kubectl详解
kubectl是目前管理k8s集群的最强利器.所有对集群的控制和管理都可以通个kubectl进行.
通过kubectl --help查看帮助信息。
更多信息请访问: https://kubernetes.io/docs/reference/kubectl/overview/
基本命令(初级): create 创建一个新的资源从一个文件或者stdin expose 获取replication controller,service,deployment和pod,并将其作为一个新的服务. run 在集群内运行特定镜像. set 在对象上设置特定功能 run-container 在集群上运行特定镜像,已被run替代 基本命令(中级): get 现实一个或多个资源 explain 资源文档 edit 编辑服务器上的资源 delete 按照文件名称,标准输入,资源和名称来刪除资源,还可以通过资源和标签选择器 部署命令: rollout 管理资源的部署 rolling-update 执行给定的ReplicationController的滚动更新 scale 为Deployment,ReplicaSet,Replication等控制器设置一个新的大小或者任务 autoscale 自动扩展 Deployment, ReplicaSet, 或 ReplicationController 集群管理命令: certificate 修改证书资源 cluster-info 显示集群信息 top 显示资源 (CPU/Memory/Storage)使用情况 cordon 将节点标记为不可调度 uncordon 将节点标记为可调度 drain 节点准备维护 taint 更新一个或多个节点上的错误 故障排除与调试命令: describe 显示特定资源或资源组的详细信息 logs 打印pod中容器的日志 attach 进入正在运行的容器 exec 在容器中执行命令 port-forward 将一个或多个本地端口转发到pod proxy 运行代理到kubernetes的API Server cp 从容器中复制一个文件或者目录 auth 检查授权 高级命令: apply 通过filename或stdin将配置应用到资源 patch 更新资源的字段,通过策略合并 replace 用filename或stdin替换资源 convert 在不同的API版本之间转换配置文件 配置命令: label 为资源更新标签 annotate 为资源更新注释 completion 输出指定shell的shell代码(bash or zsh) 其它命令: api-versions 输出服务器支持的API版本 config 修改kubeconfig配置文件 help 查看帮助信息 plugin 运行命令行插件 version 打印客户端和服务端的版本信息
当然也可以通过 kubectl config --help类似命令查看子命令:
修改kubeconfig文件中的数据. The loading order follows these rules: 1. If the --kubeconfig flag is set, then only that file is loaded. The flag may only be set once and no merging takes place. 2. If $KUBECONFIG environment variable is set, then it is used a list of paths (normal path delimitting rules for your system). These paths are merged. When a value is modified, it is modified in the file that defines the stanza. When a value is created, it is created in the first file that exists. If no files in the chain exist, then it creates the last file in the list. 3. Otherwise, ${HOME}/.kube/config is used and no merging takes place. 可用命令: current-context 显示当前contexts delete-cluster 从kubeconfig中刪除指定的集群 delete-context 从kubeconfig中刪除指定的上下文 get-clusters 显示kubeconfig中定义的集群 get-contexts 描述一个或多个contexts rename-context 在kubeconfig中给一个context改名 set 在kubeconfig中设置单个值 set-cluster 在kubeconfig中设置一个集群 set-context 在kubeconfig中设置一个context set-credentials 在kubeconfig中设置一个用户 unset 取消设置 use-context 在kubeconfig中设置current-context view 显示合并后的kubeconfig设置或指定kubeconfig文件
kubectl的命令可以分为三类:
1.集群访问配置:kubectl config
配置kubectl管理的kubernetes集群的配置信息,与Linux中的命令行不同的是,命令行的设置直接操控文件.
(1)kubectl config view:查看当前节点的kubeconfig配置信息.
kubernetes可以有多个集群,一个集群又可以配置无数过service,多层级有利于梳理计算机资源。
打印文件的内容,密钥数据省略.
root@VM-16-6-ubuntu:~# cat /etc/kubernetes/admin.conf apiVersion: v1 clusters: - cluster: certificate-authority-data: ... server: https://148.70.251.10:6443 name: kubernetes contexts: - context: cluster: kubernetes user: kubernetes-admin name: kubernetes-admin@kubernetes current-context: kubernetes-admin@kubernetes kind: Config preferences: {} users: - name: kubernetes-admin user: client-certificate-data: ... client-key-data: ...
通过kubectl config view可以查看的相同的信息.
root@VM-16-6-ubuntu:~# kubectl config view apiVersion: v1 clusters: - cluster: certificate-authority-data: REDACTED server: https://148.70.251.10:6443 name: kubernetes contexts: - context: cluster: kubernetes user: kubernetes-admin name: kubernetes-admin@kubernetes current-context: kubernetes-admin@kubernetes kind: Config preferences: {} users: - name: kubernetes-admin user: client-certificate-data: REDACTED client-key-data: REDACTED
(2)kubectl config set-cluster:添加集群
root@VM-16-6-ubuntu:~# kubectl config set-cluster k8s1 --server=https://1.2.3.4 Cluster "k8s1" set.
查看配置文件:
root@VM-16-6-ubuntu:~# head -5 /etc/kubernetes/admin.conf apiVersion: v1 clusters: - cluster: server: https://1.2.3.4 name: k8s1
确认已经写入了配置文件.
root@VM-16-6-ubuntu:~# kubectl config view apiVersion: v1 clusters: - cluster: server: https://1.2.3.4 name: k8s1 - cluster: certificate-authority-data: REDACTED server: https://148.70.251.10:6443 name: kubernetes contexts: - context: cluster: kubernetes user: kubernetes-admin name: kubernetes-admin@kubernetes current-context: kubernetes-admin@kubernetes kind: Config preferences: {} users: - name: kubernetes-admin user: client-certificate-data: REDACTED client-key-data: REDACTED
(3)kubectl config get-clusters:查看kubeconfig中所有的cluster
root@VM-16-6-ubuntu:~# kubectl config get-clusters NAME k8s1 kubernetes
(4)kubectl config delete-cluster:刪除某个cluster
root@VM-16-6-ubuntu:~# kubectl config delete-cluster k8s1 deleted cluster k8s1 from /etc/kubernetes/admin.conf root@VM-16-6-ubuntu:~# kubectl config get-clusters NAME kubernetes
(5)kubectl config get-context:获取所有的context
kubernetes中context类似“用户”的意思,这是多租户使用的的前提。
root@VM-16-6-ubuntu:~# kubectl config current-context kubernetes-admin@kubernetes
(6)kubectl config set-context:添加一个context
root@VM-16-6-ubuntu:~# kubectl config set-context admin1@k8s1 --user=admin1 Context "admin1@k8s1" created. root@VM-16-6-ubuntu:~# kubectl config get-contexts CURRENT NAME CLUSTER AUTHINFO NAMESPACE admin1@k8s1 admin1 * kubernetes-admin@kubernetes kubernetes kubernetes-admin
(7)kubectl config delete-context:刪除一个context
root@VM-16-6-ubuntu:~# kubectl config delete-context admin1@k8s1 deleted context admin1@k8s1 from /etc/kubernetes/admin.conf root@VM-16-6-ubuntu:~# kubectl config get-contexts CURRENT NAME CLUSTER AUTHINFO NAMESPACE * kubernetes-admin@kubernetes kubernetes kubernetes-admin
(8)kubectl config current-context:查看当前所使用的context
root@VM-16-6-ubuntu:~# kubectl config current-context kubernetes-admin@kubernetes
(9)kubectl config use-context:切换context
root@VM-16-6-ubuntu:~# kubectl config set-context admin1@k8s1 --user=admin1 Context "admin1@k8s1" created. root@VM-16-6-ubuntu:~# kubectl config use-context admin1@k8s1 Switched to context "admin1@k8s1". root@VM-16-6-ubuntu:~# kubectl config current-context admin1@k8s1
(10)kubectl config set-credentials:添加一个用户
root@VM-16-6-ubuntu:~# kubectl config set-credentials admin1 --username=admin1 --password=abcd User "admin1" set.
在kubeconfig中可以看到如下信息:
users: - name: admin1 user: password: abcd username: admin1
2.集群控制:kubectl create/apply/delete/label/edit/expose/scale
(1)kubectl create:创建pod
编写配置文件:
apiVersion: apps/v1 kind: Deployment metadata: name: deployment-example spec: replicas: 2 selector: matchLabels: app: nginx template: metadata: labels: app: nginx spec: containers: - name: nginx image: nginx:1.10
集群创建以及查看:
root@VM-16-6-ubuntu:~/test# kubectl create -f nginx-deployment.yaml deployment.apps "deployment-example" created root@VM-16-6-ubuntu:~/test# kubectl get pods NAME READY STATUS RESTARTS AGE deployment-example-9956dd665-prkn9 0/1 ContainerCreating 0 44s deployment-example-9956dd665-wwbvr 0/1 ContainerCreating 0 44s root@VM-16-6-ubuntu:~/test# kubectl get pods NAME READY STATUS RESTARTS AGE deployment-example-9956dd665-prkn9 1/1 Running 0 4m deployment-example-9956dd665-wwbvr 1/1 Running 0 4m #显示标签信息: root@VM-16-6-ubuntu:~/test# kubectl get pods --show-labels NAME READY STATUS RESTARTS AGE LABELS deployment-example-9956dd665-prkn9 1/1 Running 0 13m app=nginx,pod-template-hash=551288221 deployment-example-9956dd665-wwbvr 1/1 Running 0 13m app=nginx,pod-template-hash=551288221
(2)给pod打标签
root@VM-16-6-ubuntu:~/test# kubectl label pods/deployment-example-9956dd665-wwbvr status=healthy pod "deployment-example-9956dd665-wwbvr" labeled root@VM-16-6-ubuntu:~/test# kubectl get pods --show-labels NAME READY STATUS RESTARTS AGE LABELS deployment-example-9956dd665-prkn9 1/1 Running 0 14m app=nginx,pod-template-hash=551288221 deployment-example-9956dd665-wwbvr 1/1 Running 0 14m app=nginx,pod-template-hash=551288221,status=healthy
(3)编辑pod的配置文件
root@VM-16-6-ubuntu:~/test# kubectl edit deployment/deployment-example deployment.extensions "deployment-example" edited
这个文件属于临时文件,现在将pod中的容器数量replicas变更为4。
查看pods信息:
root@VM-16-6-ubuntu:~/test# kubectl get pods --show-labels NAME READY STATUS RESTARTS AGE LABELS deployment-example-9956dd665-jpbvw 1/1 Running 0 10s app=nginx,pod-template-hash=551288221 deployment-example-9956dd665-pmng2 1/1 Running 0 10s app=nginx,pod-template-hash=551288221 deployment-example-9956dd665-prkn9 1/1 Running 0 17m app=nginx,pod-template-hash=551288221 deployment-example-9956dd665-wwbvr 1/1 Running 0 17m app=nginx,pod-template-hash=551288221,status=healthy
(4)使用kubectl scale也可以操作pod的yaml文件配置
直接修改配置文件的内容,而不需要打开文件。
root@VM-16-6-ubuntu:~/test# kubectl scale --replicas=10 deployment/deployment-example deployment.extensions "deployment-example" scaled root@VM-16-6-ubuntu:~/test# kubectl get pods --show-labels NAME READY STATUS RESTARTS AGE LABELS deployment-example-9956dd665-246zt 1/1 Running 0 8s app=nginx,pod-template-hash=551288221 deployment-example-9956dd665-424r4 1/1 Running 0 8s app=nginx,pod-template-hash=551288221 deployment-example-9956dd665-jpbvw 1/1 Running 0 14m app=nginx,pod-template-hash=551288221 deployment-example-9956dd665-pdcff 1/1 Running 0 8s app=nginx,pod-template-hash=551288221 deployment-example-9956dd665-pmng2 1/1 Running 0 14m app=nginx,pod-template-hash=551288221 deployment-example-9956dd665-prkn9 1/1 Running 0 32m app=nginx,pod-template-hash=551288221 deployment-example-9956dd665-rwq8t 1/1 Running 0 8s app=nginx,pod-template-hash=551288221 deployment-example-9956dd665-tnk99 1/1 Running 0 8s app=nginx,pod-template-hash=551288221 deployment-example-9956dd665-vsbqk 1/1 Running 0 8s app=nginx,pod-template-hash=551288221 deployment-example-9956dd665-wwbvr 1/1 Running 0 32m app=nginx,pod-template-hash=551288221,status=healthy
(5)通过kubectl apply恢复原始配置
root@VM-16-6-ubuntu:~/test# kubectl apply -f nginx-deployment.yaml Warning: kubectl apply should be used on resource created by either kubectl create --save-config or kubectl apply deployment.apps "deployment-example" configured root@VM-16-6-ubuntu:~/test# kubectl get pods --show-labels NAME READY STATUS RESTARTS AGE LABELS deployment-example-9956dd665-246zt 0/1 Terminating 0 3m app=nginx,pod-template-hash=551288221 deployment-example-9956dd665-424r4 0/1 Terminating 0 3m app=nginx,pod-template-hash=551288221 deployment-example-9956dd665-jpbvw 0/1 Terminating 0 17m app=nginx,pod-template-hash=551288221 deployment-example-9956dd665-pdcff 0/1 Terminating 0 3m app=nginx,pod-template-hash=551288221 deployment-example-9956dd665-pmng2 0/1 Terminating 0 17m app=nginx,pod-template-hash=551288221 deployment-example-9956dd665-prkn9 1/1 Running 0 35m app=nginx,pod-template-hash=551288221 deployment-example-9956dd665-rwq8t 1/1 Terminating 0 3m app=nginx,pod-template-hash=551288221 deployment-example-9956dd665-vsbqk 0/1 Terminating 0 3m app=nginx,pod-template-hash=551288221 deployment-example-9956dd665-wwbvr 1/1 Running 0 35m app=nginx,pod-template-hash=551288221,status=healthy root@VM-16-6-ubuntu:~/test# kubectl get pods --show-labels NAME READY STATUS RESTARTS AGE LABELS deployment-example-9956dd665-246zt 0/1 Terminating 0 3m app=nginx,pod-template-hash=551288221 deployment-example-9956dd665-jpbvw 0/1 Terminating 0 17m app=nginx,pod-template-hash=551288221 deployment-example-9956dd665-pdcff 0/1 Terminating 0 3m app=nginx,pod-template-hash=551288221 deployment-example-9956dd665-prkn9 1/1 Running 0 35m app=nginx,pod-template-hash=551288221 deployment-example-9956dd665-rwq8t 0/1 Terminating 0 3m app=nginx,pod-template-hash=551288221 deployment-example-9956dd665-wwbvr 1/1 Running 0 35m app=nginx,pod-template-hash=551288221,status=healthy root@VM-16-6-ubuntu:~/test# kubectl get pods --show-labels NAME READY STATUS RESTARTS AGE LABELS deployment-example-9956dd665-prkn9 1/1 Running 0 35m app=nginx,pod-template-hash=551288221 deployment-example-9956dd665-wwbvr 1/1 Running 0 35m app=nginx,pod-template-hash=551288221,status=healthy
(6)通过kubectl delete删除pod
root@VM-16-6-ubuntu:~/test# kubectl delete -f nginx-deployment.yaml deployment.apps "deployment-example" deleted root@VM-16-6-ubuntu:~/test# kubectl get pods --show-labels NAME READY STATUS RESTARTS AGE LABELS deployment-example-9956dd665-prkn9 0/1 Terminating 0 37m app=nginx,pod-template-hash=551288221 root@VM-16-6-ubuntu:~/test# kubectl get pods --show-labels No resources found.
3.集群查看和问题调试:kubectl get/describe/logs/exec/attach
(1)kubectl get:获取对象的信息,可以是pod、node等
root@VM-16-6-ubuntu:~/test# kubectl get pods NAME READY STATUS RESTARTS AGE deployment-example-9956dd665-2ksc4 1/1 Running 0 10m deployment-example-9956dd665-rdwwc 1/1 Running 0 10m root@VM-16-6-ubuntu:~/test# kubectl get nodes NAME STATUS ROLES AGE VERSION vm-0-3-ubuntu Ready <none> 2d v1.10.2 vm-16-6-ubuntu Ready master 2d v1.10.2 vm-16-8-ubuntu Ready <none> 2d v1.10.2
(2)kubeadm descrbe:查看特定资源或资源组的描述信息
root@VM-16-6-ubuntu:~/test# kubectl describe pods/deployment-example-9956dd665-rdwwc Name: deployment-example-9956dd665-rdwwc Namespace: default Node: vm-16-8-ubuntu/172.27.16.8 Start Time: Fri, 21 Jun 2019 22:32:45 +0800 Labels: app=nginx pod-template-hash=551288221 Annotations: <none> Status: Running IP: 192.168.20.1 Controlled By: ReplicaSet/deployment-example-9956dd665 Containers: nginx: Container ID: docker://dd4f3ca81bbc5e6dc56f33d3c3bdb1700212e65a6024956e2bf45fc81614ee42 Image: nginx:1.10 Image ID: docker-pullable://nginx@sha256:6202beb06ea61f44179e02ca965e8e13b961d12640101fca213efbfd145d7575 Port: <none> Host Port: <none> State: Running Started: Fri, 21 Jun 2019 22:32:46 +0800 Ready: True Restart Count: 0 Environment: <none> Mounts: /var/run/secrets/kubernetes.io/serviceaccount from default-token-44qwv (ro) Conditions: Type Status Initialized True Ready True PodScheduled True Volumes: default-token-44qwv: Type: Secret (a volume populated by a Secret) SecretName: default-token-44qwv Optional: false QoS Class: BestEffort Node-Selectors: <none> Tolerations: node.kubernetes.io/not-ready:NoExecute for 300s node.kubernetes.io/unreachable:NoExecute for 300s Events: Type Reason Age From Message ---- ------ ---- ---- ------- Normal Scheduled 50s default-scheduler Successfully assigned deployment-example-9956dd665-rdwwc to vm-16-8-ubuntu Normal SuccessfulMountVolume 50s kubelet, vm-16-8-ubuntu MountVolume.SetUp succeeded for volume "default-token-44qwv" Normal Pulled 49s kubelet, vm-16-8-ubuntu Container image "nginx:1.10" already present on machine Normal Created 49s kubelet, vm-16-8-ubuntu Created container Normal Started 49s kubelet, vm-16-8-ubuntu Started container
(3)kubeadm exec在容器内执行命令
root@VM-16-6-ubuntu:~/test# kubectl exec deployment-example-9956dd665-rdwwc -- cat /etc/nginx/nginx.conf user nginx; worker_processes 1; error_log /var/log/nginx/error.log warn; pid /var/run/nginx.pid; events { worker_connections 1024; } http { include /etc/nginx/mime.types; default_type application/octet-stream; log_format main '$remote_addr - $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; access_log /var/log/nginx/access.log main; sendfile on; #tcp_nopush on; keepalive_timeout 65; #gzip on; include /etc/nginx/conf.d/*.conf; }
(4)kubectl logs查看容器的日志输出
root@VM-16-6-ubuntu:~/test# kubectl logs pods/deployment-example-9956dd665-rdwwc
使用-f参数可以查看实时日志输出。
(5)kubectl attach进入到容器内部
root@VM-16-6-ubuntu:~/test# kubectl attach deployment-example-9956dd665-rdwwc
