获取K8s节点Shell

登录 Pod 所在节点的 Shell 脚本

 #!/usr/bin/env bash
#
# author: liy
# filename: entry_node.sh
 
if [ $# -lt 1 ];then
    printf "Usage: %s <Pod> [Namespace]\n" "$0"
    printf "    The pod parameter is the name of the target pod that needs to be debugged\n"
    printf "    The namespace paramater is the namespace where the target pod is located\n"
    exit 1
fi
 
for cmd in jq
do
    which $cmd &>/dev/null
    if [ $? -ne 0 ];then
        echo "$cmd command not found"
        exit
    fi
done
 
pod="$1"
namespace="${2:-default}"
nodename="$(kubectl get pod $pod -n $namespace -o json | jq -r '.spec.nodeName')"
cmd='[ "nsenter", "--target", "1", "--mount", "--uts", "--ipc", "--net", "--pid", "--", "bash"]'
container_id="$(kubectl get pod $pod -n $namespace -o json | jq -r '.status.containerStatuses[].containerID')"
container_id="${container_id/containerd:\/\/}"
pod="kube-nodeshell-$(env LC_ALL=C tr -dc a-z0-9 </dev/random | head -c 6)"
template='{"spec": {"nodeName": "'"$nodename"'","hostPID": true,"hostNetwork": true,"containers": [{"securityContext": {"privileged": true},"image": "alpine","name": "nsenter","stdin": true,"stdinOnce": true,"tty": true,"command": '$cmd', "env": [{"name": "container_id", "value": "'"$container_id"'"}]}],"tolerations": [{"operator": "Exists"}]}}'
 
kubectl -n $namespace run --image=docker.m.daocloud.io/alpine:3.15 --restart=Never --rm --overrides="$template" -it $pod

posted @ 2022-06-10 14:08 liy36 阅读(305) 评论(0) 编辑收藏举报

刷新页面返回顶部

登录后才能查看或发表评论，立即登录或者逛逛博客园首页

相关博文：

· 在pod中配置kubectl使用serviceaccount token 访问集群

· 根据端口获取镜像名称

· k8s基础命令

· k8s命令

· k8s 常用命令

阅读排行：
· 全程不用写代码，我用AI程序员写了一个飞机大战
· DeepSeek 开源周回顾「GitHub 热点速览」
· 记一次.NET内存居高不下排查解决与启示
· 物流快递公司核心技术能力-地址解析分单基础技术分享
· .NET 10首个预览版发布：重大改进与新特性概览！

公告

昵称： liy36
园龄： 5年5个月
粉丝： 4
关注： 4

+加关注

2025年3月

日

一

二

三

四

五

六

liy36

获取K8s节点Shell

登录 Pod 所在节点的 Shell 脚本

公告

搜索

常用链接

我的标签

随笔分类

随笔档案

阅读排行榜

推荐排行榜

	#!/usr/bin/env bash
	#
	# author: liy
	# filename: entry_node.sh

	if [ $# -lt 1 ];then
	printf "Usage: %s <Pod> [Namespace]\n" "$0"
	printf " The pod parameter is the name of the target pod that needs to be debugged\n"
	printf " The namespace paramater is the namespace where the target pod is located\n"
	exit 1
	fi

	for cmd in jq
	do
	which $cmd &>/dev/null
	if [ $? -ne 0 ];then
	echo "$cmd command not found"
	exit
	fi
	done

	pod="$1"
	namespace="${2:-default}"
	nodename="$(kubectl get pod $pod -n $namespace -o json \| jq -r '.spec.nodeName')"
	cmd='[ "nsenter", "--target", "1", "--mount", "--uts", "--ipc", "--net", "--pid", "--", "bash"]'
	container_id="$(kubectl get pod $pod -n $namespace -o json \| jq -r '.status.containerStatuses[].containerID')"
	container_id="${container_id/containerd:\/\/}"
	pod="kube-nodeshell-$(env LC_ALL=C tr -dc a-z0-9 </dev/random \| head -c 6)"
	template='{"spec": {"nodeName": "'"$nodename"'","hostPID": true,"hostNetwork": true,"containers": [{"securityContext": {"privileged": true},"image": "alpine","name": "nsenter","stdin": true,"stdinOnce": true,"tty": true,"command": '$cmd', "env": [{"name": "container_id", "value": "'"$container_id"'"}]}],"tolerations": [{"operator": "Exists"}]}}'

	kubectl -n $namespace run --image=docker.m.daocloud.io/alpine:3.15 --restart=Never --rm --overrides="$template" -it $pod