Kubernetes CLI command -- kubectl

基础命令

kubectl cluster-info: 查看集群状态;
kubectl get pods --selector="name=bad-frontend": 指定查看pod的name属性;
kubectl expose deployment first-deployment --port=80 --type=NodePort: 暴露指定端口, 以及指定类型;
kubectl get svc first-deployment -o go-template='【【range.spec.ports】】【【if .nodePort】】【【.nodePort】】【【"\n"】】【【end】】【【end】】': 获取service暴露的端口;
- [使用jsonpath获取]: kubectl get svc first-deployment -o jsonpath='{.spec..ports[0].nodePort}'
【新版本已弃用】kubectl run http --image=katacoda/docker-http-server:latest --replicas=1: 手动运行一个deployment并指定其pod镜像;
- kubectl expose deployment http --external-ip="172.17.0.42" --port=8000 --target-port=80: 暴露端口及访问地址;
- 或者直接使用: kubectl run httpexposed --image=katacoda/docker-http-server:latest --replicas=1 --port=80 --hostport=8001
kubectl exec -it POD_NAME -c CONTAINTER_NAME -- bin/sh: 进入一个含有多个容器的pod;
kubectl scale --replicas=3 deployment http: 扩容;
kubectl set image deployment.v1.apps/nginx-deployment nginx=nginx:1.9.1 --record: 更新镜像;
kubectl set resources deployment nginx -c =nginx --limits =cpu=200m,memory =512Mi: 更新资源使用;
kubectl patch deployments myapp-deploy -p '{ "spec": {"replicas":5}}': 打补丁;
kubectl rollout history deployment.v1.apps/nginx-deployment --revision=2：查看历史修订的详细信息；
kubectl rollout undo deployment myapp-deploy --to-revision=2: 回滚至指定版本;
kubectl rollout status deployments myapp-deploy: 回滚操作状态信息;
kubectl rollout pause deployment/myapp-deploy: 暂停更新deployment(用于多次更新deployment);
- kubectl rollout resume deployment/myapp-deploy: 恢复更新deployment;
kubectl get pods -l 'environment in (production),tier in (frontend)': 过滤显示指定标签的pod;
- kubectl get pods -l environment=production,tier=frontend
kubectl apply-validate-f pod.yaml: 检查yaml文件格式是否有错误之处;
kubectl apply -R DIR/: 递归应用目录中的配置清单文件;
kubectl get componentstatuses: 检查控制平台组件的状态；
kubectl logs kube-scheduler-master01 -n kube-system：获取调度器日志，包括调度记录，打分记录等；

cluster 快速部署

# 使用轻量级容器引擎crio, 需要提前安装
# systemctl restart crio
kubeadm init --token=102952.1a7dd4cc8d1f4cc5 --kubernetes-version $(kubeadm version -o short)
# 初始化时调用crio引擎
# kubeadm init --cri-socket=/var/run/crio/crio.sock --kubernetes-version $(kubeadm version -o short)

# 初始化完毕之后, crio查看容器运行状态
# crictl ps
sudo cp /etc/kubernetes/admin.conf $HOME/
sudo chown $(id -u):$(id -g) $HOME/admin.conf
export KUBECONFIG=$HOME/admin.conf

kubectl apply -f /opt/weave-kube.yaml

kubectl get pod -n kube-system

kubeadm token list

kubeadm join --discovery-token-unsafe-skip-ca-verification --token=102952.1a7dd4cc8d1f4cc5 172.17.0.66:6443

# 使用轻量级容器引擎crio, 需要提前安装
# systemctl restart crio
kubeadm init --token=102952.1a7dd4cc8d1f4cc5 --kubernetes-version $(kubeadm version -o short)
# 初始化时调用crio引擎
# kubeadm init --cri-socket=/var/run/crio/crio.sock --kubernetes-version $(kubeadm version -o short)

# 初始化完毕之后, crio查看容器运行状态
# crictl ps
sudo cp /etc/kubernetes/admin.conf $HOME/
sudo chown $(id -u):$(id -g) $HOME/admin.conf
export KUBECONFIG=$HOME/admin.conf

kubectl apply -f /opt/weave-kube.yaml

kubectl get pod -n kube-system

kubeadm token list

kubeadm join --discovery-token-unsafe-skip-ca-verification --token=102952.1a7dd4cc8d1f4cc5 172.17.0.66:6443

By default, the crictl CLI is configured to communicate with the runtime by the config file at cat /etc/crictl.yaml

dashboard 账户认证(token):

cat <<EOF | kubectl create -f - 
apiVersion: v1
kind: ServiceAccount
metadata:
  name: admin-user
  namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
metadata:
  name: admin-user
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: cluster-admin
subjects:
- kind: ServiceAccount
  name: admin-user
  namespace: kube-system
EOF

cat <<EOF | kubectl create -f - 
apiVersion: v1
kind: ServiceAccount
metadata:
  name: admin-user
  namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
metadata:
  name: admin-user
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: cluster-admin
subjects:
- kind: ServiceAccount
  name: admin-user
  namespace: kube-system
EOF

获取token:

kubectl -n kube-system describe secret $(kubectl -n kube-system get secret | grep admin-user | awk '{print $1}')

kubectl -n kube-system describe secret $(kubectl -n kube-system get secret | grep admin-user | awk '{print $1}')

附录

参考链接

kubectl commands offical documentation: https://kubernetes.io/docs/reference/generated/kubectl/kubectl-commands

Kubernetes CLI command -- kubectl #

基础命令 #

cluster 快速部署 #

附录 #

参考链接 #

Kubernetes CLI command -- kubectl

基础命令

cluster 快速部署

附录

参考链接