Kubernetes3-kubectl管理Kubernetes容器平台-1
一、简介
1、什么是kubectl
kubectl前面其实已经用到了一些,它其实就是用于操作kubernetes集群的命令行接口,通过kubectl的各种命令实现各种功能
2、环境还是用上一偏文章
3、架构图
二、kubectl-创建/删除一个pod得相关操作
run 运行-在集群上运行一个pod
create 创建-使用文件或标准输入的方式创建一个pod
delete 删除 -使用文件或者标准输入以及资源名称或者标签选择器来删除某个pod
1、先导入镜像
可以提前下载好镜像解决时间
1)、上传到node1/node2
docker.io-nginx.tar
pod-ingrastucture.tar
2)、导入
[root@node1 ~]# docker load -i docker.io-nginx.tar cec7521cdf36: Loading layer [==================================================>] 58.44 MB/58.44 MB 350d50e58b6c: Loading layer [==================================================>] 53.76 MB/53.76 MB 63c39cd4a775: Loading layer [==================================================>] 3.584 kB/3.584 kB Loaded image: docker.io/nginx:latest [root@node1 ~]#
2、run命令
1)语法:
kubectl run NAME --image=[--env="key=value"][--port=port][--replicas=replicas]
如果使用自己的私库使用--image=192.168.216.52:5000/nginx:1.12
2)开始启动
kubectl run nginx --image=docker.io/nginx --replicas=1 --port=9000
[root@master ~]# kubectl run nginx --image=docker.io/nginx --replicas=1 --port=9000 deployment "nginx" created [root@master ~]# kubectl get pod NAME READY STATUS RESTARTS AGE nginx-2187705812-gmktb 0/1 ContainerCreating 0 6s
3)问题1、pod状态一直处于ContainerCreating
状态一直是containercreating,可能镜像有问题
[root@node4 ~]# docker pull registry.access.redhat.com/rhel7/pod-infrastructure Using default tag: latest Trying to pull repository registry.access.redhat.com/rhel7/pod-infrastructure ... open /etc/docker/certs.d/registry.access.redhat.com/redhat-ca.crt: no such file or directory
#---找不到这个文件
[root@node4 ~]# ll /etc/docker/certs.d/ total 0 drwxr-xr-x 2 root root 27 Oct 30 11:23 redhat.com drwxr-xr-x 2 root root 27 Oct 30 11:23 redhat.io drwxr-xr-x 2 root root 27 Oct 30 11:23 registry.access.redhat.com [root@node4 ~]# ll /etc/docker/certs.d/re redhat.com/ redhat.io/ registry.access.redhat.com/ [root@node4 ~]# ll /etc/docker/certs.d/re redhat.com/ redhat.io/ registry.access.redhat.com/ [root@node4 ~]# ll /etc/docker/certs.d/registry.access.redhat.com/ total 0 lrwxrwxrwx 1 root root 27 Oct 30 11:23 redhat-ca.crt -> /etc/rhsm/ca/redhat-uep.pem
#---软链接的是/etc/rhsm/ca/redhat-uep.pem,但实际没有这个文件
4)解决办法1
[root@node1 ~]# wget http://mirror.centos.org/centos/7/os/x86_64/Packages/python-rhsm-certificates-1.19.10-1.el7_4.x86_64.rpm --2019-11-01 12:03:47-- http://mirror.centos.org/centos/7/os/x86_64/Packages/python-rhsm-certificates-1.19.10-1.el7_4.x86_64.rpm Resolving mirror.centos.org (mirror.centos.org)... 160.116.15.22, 103.232.121.196, 2401:78c0::e00e Connecting to mirror.centos.org (mirror.centos.org)|160.116.15.22|:80... connected. HTTP request sent, awaiting response... 200 OK Length: 42188 (41K) [application/x-rpm] Saving to: ‘python-rhsm-certificates-1.19.10-1.el7_4.x86_64.rpm’ 100%[==========================================================================>] 42,188 70.7KB/s in 0.6s 2019-11-01 12:03:48 (70.7 KB/s) - ‘python-rhsm-certificates-1.19.10-1.el7_4.x86_64.rpm’ saved [42188/42188] [root@node1 ~]# rpm2cpio python-rhsm-certificates-1.19.10-1.el7_4.x86_64.rpm | cpio -iv --to-stdout ./etc/rhsm/ca/redhat-uep.pem | tee /etc/rhsm/ca/redhat-uep.pem ./etc/rhsm/ca/redhat-uep.pem 17 blocks
[root@node1 ~]# docker pull registry.access.redhat.com/rhel7/pod-infrastructure:latest Trying to pull repository registry.access.redhat.com/rhel7/pod-infrastructure ... latest: Pulling from registry.access.redhat.com/rhel7/pod-infrastructure 26e5ed6899db: Pull complete 66dbe984a319: Pull complete 9138e7863e08: Pull complete Digest: sha256:92d43c37297da3ab187fc2b9e9ebfb243c1110d446c783ae1b989088495db931 Status: Downloaded newer image for registry.access.redhat.com/rhel7/pod-infrastructure:late
5)解决办法2
运行 yum update ,这里测试上面一个方法不行,运行update恢复正常
6)在查询pod状态
[root@master ~]# kubectl get pod NAME READY STATUS RESTARTS AGE nginx-2187705812-f9rs1 1/1 Running 0 1m [root@master ~]#
3、删除操作
kubectl delete pod 名称
kubectl delete deployment 运行指定的镜像名称
1)删除pod并不能切底删除,因为运行run命令使用了--replicas=1
[root@master ~]# kubectl delete pod nginx-2187705812-t7q3t
#只是删除了这个镜像,但是触发了replicas的保护机制,所以需要删除deployment pod "nginx-2187705812-t7q3t" deleted [root@master ~]# kubectl get pod NAME READY STATUS RESTARTS AGE nginx-2187705812-0vkvm 0/1 ContainerCreating 0 8s
2)删除deployment
[root@master ~]# kubectl delete deployment nginx deployment "nginx" deleted
[root@master ~]# kubectl get pod
No resources found.
三、了解yaml语法
1、YAML的设计目标就是方便人类读写,它其实是一种通用的数据串行化格式
2、yaml配置文件常见单词:
3、基本语法规则
- 大小写敏感
- 使用缩进表示层级关系
- 缩进时不允许使用tab键,只允许使用空格
- 缩进的空格数目不重要,只要相同级的元素左侧对齐即可
- #表示注释,从这个字符一直到行尾,都会被解析器忽略
- 在yaml里面,连续的项目(如:数组元素、集合元素)通过减号“-”来表示,map结构里面的键值对(key/value)用冒号“:”来分割。
4、YAML支持三种数据结构
对象:键值对的集合,又称为映射(mapping)/哈希(hashes)/字典(dictionary)
数组:一组按次序排列的值,又称序列(sequence)/列表(list)
纯量(scalars):单个的、不可再分的值
5、数据结构--对象
对象的一组键值对,使用冒号结构表示
1:a
yaml也允许另一种写法,将所有键值对写成一个行内对象
hash:
name:1
foo:bar
或hash:{name:1,foo:bar}
6、数组
一组连词线开头的行,构成一个数组
-Cat
-Dog
-Goldfish
转为JavaScript如下
[['Cat','Dog','Goldfish']]
数组也可以采用行内表示法
animal:[Cat,Dog]
转为javaScript如下
{animal:['Cat','Dog']}
7、复合结构
对象和数组可以结合使用,形成复合结构
格式如下:
对象 :
对象:
对象:键值
对象:
- 数组
- 数组
例:BAT
vim bat.yaml bat: website: baidu: http://www.baidu.com qq: http://www.qq.com ali: - http://www.taobao.com - http://www.tmall.com ceo: yanhongli: 李彦宏 huatengma: 马化腾 yunma: 马云
8、纯量
纯量是最基本的、不可拆分的值。如:字符串、布尔值、整数、浮点数、Null、时间、日期等
例子
number:12.30
四、kuberctl create 加载yaml文件生产deployment
使用kubectl run在设定复杂需求时,需要非常长的一条语句,比较容易出错,无法保存等缺点,所以在更多场景下都会使用yaml或者json文件
1、生成mysql-deployment.yaml文件:
这里已经自行下载mysql镜像,没有镜像的小伙伴可以自行下载
docker导入镜像
[root@node1 ~]# docker load -i docker.io-mysql-mysql-server.tar [root@node2 ~]# docker load -i docker.io-mysql-mysql-server.tar
vim mysql-deployment.yaml
这个文件可以自行创建
[root@master ~]# vim mysql-deployment.yaml kind: Deployment
#---使用Deploment创建一个pod,旧版本k8s可使用kind:ReplicationController apiVersion: extensions/v1beta1
#---api版本 metadata: name: mysql
#---deployment名称,全局唯一 spec: replicas: 1
#---pod副本数量为1
template: metadata: labels:
#---符合目标的pod拥有此标签,默认和name值一样 name: mysql
#定义pod的名称时mysql spec: containers:
#pod中容器的定义部分 - name: mysql #容器的名称时mysql
image: docker.io/mysql/mysql-server
#容器对应的docker image镜像 imagePullPolicy: IfNotPresent
#默认值为:imagePullPolicy:Always一直从外网,IfNotPresent如果本地又镜像优先本地镜像,加快启动速度
ports:
- containerPort: 3306
protocol: TCP
#---暴露的端口和协议
env:
#---注入到容器的环境变量,这里设置root密码
- name: MYSQL_ROOT_PASSWORD
value: "111111"
2、xxx-deployment.yaml的文件结构
通过上面配置文件可知:
Deployment 的定义
pod的定义
容器的定义
3、创建mysql资源
kubectl create -f mysql-deployment.yaml
[root@master ~]# kubectl create -f mysql-deployment.yaml deployment "mysql" created [root@master ~]# [root@master ~]# [root@master ~]# [root@master ~]# kubectl get pod NAME READY STATUS RESTARTS AGE mysql-1971774246-2f905 1/1 Running 0 14s nginx-2187705812-f9rs1 1/1 Running 0 1d [root@master ~]#
另外可以多个yaml文件同时创建,只需要放在同一目录创建的时候使用目录即可
kubectl create -f yamls/
五、使用get参数查看pod/deployment详情
1、kubectl get pod #---查看pod状态等信息
2、kubectl get deployment #---查看deployment状态
3、kubectl get pod -o wide #--查看在哪台节点及此pod集群ip是多少
4、例子
[root@master ~]# kubectl get pod NAME READY STATUS RESTARTS AGE mysql-1971774246-2f905 1/1 Running 0 14s nginx-2187705812-f9rs1 1/1 Running 0 1d [root@master ~]# kubectl get deployment NAME DESIRED CURRENT UP-TO-DATE AVAILABLE AGE mysql 1 1 1 1 3m nginx 1 1 1 1 1d [root@master ~]# kubectl get pod -o wide NAME READY STATUS RESTARTS AGE IP NODE mysql-1971774246-2f905 1/1 Running 0 3m 10.255.36.2 node2 nginx-2187705812-f9rs1 1/1 Running 0 1d 10.255.41.2 node1 [root@master ~]# ping 10.255.36.2 PING 10.255.36.2 (10.255.36.2) 56(84) bytes of data. 64 bytes from 10.255.36.2: icmp_seq=1 ttl=61 time=1.81 ms 64 bytes from 10.255.36.2: icmp_seq=2 ttl=61 time=1.88 ms ^C --- 10.255.36.2 ping statistics --- 2 packets transmitted, 2 received, 0% packet loss, time 1001ms rtt min/avg/max/mdev = 1.812/1.848/1.884/0.036 ms [root@master ~]# ping 10.255.41.2 PING 10.255.41.2 (10.255.41.2) 56(84) bytes of data. 64 bytes from 10.255.41.2: icmp_seq=1 ttl=61 time=2.76 ms 64 bytes from 10.255.41.2: icmp_seq=2 ttl=61 time=0.899 ms ^C --- 10.255.41.2 ping statistics --- 2 packets transmitted, 2 received, 0% packet loss, time 1001ms rtt min/avg/max/mdev = 0.899/1.832/2.765/0.933 ms [root@master ~]#
注意:master可以ping通pod的ip地址,因为此地址是flannel定义的网段,master、node、pod、docker、container它们之间都是使用flannel分配的地址,flannel隧道把物理上分开的主机和容器,链接在一个局域网中
5、get命令能够确认的信息类别:
deployments(缩写deploy)
events(缩写 ev)
namespaces(缩写 ns)
nodes(缩写 no)
pods(缩写 po)
replicasets(缩写 rs)
replicationcontrollers(缩写 rc)
services(缩写 svc)
详细可以查看:Find more information at ⟨https://github.com/kubernetes/kubernetes⟩.
六、describe查看k8s中详细信息
这个命令上一章节也使用过,主要是排错的时候
1、kubectl describe pod pod 名字
pod详情
2、kubectl describe node node 名字
node详情
3、kubectl describe deployment deployment 名字
deployment详情
4、例子
[root@master ~]# kubectl get deployment NAME DESIRED CURRENT UP-TO-DATE AVAILABLE AGE mysql 1 1 1 1 16m nginx 1 1 1 1 1d [root@master ~]# kubectl describe deployment mysql Name: mysql Namespace: default CreationTimestamp: Mon, 04 Nov 2019 03:10:28 +0800 Labels: name=mysql Selector: name=mysql Replicas: 1 updated | 1 total | 1 available | 0 unavailable StrategyType: RollingUpdate MinReadySeconds: 0 RollingUpdateStrategy: 1 max unavailable, 1 max surge Conditions: Type Status Reason ---- ------ ------ Available True MinimumReplicasAvailable OldReplicaSets: <none> NewReplicaSet: mysql-1971774246 (1/1 replicas created) Events: FirstSeen LastSeen Count From SubObjectPath Type Reason Message --------- -------- ----- ---- ------------- -------- ------ ------- 17m 17m 1 {deployment-controller } Normal ScalingReplicaSet Scaled up replica set mysql-1971774246 to 1 [root@master ~]# kubectl get pod NAME READY STATUS RESTARTS AGE mysql-1971774246-2f905 1/1 Running 0 17m nginx-2187705812-f9rs1 1/1 Running 0 1d [root@master ~]# kubectl describe pod mysql-1971774246-2f905 Name: mysql-1971774246-2f905 Namespace: default Node: node2/192.168.216.54 Start Time: Wed, 06 Nov 2019 17:11:41 +0800 Labels: name=mysql pod-template-hash=1971774246 Status: Running IP: 10.255.36.2 Controllers: ReplicaSet/mysql-1971774246 Containers: mysql: Container ID: docker://3f8834c600388a131ac91d54171e124454eace58f1d30a999c30ac42b1726767 Image: docker.io/mysql/mysql-server Image ID: docker://sha256:a3ee341faefb76c6c4c6f2a4c37c513466f5aae891ca2f3cb70fd305b822f8de Port: 3306/TCP State: Running Started: Wed, 06 Nov 2019 17:11:43 +0800 Ready: True Restart Count: 0 Volume Mounts: <none> Environment Variables: MYSQL_ROOT_PASSWORD: 111111 Conditions: Type Status Initialized True Ready True PodScheduled True No volumes. QoS Class: BestEffort Tolerations: <none> Events: FirstSeen LastSeen Count From SubObjectPath Type Reason Message --------- -------- ----- ---- ------------- -------- ------ ------- 17m 17m 1 {default-scheduler } Normal Scheduled Successfully assigned mysql-1971774246-2f905 to node2 <invalid> <invalid> 2 {kubelet node2} Warning MissingClusterDNS kubelet does not have ClusterDNS IP configured and cannot create Pod using "ClusterFirst" policy. Falling back to DNSDefault policy. <invalid> <invalid> 1 {kubelet node2} spec.containers{mysql} Normal Pulled Container image "docker.io/mysql/mysql-server" already present on machine <invalid> <invalid> 1 {kubelet node2} spec.containers{mysql} Normal Created Created container with docker id 3f8834c60038; Security:[seccomp=unconfined] <invalid> <invalid> 1 {kubelet node2} spec.containers{mysql} Normal Started Started container with docker id 3f8834c60038 [root@master ~]#
七、其他常用命令及参数
1、命令说明
logs:取得pod中容器的log信息
exec:在pod中执行一条命令
cp:从容器考出或向容器考入文件
attach:到一个运行中的容器上,实时查看容器消息
2、kubectl logs
使用此条命令取出pod中镜像的log,也可以用于故障排错的重要信息
[root@master ~]# kubectl get pod NAME READY STATUS RESTARTS AGE mysql-1971774246-2f905 1/1 Running 0 35m nginx-2187705812-f9rs1 1/1 Running 0 1d [root@master ~]# kubectl logs mysql-1971774246-2f905 [Entrypoint] MySQL Docker Image 5.7.20-1.1.2 [Entrypoint] Initializing database [Entrypoint] Database initialized Warning: Unable to load '/usr/share/zoneinfo/iso3166.tab' as time zone. Skipping it. Warning: Unable to load '/usr/share/zoneinfo/zone.tab' as time zone. Skipping it. Warning: Unable to load '/usr/share/zoneinfo/zone1970.tab' as time zone. Skipping it. [Entrypoint] ignoring /docker-entrypoint-initdb.d/* [Entrypoint] Server shut down [Entrypoint] MySQL init process done. Ready for start up. [Entrypoint] Starting MySQL 5.7.20-1.1.2 [root@master ~]#
3、kubectl exec
exec主要用于pod中执行命令,比如到mysql的镜像中执行 ls
kubectl exec mysql-1971774246-2f905 ls
[root@master ~]# kubectl exec mysql-1971774246-2f905 ls bin boot dev docker-entrypoint-initdb.d entrypoint.sh etc healthcheck.cnf healthcheck.sh home lib lib64 media mnt mysql-init-complete opt proc root run sbin srv sys tmp usr var
直接登陆到pod里面的镜像
kubectl exec -it mysql-1971774246-2f905 bash
[root@master ~]# kubectl exec -it mysql-1971774246-2f905 bash bash-4.2# ls bin docker-entrypoint-initdb.d healthcheck.cnf lib mnt proc sbin tmp boot entrypoint.sh healthcheck.sh lib64 mysql-init-complete root srv usr dev etc home media opt run sys var bash-4.2#
4、kubectl cp
比如从容器中考出hosts文件到物理机/tmp下
kubectl cp mysql-1971774246-2f905:/etc/hosts /tmp/hosts
error: unexpected EOF
报错通过帮助命令查看,原来需要在pod中先安装tar库如下:
kubectl cp --help
[root@master tmp]# kubectl cp --help Copy files and directories to and from containers. Examples: # !!!Important Note!!! # Requires that the 'tar' binary is present in your container # image. If 'tar' is not present, 'kubectl cp' will fail. # Copy /tmp/foo_dir local directory to /tmp/bar_dir in a remote pod in the default namespace kubectl cp /tmp/foo_dir <some-pod>:/tmp/bar_dir # Copy /tmp/foo local file to /tmp/bar in a remote pod in a specific container kubectl cp /tmp/foo <some-pod>:/tmp/bar -c <specific-container> # Copy /tmp/foo local file to /tmp/bar in a remote pod in namespace <some-namespace> kubectl cp /tmp/foo <some-namespace>/<some-pod>:/tmp/bar # Copy /tmp/foo from a remote pod to /tmp/bar locally kubectl cp <some-namespace>/<some-pod>:/tmp/foo /tmp/bar Options: -c, --container='': Container name. If omitted, the first container in the pod will be chosen Usage: kubectl cp <file-spec-src> <file-spec-dest> [options] Use "kubectl options" for a list of global command-line options (applies to all commands). [root@master tmp]#
看到# Requires that the 'tar' binary is present in your container
进入pod安装tar
kubectl exec -it mysql-1971774246-2f905 bash
yum install tar -y
exit
执行cp命令
kubectl cp mysql-1971774246-2f905:/etc/hosts /tmp/hosts
[root@master ~]# kubectl cp mysql-1971774246-2f905:/etc/hosts /tmp/hosts error: unexpected EOF [root@master ~]# kubectl exec -it mysql-1971774246-2f905 bash bash-4.2# yum install tar -y Loaded plugins: ovl ol7_UEKR4 | 2.5 kB 00:00 ol7_latest | 2.7 kB 00:00 (1/5): ol7_UEKR4/x86_64/updateinfo | 79 kB 00:04 (2/5): ol7_latest/x86_64/group | 810 kB 00:04 (3/5): ol7_UEKR4/x86_64/primary_db | 4.0 MB 00:06 (4/5): ol7_latest/x86_64/updateinfo | 2.6 MB 00:05 (5/5): ol7_latest/x86_64/primary_db | 22 MB 00:09 Resolving Dependencies --> Running transaction check ---> Package tar.x86_64 2:1.26-35.el7 will be installed --> Finished Dependency Resolution Dependencies Resolved ================================================================================ Package Arch Version Repository Size ================================================================================ Installing: tar x86_64 2:1.26-35.el7 ol7_latest 845 k Transaction Summary ================================================================================ Install 1 Package Total download size: 845 k Installed size: 2.7 M Downloading packages: tar-1.26-35.el7.x86_64.rpm | 845 kB 00:02 Running transaction check Running transaction test Transaction test succeeded Running transaction Installing : 2:tar-1.26-35.el7.x86_64 1/1 Verifying : 2:tar-1.26-35.el7.x86_64 1/1 Installed: tar.x86_64 2:1.26-35.el7 Complete! bash-4.2# exit exit [root@master ~]# kubectl cp mysql-1971774246-2f905:/etc/hosts /tmp/hosts tar: Removing leading `/' from member names [root@master ~]# kubectl cp mysql-1971774246-2f905:/etc/hosts /tmp/hosts tar: Removing leading `/' from member names [root@master ~]# cd /tmp [root@master tmp]# ll total 1168 -rw-r--r-- 1 root root 218 Nov 4 03:58 hosts srwx------ 1 mongod mongod 0 Oct 29 15:57 mongodb-27017.sock
5、kubectl attach
主要用于取得pod中容器的实时信息,可以持续不断实时取出消息,类似tail -f /var/log/messages动态查看日志的作用
kubectl attach mysql-1971774246-2f905
[root@master tmp]# kubectl attach mysql-1971774246-2f905 If you don't see a command prompt, try pressing enter. [Entrypoint] MySQL Docker Image 5.7.20-1.1.2 [Entrypoint] Initializing database [Entrypoint] Database initialized Warning: Unable to load '/usr/share/zoneinfo/iso3166.tab' as time zone. Skipping it. Warning: Unable to load '/usr/share/zoneinfo/zone.tab' as time zone. Skipping it. Warning: Unable to load '/usr/share/zoneinfo/zone1970.tab' as time zone. Skipping it. [Entrypoint] ignoring /docker-entrypoint-initdb.d/* [Entrypoint] Server shut down [Entrypoint] MySQL init process done. Ready for start up. [Entrypoint] Starting MySQL 5.7.20-1.1.2
参考:mk老师讲的kubernetes内容
转载请注明出处:https://www.cnblogs.com/zhangxingeng/p/11764655.html
kuberneste系列文章:
