kubectl命令行管理工具
run命令
kubectl run --help 查看run命名选项参数 Usage: kubectl run NAME --image=image [--env="key=value"] [--port=port] [root@localhost ~]# kubectl run nginx-deployment --image=nginx --port=80 --replicas=3 #创建pod 命名为nginx-deployment 以官方源上的nginx镜像 端口80 创建3个副本 kubectl run --generator=deployment/apps.v1 is DEPRECATED and will be removed in a future version. Use kubectl run --generator=run-pod/v1 or kubectl create instead.#在以后的新版本这个命令将会取消 deployment.apps/nginx-deployment created
get命令
[root@localhost ~]# kubectl get pods #得到当前所有的pod NAME READY STATUS RESTARTS AGE nginx-7cdbd8cdc9-frqzp 1/1 Running 2 5d22h nginx-deployment-66874d484-5h678 1/1 Running 0 3m47s nginx-deployment-66874d484-m6b6m 1/1 Running 0 3m47s nginx-deployment-66874d484-s4qth 1/1 Running 0 3m47s [root@localhost ~]# kubectl get all #获取pod所有详细信息 # kubectl get pods,deploy,replicaset,service 也可以单独指定其中某个 NAME READY STATUS RESTARTS AGE pod/nginx-7cdbd8cdc9-frqzp 1/1 Running 2 5d22h pod/nginx-deployment-66874d484-5h678 1/1 Running 0 6m34s pod/nginx-deployment-66874d484-m6b6m 1/1 Running 0 6m34s pod/nginx-deployment-66874d484-s4qth 1/1 Running 0 6m34s NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE service/kubernetes ClusterIP 10.0.0.1 <none> 443/TCP 5d22h NAME READY UP-TO-DATE AVAILABLE AGE deployment.apps/nginx 1/1 1 1 5d22h deployment.apps/nginx-deployment 3/3 3 3 6m34s #执行run命令会生成一个deployment deployment是k8s的默认控制器 NAME DESIRED CURRENT READY AGE NAME DESIRED CURRENT READY AGE replicaset.apps/nginx-7cdbd8cdc9 1 1 1 5d22h replicaset.apps/nginx-deployment-66874d484 3 3 3 6m34s #会创建replicaset 管理副本 [root@localhost ~]# [root@localhost ~]# kubectl get pods,deploy #显示pods 和deploy NAME READY STATUS RESTARTS AGE pod/nginx-7cdbd8cdc9-frqzp 1/1 Running 2 5d22h pod/nginx-deployment-66874d484-5h678 1/1 Running 0 13m pod/nginx-deployment-66874d484-m6b6m 1/1 Running 0 13m pod/nginx-deployment-66874d484-s4qth 1/1 Running 0 13m NAME READY UP-TO-DATE AVAILABLE AGE deployment.extensions/nginx 1/1 1 1 5d22h deployment.extensions/nginx-deployment 3/3 3 3 13m [root@localhost ~]#
通过kubectl来部署一个应用(一个生命周期)
1、创建 kubectl run nginx --replicas=3 --image=nginx:1.14 --port=80 kubectl get deploy,pods 2、发布 kubectl expose deployment nginx --port=80 --type=NodePort --target-port=80 --name=nginx-service kubectl get service 3、更新 kubectl set image deployment/nginx nginx=nginx:1.15 4、回滚 kubectl rollout history deployment/nginx kubectl rollout undo deployment/nginx 5、删除 kubectl delete deploy/nginx kubectl delete svc/nginx-service
1、创建
[root@localhost ~]# kubectl run nginx --image=nginx:latest --port=80 --replicas=3 kubectl run --generator=deployment/apps.v1 is DEPRECATED and will be removed in a future version. Use kubectl run --generator=run-pod/v1 or kubectl create instead. deployment.apps/nginx created [root@localhost ~]# kubectl get pods NAME READY STATUS RESTARTS AGE nginx-5c65579c5c-qb6mb 1/1 Running 0 4s nginx-5c65579c5c-qm9gj 1/1 Running 0 4s nginx-5c65579c5c-wrq96 1/1 Running 0 4s [root@localhost ~]#
2、发布服务
Usage: kubectl expose (-f FILENAME | TYPE NAME) [--port=port] [--protocol=TCP|UDP|SCTP] [--target-port=number-or-name] [--name=name] [--external-ip=external-ip-of-service] [--type=type] [options] #TYPE NAME --> deployment; nginx --> 就是kubectl run name(eg: 上面的nginx) ;--port=80暴露给外面访问的端口 --target-port 容器的IP ; --name 服务的名字 [root@localhost ~]# kubectl expose deployment nginx --port=80 --type=NodePort --target-port=80 --name=nginx-service service/nginx-service exposed [root@localhost ~]# [root@localhost ~]# kubectl get all #查看 NAME READY STATUS RESTARTS AGE pod/nginx-5c65579c5c-qb6mb 1/1 Running 0 11m pod/nginx-5c65579c5c-qm9gj 1/1 Running 0 11m pod/nginx-5c65579c5c-wrq96 1/1 Running 0 11m NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE service/kubernetes ClusterIP 10.0.0.1 <none> 443/TCP 5d23h service/nginx-service NodePort 10.0.0.27 <none> 80:31404/TCP 5m44s #service服务已创建 NAME READY UP-TO-DATE AVAILABLE AGE deployment.apps/nginx 3/3 3 3 11m NAME DESIRED CURRENT READY AGE replicaset.apps/nginx-5c65579c5c 3 3 3 11m [root@localhost ~]# [root@localhost ~]# kubectl delete svc nginx-service #删除service服务已创建 service "nginx-service" deleted [root@localhost ~]# kubectl get all NAME READY STATUS RESTARTS AGE pod/nginx-5c65579c5c-qb6mb 1/1 Running 0 12m pod/nginx-5c65579c5c-qm9gj 1/1 Running 0 12m pod/nginx-5c65579c5c-wrq96 1/1 Running 0 12m NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE service/kubernetes ClusterIP 10.0.0.1 <none> 443/TCP 5d23h NAME READY UP-TO-DATE AVAILABLE AGE deployment.apps/nginx 3/3 3 3 12m NAME DESIRED CURRENT READY AGE replicaset.apps/nginx-5c65579c5c 3 3 3 12m [root@localhost ~]# [root@localhost ~]# kubectl expose deployment nginx --port=8888 --type=NodePort --target-port=80 --name=nginx-service service/nginx-service exposed [root@localhost ~]#
[root@localhost ~]# kubectl api-resources #全称与简写的 例如service == svc NAME SHORTNAMES APIGROUP NAMESPACED KIND bindings true Binding componentstatuses cs false ComponentStatus configmaps cm true ConfigMap endpoints ep true Endpoints events ev true Event limitranges limits true LimitRange namespaces ns false Namespace nodes no false Node persistentvolumeclaims pvc true PersistentVolumeClaim persistentvolumes pv false PersistentVolume pods po true Pod podtemplates true PodTemplate replicationcontrollers rc true ReplicationController resourcequotas quota true ResourceQuota secrets true Secret serviceaccounts sa true ServiceAccount services svc true Service mutatingwebhookconfigurations admissionregistration.k8s.io false MutatingWebhookConfiguration validatingwebhookconfigurations admissionregistration.k8s.io false ValidatingWebhookConfiguration customresourcedefinitions crd,crds apiextensions.k8s.io false CustomResourceDefinition apiservices apiregistration.k8s.io false APIService controllerrevisions apps true ControllerRevision daemonsets ds apps true DaemonSet deployments deploy apps true Deployment replicasets rs apps true ReplicaSet statefulsets sts apps true StatefulSet tokenreviews authentication.k8s.io false TokenReview localsubjectaccessreviews authorization.k8s.io true LocalSubjectAccessReview selfsubjectaccessreviews authorization.k8s.io false SelfSubjectAccessReview selfsubjectrulesreviews authorization.k8s.io false SelfSubjectRulesReview subjectaccessreviews authorization.k8s.io false SubjectAccessReview horizontalpodautoscalers hpa autoscaling true HorizontalPodAutoscaler cronjobs cj batch true CronJob jobs batch true Job certificatesigningrequests csr certificates.k8s.io false CertificateSigningRequest leases coordination.k8s.io true Lease events ev events.k8s.io true Event daemonsets ds extensions true DaemonSet deployments deploy extensions true Deployment ingresses ing extensions true Ingress networkpolicies netpol extensions true NetworkPolicy podsecuritypolicies psp extensions false PodSecurityPolicy replicasets rs extensions true ReplicaSet networkpolicies netpol networking.k8s.io true NetworkPolicy poddisruptionbudgets pdb policy true PodDisruptionBudget podsecuritypolicies psp policy false PodSecurityPolicy clusterrolebindings rbac.authorization.k8s.io false ClusterRoleBinding clusterroles rbac.authorization.k8s.io false ClusterRole rolebindings rbac.authorization.k8s.io true RoleBinding roles rbac.authorization.k8s.io true Role priorityclasses pc scheduling.k8s.io false PriorityClass storageclasses sc storage.k8s.io false StorageClass volumeattachments storage.k8s.io false VolumeAttachment [root@localhost ~]#
[root@localhost ~]# kubectl api-versions #查看api的版本 admissionregistration.k8s.io/v1beta1 apiextensions.k8s.io/v1beta1 apiregistration.k8s.io/v1 apiregistration.k8s.io/v1beta1 apps/v1 #代表这个资源组的稳定版 apps/v1beta1 #代表这个资源组的测试版1 apps/v1beta2 #代表这个资源组的测试版2 authentication.k8s.io/v1 authentication.k8s.io/v1beta1 authorization.k8s.io/v1 authorization.k8s.io/v1beta1 autoscaling/v1 autoscaling/v2beta1 autoscaling/v2beta2 batch/v1 batch/v1beta1 certificates.k8s.io/v1beta1 coordination.k8s.io/v1beta1 events.k8s.io/v1beta1 extensions/v1beta1 networking.k8s.io/v1 policy/v1beta1 rbac.authorization.k8s.io/v1 rbac.authorization.k8s.io/v1beta1 scheduling.k8s.io/v1beta1 storage.k8s.io/v1 storage.k8s.io/v1beta1 v1
查看
[root@localhost ~]# kubectl get svc,pods NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE service/kubernetes ClusterIP 10.0.0.1 <none> 443/TCP 5d23h service/nginx-service NodePort 10.0.0.80 <none> 8888:42987/TCP 33s #新建nginx-service 访问这个service 它帮你转发到证书的节点上去 NAME READY STATUS RESTARTS AGE pod/nginx-5c65579c5c-qb6mb 1/1 Running 0 14m pod/nginx-5c65579c5c-qm9gj 1/1 Running 0 14m pod/nginx-5c65579c5c-wrq96 1/1 Running 0 14m [root@localhost ~]# [root@localhost ~]# kubectl get endpoints #查看service 关联后端pod的IP是多少 NAME ENDPOINTS AGE kubernetes 192.168.1.11:6443 5d23h nginx-service 172.17.14.2:80,172.17.14.3:80,172.17.63.3:80 5m35s [root@localhost ~]# kubectl get pods -o wide #查看pod的IP对应宿主机的IP NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES nginx-5c65579c5c-qb6mb 1/1 Running 0 20m 172.17.63.3 192.168.1.12 <none> <none> nginx-5c65579c5c-qm9gj 1/1 Running 0 20m 172.17.14.2 192.168.1.13 <none> <none> nginx-5c65579c5c-wrq96 1/1 Running 0 20m 172.17.14.3 192.168.1.13 <none> <none> [root@localhost ~]# [root@localhost ~]# kubectl get svc NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE kubernetes ClusterIP 10.0.0.1 <none> 443/TCP 6d nginx-service NodePort 10.0.0.80 <none> 8888:42987/TCP 69m #pod的IP端口是80-->暴露的端口是10.0.0.80:8888 ---> 外部访问端口 42987 [root@localhost ~]#
node 192.168.1.12 上 [root@localhost ~]# ipvsadm -l -n #查转发规则 类似负载均衡 轮询 IP Virtual Server version 1.2.1 (size=4096) Prot LocalAddress:Port Scheduler Flags -> RemoteAddress:Port Forward Weight ActiveConn InActConn TCP 127.0.0.1:30001 rr -> 172.17.63.2:8443 Masq 1 0 0 TCP 127.0.0.1:42987 rr #本台机器的42987 外部访问 -> 172.17.14.2:80 Masq 1 0 0 -> 172.17.14.3:80 Masq 1 0 0 -> 172.17.63.3:80 Masq 1 0 0 TCP 172.17.63.0:30001 rr -> 172.17.63.2:8443 Masq 1 0 0 TCP 172.17.63.0:42987 rr -> 172.17.14.2:80 Masq 1 0 0 -> 172.17.14.3:80 Masq 1 0 0 -> 172.17.63.3:80 Masq 1 0 0 TCP 172.17.63.1:30001 rr -> 172.17.63.2:8443 Masq 1 0 0 TCP 172.17.63.1:42987 rr -> 172.17.14.2:80 Masq 1 0 0 -> 172.17.14.3:80 Masq 1 0 0 -> 172.17.63.3:80 Masq 1 0 0 TCP 192.168.1.12:30001 rr -> 172.17.63.2:8443 Masq 1 0 0 TCP 192.168.1.12:42987 rr -> 172.17.14.2:80 Masq 1 0 0 -> 172.17.14.3:80 Masq 1 0 0 -> 172.17.63.3:80 Masq 1 0 0 TCP 10.0.0.1:443 rr -> 192.168.1.11:6443 Masq 1 1 0 TCP 10.0.0.80:8888 rr #10.0.0.80:8888 -> 172.17.14.2:80 Masq 1 0 0 -> 172.17.14.3:80 Masq 1 0 0 #三个pod的IP -> 172.17.63.3:80 Masq 1 0 0 TCP 10.0.0.141:443 rr -> 172.17.63.2:8443 Masq 1 0 0 [root@localhost ~]# http://192.168.1.12:42987/ 或者 http://192.168.1.13:42987/ #可以访问到pod 如果访问出错 可能是node上的kube-proxy服务出问题 [root@localhost ~]# kubectl get pods NAME READY STATUS RESTARTS AGE nginx-5c65579c5c-qb6mb 1/1 Running 0 95m nginx-5c65579c5c-qm9gj 1/1 Running 0 95m nginx-5c65579c5c-wrq96 1/1 Running 0 95m [root@localhost ~]# kubectl logs nginx-5c65579c5c-qb6mb #查看日志 这个节点接收到了请求 2019/09/09 13:40:22 [error] 6#6: *1 open() "/usr/share/nginx/html/favicon.ico" failed (2: No such file or directory), client: 172.17.63.1, server: localhost, request: "GET /favicon.ico HTTP/1.1", host: "192.168.1.12:42987" 172.17.63.1 - - [09/Sep/2019:13:40:21 +0000] "GET / HTTP/1.1" 200 612 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0" "-" 172.17.63.1 - - [09/Sep/2019:13:40:22 +0000] "GET /favicon.ico HTTP/1.1" 404 153 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0" "-" [root@localhost ~]# kubectl logs nginx-5c65579c5c-qm9gj [root@localhost ~]# kubectl logs nginx-5c65579c5c-wrq96 [root@localhost ~]#
3、更新
[root@localhost ~]# kubectl set image deployment/nginx nginx=nginx:1.15 #更换nginx的版本 #重新访问http://192.168.1.12:42987/ 或者 http://192.168.1.13:42987/ 查看请求头找nginx的版本 deployment.extensions/nginx image updated [root@localhost ~]# kubectl get pods -w #实时获取pod更新状态 创建新的 替换旧的 NAME READY STATUS RESTARTS AGE nginx-5c65579c5c-qb6mb 1/1 Running 0 114m nginx-5c65579c5c-qm9gj 1/1 Running 0 114m nginx-5c65579c5c-wrq96 1/1 Running 0 114m nginx-6974f8bfbc-7j7wj 0/1 ContainerCreating 0 12s
4、回滚
[root@localhost ~]# kubectl rollout history deploy/nginx 或者 kubectl rollout history deployment/nginx #查看历史版本 deployment.extensions/nginx REVISION CHANGE-CAUSE 1 <none> 2 <none> [root@localhost ~]# [root@localhost ~]# kubectl rollout undo deployment/nginx #回滚上一个版本 deployment.extensions/nginx rolled back [root@localhost ~]# [root@localhost ~]# kubectl rollout status deployment/nginx #查看回滚状态 deployment "nginx" successfully rolled out [root@localhost ~]#
5、删除 不能直接删除pod 应该删除控制器 例如deployment/nginx
[root@localhost ~]# kubectl delete deploy/nginx #删除控制器 deployment.extensions "nginx" deleted [root@localhost ~]# kubectl delete svc/nginx-service #删除服务 service "nginx-service" deleted [root@localhost ~]# kubectl get deploy No resources found. [root@localhost ~]# kubectl get svc NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE kubernetes ClusterIP 10.0.0.1 <none> 443/TCP 6d1h [root@localhost ~]#
其它命令
[root@localhost ~]# kubectl run nginx --image=nginx --port=80 --replicas=3 #重新创建 kubectl run --generator=deployment/apps.v1 is DEPRECATED and will be removed in a future version. Use kubectl run --generator=run-pod/v1 or kubectl create instead. deployment.apps/nginx created [root@localhost ~]# kubectl describe pod #查看所有pod的详细信息
Name: nginx-57867cc648-d6vk2 Namespace: default Priority: 0 PriorityClassName: <none> Node: 192.168.1.12/192.168.1.12 Start Time: Mon, 09 Sep 2019 22:14:59 +0800 Labels: pod-template-hash=57867cc648 run=nginx Annotations: <none> Status: Running IP: 172.17.63.3 Controlled By: ReplicaSet/nginx-57867cc648 Containers: nginx: Container ID: docker://095175d61212ced90f1c6f1cceb3ab94ba47ec649de22d7c250e7452d19bc24f Image: nginx Image ID: docker-pullable://nginx@sha256:099019968725f0fc12c4b69b289a347ae74cc56da0f0ef56e8eb8e0134fc7911 Port: 80/TCP Host Port: 0/TCP State: Running Started: Mon, 09 Sep 2019 22:15:02 +0800 Ready: True Restart Count: 0 Environment: <none> Mounts: /var/run/secrets/kubernetes.io/serviceaccount from default-token-4zq5b (ro) Conditions: Type Status Initialized True Ready True ContainersReady True PodScheduled True Volumes: default-token-4zq5b: Type: Secret (a volume populated by a Secret) SecretName: default-token-4zq5b Optional: false QoS Class: BestEffort Node-Selectors: <none> Tolerations: node.kubernetes.io/not-ready:NoExecute for 300s node.kubernetes.io/unreachable:NoExecute for 300s Events: Type Reason Age From Message ---- ------ ---- ---- ------- Normal Scheduled 50s default-scheduler Successfully assigned default/nginx-57867cc648-d6vk2 to 192.168.1.12 Normal Pulling 48s kubelet, 192.168.1.12 pulling image "nginx" Normal Pulled 48s kubelet, 192.168.1.12 Successfully pulled image "nginx" Normal Created 48s kubelet, 192.168.1.12 Created container Normal Started 47s kubelet, 192.168.1.12 Started container Name: nginx-57867cc648-gdjhv Namespace: default Priority: 0 PriorityClassName: <none> Node: 192.168.1.13/192.168.1.13 Start Time: Mon, 09 Sep 2019 22:14:59 +0800 Labels: pod-template-hash=57867cc648 run=nginx Annotations: <none> Status: Running IP: 172.17.14.3 Controlled By: ReplicaSet/nginx-57867cc648 Containers: nginx: Container ID: docker://51bcf83200571017c62e480b204c7cdbff8a561aa05aec30caaa9fa495a58323 Image: nginx Image ID: docker-pullable://nginx@sha256:099019968725f0fc12c4b69b289a347ae74cc56da0f0ef56e8eb8e0134fc7911 Port: 80/TCP Host Port: 0/TCP State: Running Started: Mon, 09 Sep 2019 22:15:24 +0800 Ready: True Restart Count: 0 Environment: <none> Mounts: /var/run/secrets/kubernetes.io/serviceaccount from default-token-4zq5b (ro) Conditions: Type Status Initialized True Ready True ContainersReady True PodScheduled True Volumes: default-token-4zq5b: Type: Secret (a volume populated by a Secret) SecretName: default-token-4zq5b Optional: false QoS Class: BestEffort Node-Selectors: <none> Tolerations: node.kubernetes.io/not-ready:NoExecute for 300s node.kubernetes.io/unreachable:NoExecute for 300s Events: Type Reason Age From Message ---- ------ ---- ---- ------- Normal Scheduled 50s default-scheduler Successfully assigned default/nginx-57867cc648-gdjhv to 192.168.1.13 Normal Pulling 25s kubelet, 192.168.1.13 pulling image "nginx" Normal Pulled 25s kubelet, 192.168.1.13 Successfully pulled image "nginx" Normal Created 25s kubelet, 192.168.1.13 Created container Normal Started 25s kubelet, 192.168.1.13 Started container Name: nginx-57867cc648-hhpbm Namespace: default Priority: 0 PriorityClassName: <none> Node: 192.168.1.13/192.168.1.13 Start Time: Mon, 09 Sep 2019 22:14:59 +0800 Labels: pod-template-hash=57867cc648 run=nginx Annotations: <none> Status: Running IP: 172.17.14.2 Controlled By: ReplicaSet/nginx-57867cc648 Containers: nginx: Container ID: docker://c7c5979f03056e7ebc9a64d655754feaf25e0e829d088a957da58253c34292ef Image: nginx Image ID: docker-pullable://nginx@sha256:099019968725f0fc12c4b69b289a347ae74cc56da0f0ef56e8eb8e0134fc7911 Port: 80/TCP Host Port: 0/TCP State: Running Started: Mon, 09 Sep 2019 22:15:24 +0800 Ready: True Restart Count: 0 Environment: <none> Mounts: /var/run/secrets/kubernetes.io/serviceaccount from default-token-4zq5b (ro) Conditions: Type Status Initialized True Ready True ContainersReady True PodScheduled True Volumes: default-token-4zq5b: Type: Secret (a volume populated by a Secret) SecretName: default-token-4zq5b Optional: false QoS Class: BestEffort Node-Selectors: <none> Tolerations: node.kubernetes.io/not-ready:NoExecute for 300s node.kubernetes.io/unreachable:NoExecute for 300s Events: Type Reason Age From Message ---- ------ ---- ---- ------- Normal Scheduled 50s default-scheduler Successfully assigned default/nginx-57867cc648-hhpbm to 192.168.1.13 Normal Pulling 26s kubelet, 192.168.1.13 pulling image "nginx" Normal Pulled 25s kubelet, 192.168.1.13 Successfully pulled image "nginx" Normal Created 25s kubelet, 192.168.1.13 Created container Normal Started 25s kubelet, 192.168.1.13 Started container [root@localhost ~]#
[root@localhost ~]# kubectl get pod NAME READY STATUS RESTARTS AGE nginx-57867cc648-d6vk2 1/1 Running 0 2m44s nginx-57867cc648-gdjhv 1/1 Running 0 2m44s nginx-57867cc648-hhpbm 1/1 Running 0 2m44s [root@localhost ~]# kubectl describe pod nginx-57867cc648-d6vk2 查看单个pod [root@localhost ~]# kubectl describe deployment/nginx #查看deployment详细信息 [root@localhost ~]# kubectl exec -it nginx-57867cc648-d6vk2 bash #进入一个pod root@nginx-57867cc648-d6vk2:/#
kubectl patch命令日常用法
