubectl create -f pods.yaml

21.把一个node弄成unavailable 并且把上边的pod重新调度去新的node上

 kubectl drain ${node-name} --delete-local-data=true --ignore-daemonsets=true
 
 kubectl drain ${node-name} --force

使用中最重要的两东西,一个是kubelet explain,一个是后面加--help。

参考链接:
https://cloud.tencent.com/developer/article/1638808

posted @ 2022-01-06 11:19  红雨520  阅读(211)  评论(0编辑  收藏  举报