kubectl管理
Kubectl是管理k8s集羣的命令行工具,通過生成的json格式傳遞給apiserver進行創建、查看、管理的操作
注意:此處需要用到我們之前部署的K8s多節點的部署環境,如果還未部署的可以參考我的上篇文章:https://blog.csdn.net/JarryZho/article/details/104212822
常用命令行:
`查看幫助命令`
[root@master1 ~]# kubectl --help
kubectl controls the Kubernetes cluster manager.
Find more information at: https://kubernetes.io/docs/reference/kubectl/overview/
Basic Commands (Beginner):
create Create a resource from a file or from stdin.
expose 使用 replication controller, service, deployment 或者 pod 並暴露它作爲一個 新的
Kubernetes Service
run 在集羣中運行一個指定的鏡像
set 爲 objects 設置一個指定的特徵
Basic Commands (Intermediate):
explain 查看資源的文檔
get 顯示一個或更多 resources
edit 在服務器上編輯一個資源
delete Delete resources by filenames, stdin, resources and names, or by resources and label selector
Deploy Commands:
rollout Manage the rollout of a resource
scale 爲 Deployment, ReplicaSet, Replication Controller 或者 Job 設置一個新的副本數量
autoscale 自動調整一個 Deployment, ReplicaSet, 或者 ReplicationController 的副本數量
Cluster Management Commands:
certificate 修改 certificate 資源.
cluster-info 顯示集羣信息
top Display Resource (CPU/Memory/Storage) usage.
cordon 標記 node 爲 unschedulable
uncordon 標記 node 爲 schedulable
drain Drain node in preparation for maintenance
taint 更新一個或者多個 node 上的 taints
Troubleshooting and Debugging Commands:
describe 顯示一個指定 resource 或者 group 的 resources 詳情
logs 輸出容器在 pod 中的日誌
attach Attach 到一個運行中的 container
exec 在一個 container 中執行一個命令
port-forward Forward one or more local ports to a pod
proxy 運行一個 proxy 到 Kubernetes API server
cp 複製 files 和 directories 到 containers 和從容器中複製 files 和 directories.
auth Inspect authorization
Advanced Commands:
apply 通過文件名或標準輸入流(stdin)對資源進行配置
patch 使用 strategic merge patch 更新一個資源的 field(s)
replace 通過 filename 或者 stdin替換一個資源
wait Experimental: Wait for a specific condition on one or many resources.
convert 在不同的 API versions 轉換配置文件
Settings Commands:
label 更新在這個資源上的 labels
annotate 更新一個資源的註解
completion Output shell completion code for the specified shell (bash or zsh)
Other Commands:
alpha Commands for features in alpha
api-resources Print the supported API resources on the server
api-versions Print the supported API versions on the server, in the form of "group/version"
config 修改 kubeconfig 文件
plugin Provides utilities for interacting with plugins.
version 輸出 client 和 server 的版本信息接下來我們以項目的形式講其中的命令
其步驟如下:創建一>發佈一>更新一>回滾一>刪除
1.創建nginx
#語法:kubectl run NAME --image=image [--env="key=value"參數] [--port=port端口] [--replicas=replicas副本集] [--dry-run=bool狀態] [--overrides=inline-json] [--command命令] -- [COMMAND] [args...] [options]`
`示例:`
[root@master1 k8s]# kubectl run nginx-deployment --image=nginx --port=80 --replicas=3
kubectl run --generator=deployment/apps.v1beta1 is DEPRECATED and will be removed in a future version. Use kubectl create instead.
deployment.apps/nginx-deployment created
[root@master1 k8s]# kubectl get pods
NAME READY STATUS RESTARTS AGE
nginx-dbddb74b8-7hdfj 1/1 Running 0 4d18h
`nginx-deployment-5477945587-2dljt 1/1 Running 0 68s`
`nginx-deployment-5477945587-tt8vx 1/1 Running 0 68s`
`nginx-deployment-5477945587-wsb69 1/1 Running 0 68s`
#最後三個就是我們新創建的副本集2.發佈nginx service提供負載均衡的功能
#語法:kubectl expose (-f FILENAME | TYPE NAME) [--port=port羣集之間內部通信的端口] [--protocol=TCP|UDP|SCTP] [--target-port對外暴露的端口=number-or-name] [--name=name指定名稱] [--external-ip=external-ip-of-service] [--type=type指定類型] [options]
`示例:`
[root@master1 k8s]# kubectl expose deployment nginx-deployment --port=80 --target-port=80 --name=nginx-deployment-service --type=NodePort
service/nginx-deployment-service exposed
`查看發佈`
[root@master1 k8s]# kubectl get pods,svc #此處svc位service服務組件的縮寫
NAME READY STATUS RESTARTS AGE
pod/nginx-dbddb74b8-7hdfj 1/1 Running 0 4d19h
pod/nginx-deployment-5477945587-2dljt 1/1 Running 0 13m
pod/nginx-deployment-5477945587-tt8vx 1/1 Running 0 13m
pod/nginx-deployment-5477945587-wsb69 1/1 Running 0 13m
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/kubernetes ClusterIP 10.0.0.1 <none> 443/TCP 6d19h
service/nginx-service NodePort 10.0.0.242 <none> 80:40422/TCP 111s
#此時對外暴露的端口爲40422
`查看資源對象簡寫`
[root@master1 k8s]# kubectl api-resources
NAME SHORTNAMES APIGROUP NAMESPACED
componentstatuses cs false
configmaps cm true
endpoints ep true
events ev true
limitranges limits true
namespaces ns false
nodes no false
persistentvolumeclaims pvc true
persistentvolumes pv false
pods po true
replicationcontrollers rc true
resourcequotas quota true
serviceaccounts sa true
services svc true
customresourcedefinitions crd,crds apiextensions.k8s.io false
daemonsets ds apps true
deployments deploy apps true
replicasets rs apps true
statefulsets sts apps true
horizontalpodautoscalers hpa autoscaling true
cronjobs cj batch true
certificatesigningrequests csr certificates.k8s.io false
events ev events.k8s.io true
daemonsets ds extensions true
deployments deploy extensions true
ingresses ing extensions true
networkpolicies netpol extensions true
podsecuritypolicies psp extensions false
replicasets rs extensions true
networkpolicies netpol networking.k8s.io true
poddisruptionbudgets pdb policy true
podsecuritypolicies psp policy false
priorityclasses pc scheduling.k8s.io false
storageclasses sc storage.k8s.io false
`查看關聯後端的節點`
[root@master1 k8s]# kubectl get endpoints
NAME ENDPOINTS AGE
kubernetes 192.168.18.128:6443,192.168.18.132:6443 7d4h
nginx-deployment-service 172.17.32.4:80,172.17.40.2:80,172.17.40.3:80 17s
`網絡狀態詳細信息`
[root@master1 ~]# kubectl get pods -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE
nginx-dbddb74b8-7hdfj 1/1 Running 0 5d5h 172.17.32.2 192.168.18.148 <none>
nginx-deployment-5477945587-2dljt 1/1 Running 0 10h 172.17.40.3 192.168.18.145 <none>
nginx-deployment-5477945587-tt8vx 1/1 Running 0 10h 172.17.40.2 192.168.18.145 <none>
nginx-deployment-5477945587-wsb69 1/1 Running 0 10h 172.17.32.4 192.168.18.148 <none>
`服務暴露的端口`
[root@master1 ~]# kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.0.0.1 <none> 443/TCP 7d5h
nginx-deployment-service NodePort 10.0.0.50 <none> 80:48330/TCP 70m
`在node1操作,查看負載均衡端口48330`
`k8s裏kube-proxy支持三種模式,在v1.8之前我們使用的是iptables以及userspace兩種模式,在k8s1.8之後引入了ipvs模式`
[root@node1 ~]# yum install ipvsadm -y
[root@node1 ~]# ipvsadm -L -n
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.18.148:48330 rr
-> 172.17.32.4:80 Masq 1 0 0
-> 172.17.40.2:80 Masq 1 0 0
-> 172.17.40.3:80 Masq 1 0 0
#對外提供端口48330,調度算法爲rr輪詢
`在node2操作 同樣安裝ipvsadmin工具查看`
[root@node2 ~]# yum install ipvsadm -y
[root@node2 ~]# ipvsadm -L -n
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.18.145:48330 rr
-> 172.17.32.4:80 Masq 1 0 0
-> 172.17.40.2:80 Masq 1 0 0
-> 172.17.40.3:80 Masq 1 0 0我們現在宿主機中使用瀏覽器訪問192.168.18.148:48330和192.168.18.145:48330都可以訪問到nginx的主頁,然後再查看日誌
`在master1操作查看訪問日誌(注意:如果訪問其他node無法訪問檢查proxy組件)`
[root@master1 ~]# kubectl get pods #此時會有三個副本集
NAME READY STATUS RESTARTS AGE
nginx-dbddb74b8-7hdfj 1/1 Running 0 5d5h
nginx-deployment-5477945587-2dljt 1/1 Running 0 10h
nginx-deployment-5477945587-tt8vx 1/1 Running 0 10h
nginx-deployment-5477945587-wsb69 1/1 Running 0 10h
`此時回頭查看訪問日誌:`
[root@master1 ~]# kubectl logs nginx-deployment-5477945587-2dljt
172.17.40.1 - - [12/Feb/2020:11:44:46 +0000] "GET / HTTP/1.1" 200 612 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.131 Safari/537.36" "-"
172.17.40.1 - - [12/Feb/2020:11:44:46 +0000] "GET /favicon.ico HTTP/1.1" 404 555 "http://192.168.18.145:48330/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.131 Safari/537.36" "-"
[root@master1 ~]# kubectl logs nginx-deployment-5477945587-tt8vx
[root@master1 ~]# kubectl logs nginx-deployment-5477945587-wsb69
172.17.32.1 - - [12/Feb/2020:11:47:07 +0000] "GET / HTTP/1.1" 200 612 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.131 Safari/537.36" "-"
172.17.32.1 - - [12/Feb/2020:11:47:07 +0000] "GET /favicon.ico HTTP/1.1" 404 555 "http://192.168.18.148:48330/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.131 Safari/537.36" "-"
#此時nginx-deployment-5477945587-wsb69和nginx-deployment-5477945587-2dljt分別被訪問了nginx的主頁,說明業務已經成功發佈,而且對方用的是輪詢的方式訪問多個Pod資源3.更新nginx 爲1.14版本
查看nginx版本步驟:F12打開開發者選項--》F5刷新訪問---》找到network---》點擊name---》找到headers頭部信息
[root@master1 ~]# kubectl set image deployment/nginx-deployment nginx-deployment=nginx:1.14
deployment.extensions/nginx-deployment image updated
`處於動態監聽狀態,此時可以查看監控狀態`
[root@master1 ~]# kubectl get pods -w
NAME READY STATUS RESTARTS AGE
nginx-6c94d899fd-8pf48 1/1 Running 0 3m54s
nginx-deployment-5477945587-2dljt 1/1 Running 0 10h
nginx-deployment-5477945587-tt8vx 1/1 Running 0 10h
nginx-deployment-5477945587-wsb69 1/1 Running 0 10h
nginx-deployment-8f66bcd89-jncdr 0/1 ContainerCreating 0 7s
#此時哦我們可以按Ctrl+c中斷監聽,這樣更新速度快驗證:我們再次重載宿主機中的nginx主頁,此時在開發者選項中看到的頭部信息裏nginx的版本更新爲了1.14.2
4.回滾nginx
`查看歷史版本`
[root@master1 ~]# kubectl rollout history deployment/nginx-deployment
deployment.extensions/nginx-deployment
REVISION CHANGE-CAUSE
1 <none> #1.17版本
2 <none> #1.14版本
`執行回滾到上一次`
[root@master1 ~]# kubectl rollout undo deployment/nginx-deployment
deployment.extensions/nginx-deployment
`檢查回滾狀態`
[root@master1 ~]# kubectl rollout status deployment/nginx-deployment
Waiting for deployment "nginx-deployment" rollout to finish: 1 out of 3 new replicas have been updated...
Waiting for deployment "nginx-deployment" rollout to finish: 1 out of 3 new replicas have been updated...
Waiting for deployment "nginx-deployment" rollout to finish: 2 out of 3 new replicas have been updated...
Waiting for deployment "nginx-deployment" rollout to finish: 2 out of 3 new replicas have been updated...
Waiting for deployment "nginx-deployment" rollout to finish: 2 out of 3 new replicas have been updated...
Waiting for deployment "nginx-deployment" rollout to finish: 1 old replicas are pending termination...
Waiting for deployment "nginx-deployment" rollout to finish: 1 old replicas are pending termination...
deployment "nginx-deployment" successfully rolled out
#最終顯示成功回滾驗證:再回到宿主機的瀏覽器刷新nginx主頁,此時在頁面開發者選擇的頭部信息中看到的nginx版本就恢復到了之前的1.17.8
5.刪除nginx
`查看deployment`
[root@master1 ~]# kubectl get deploy
NAME DESIRED CURRENT UP-TO-DATE AVAILABLE AGE
nginx-deployment 3 3 3 3 11h
[root@master1 ~]# kubectl delete deployment/nginx-deployment
deployment.extensions "nginx-deployment" deleted
[root@master1 ~]# kubectl get deploy
No resources found.
[root@master1 ~]# kubectl get pods
No resources found.
`刪除服務SVC`
[root@master1 ~]# kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.0.0.1 <none> 443/TCP 7d6h
nginx-deployment-service NodePort 10.0.0.50 <none> 80:48330/TCP 142m
[root@master1 ~]# kubectl delete svc/nginx-deployment-service
service "nginx-deployment-service" deleted #此步驟爲刪除步驟
[root@master1 ~]# kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.0.0.1 <none> 443/TCP 7d7h6.其它
`查看具體資源的詳細信息`
[root@master1 ~]# kubectl run nginx-deployment --image=nginx --port=80 --replicas=3
kubectl run --generator=deployment/apps.v1beta1 is DEPRECATED and will be removed in a future version. Use kubectl create instead.
deployment.apps/nginx-deployment created
[root@master1 ~]# kubectl get pods
NAME READY STATUS RESTARTS AGE
nginx-6c94d899fd-8pf48 1/1 Running 0 54m
nginx-deployment-5477945587-f5dsm 1/1 Running 0 15s
nginx-deployment-5477945587-hmgd2 1/1 Running 0 15s
nginx-deployment-5477945587-pl2hn 1/1 Running 0 15s
[root@master1 ~]# kubectl describe pod nginx-deployment-5477945587-f5dsm
Name: nginx-deployment-5477945587-f5dsm
Namespace: default
Priority: 0
PriorityClassName: <none>
Node: 192.168.18.145/192.168.18.145
Start Time: Wed, 12 Feb 2020 21:04:40 +0800
Labels: pod-template-hash=5477945587
run=nginx-deployment
Annotations: <none>
Status: Running
IP: 172.17.40.2
Controlled By: ReplicaSet/nginx-deployment-5477945587
Containers:
nginx-deployment:
Container ID: docker://670cb7230f200279b2accb344766e621ab97d279c8585cc27bd4e519dac9e677
Image: nginx
Image ID: docker-pullable://nginx@sha256:ad5552c786f128e389a0263104ae39f3d3c7895579d45ae716f528185b36bc6f
Port: 80/TCP
Host Port: 0/TCP
State: Running
Started: Wed, 12 Feb 2020 21:04:44 +0800
Ready: True
Restart Count: 0
Environment: <none>
Mounts:
/var/run/secrets/kubernetes.io/serviceaccount from default-token-pbr9p (ro)
Conditions:
Type Status
Initialized True
Ready True
ContainersReady True
PodScheduled True
Volumes:
default-token-pbr9p:
Type: Secret (a volume populated by a Secret)
SecretName: default-token-pbr9p
Optional: false
QoS Class: BestEffort
Node-Selectors: <none>
Tolerations: node.kubernetes.io/not-ready:NoExecute for 300s
node.kubernetes.io/unreachable:NoExecute for 300s
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Scheduled 19m default-scheduler Successfully assigned default/nginx-deployment-5477945587-f5dsm to 192.168.18.145
Normal Pulling 19m kubelet, 192.168.18.145 pulling image "nginx"
Normal Pulled 19m kubelet, 192.168.18.145 Successfully pulled image "nginx"
Normal Created 19m kubelet, 192.168.18.145 Created container
Normal Started 19m kubelet, 192.168.18.145 Started container
`查看deployment資源`
[root@master1 ~]# kubectl describe deployment/nginx-deployment
Name: nginx-deployment
Namespace: default
CreationTimestamp: Wed, 12 Feb 2020 21:04:40 +0800
Labels: run=nginx-deployment
Annotations: deployment.kubernetes.io/revision: 1
Selector: run=nginx-deployment
Replicas: 3 desired | 3 updated | 3 total | 3 available | 0 unavailable
StrategyType: RollingUpdate
MinReadySeconds: 0
RollingUpdateStrategy: 25% max unavailable, 25% max surge
Pod Template:
Labels: run=nginx-deployment
Containers:
nginx-deployment:
Image: nginx
Port: 80/TCP
Host Port: 0/TCP
Environment: <none>
Mounts: <none>
Volumes: <none>
Conditions:
Type Status Reason
---- ------ ------
Available True MinimumReplicasAvailable
Progressing True NewReplicaSetAvailable
OldReplicaSets: <none>
NewReplicaSet: nginx-deployment-5477945587 (3/3 replicas created)
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal ScalingReplicaSet 21m deployment-controller Scaled up replica set nginx-deployment-5477945587 to 3
`進入pod`
[root@master1 ~]# kubectl exec -it nginx-deployment-5477945587-f5dsm bash
root@nginx-deployment-5477945587-f5dsm:/#問題集錦及原因:
`1:狀態爲NotReady`
[root@localhost bin]# kubectl get node
NAME STATUS ROLES AGE VERSION
192.168.195.150 NotReady <none> 6d19h v1.12.3
192.168.195.151 NotReady <none> 6d18h v1.12.3
#原因: node 節點無法連接apiserver
1)單節點:master節點 apiserver服務是否正常運行
systemctl restart kube-apiserver 失敗
cat /var/log/messages 日誌(第一次部署:檢查證書)
2)多節點:如果api-server運行正常
檢查:負載均衡中的VIP,檢查nginx調度 四層轉發模塊配置
`2:kubectl get pods 查詢podes資源狀態`
NAME READY STATUS RESTARTS AGE
nginx-7697996758-jg47q 0/1 Pending 0 93s
nginx-7697996758-k967k 0/1 Pending 0 93s
nginx-7697996758-p5n8m 0/1 Pending 0 93s
無法配置資源到node節點中進行創建(處於pending狀態)
檢查node節點中kubelet服務組件,kubeconfig配置
`3:客戶無法訪問pods發佈的服務`
ipvsadm -L -n 負載均衡 對外提供的端口44888
#正常情況每個node應該是以下狀態:
TCP 192.168.195.151:44888 rr
-> 172.17.68.2:80 Masq 1 0 0
-> 172.17.68.3:80 Masq 1 0 0
-> 172.17.86.2:80 Masq 1 0 0
#原因:kube-proxy組件服務