Kubernetes 命令参考手册

简介

创建类命令

deployment 创建类

 # kubectl create -f cloud.yaml
 # kubectl 

service 创建类

kubectl create -f service.yaml 

 kubectl create service clusterip my-svc --clusterip="None" -o yaml --dry-run | kubectl set selector --local -f - 'environment=qa' -o yaml | kubectl create -f -

 * kubectl create service -o yaml --dry-run 创建服务的配置,不是发送到Kubernetes API,而是打印到标准输出。
 * kubectl set selector --local -f - -o yaml 从标准输入流获取,并以yaml形式写到标准输出
 * kubectl create -f - 通过标准输入提供的配置,创建对象

删除类命令

删除deployments

kubectl delete deployment cloud-deployment -n kube-system

强制删除pod

kubectl delete pod nginx-87p3oiou8934 --grace-period=0 --force -n kube-system

备注:
    资源可能不会释放,删除前确定资源情况,手工清理遗留资源

修改类命令

node

  kubectl cordon $NODENAME
 kubectl uncordon $NODENAME

备注: 可以使节点暂时不可用,不能被调度

 kubectl drain ${NODENAME} --force --delete-local-data --ignore-daemonsets

 备注:
    delete-local-data: 
 kubectl --record deployment.apps/nginx-deployment set image deployment.v1.apps/nginx-deployment nginx=nginx:1.9.1 
 或者简化我:
 kubectl set image deployment/nginx-deployment nginx=nginx:1.9.1 --record

 将镜像更新为新的:1.9.1版本
 kubectl label nodes <node-name> <label-key>=<label-value>
 样例:

 kubectl label nodes kubernetes-foo-node-1.c.a-robinson.internal disktype=ssd

 备注:
 kubernetes-foo-node-1.c.a-robinson.internal: node的名字
 disktype:标签键
 ssd:标签值
 kubectl rollout undo deployment nginx-deployment
 kubectl rollout undo deployment nginx-deployment --to-revision=2

查询类命令

node

 kubectl describe node <insert-node-name-here>
 kubectl get nodes --show-labels

namespace

 kubectl get namespace
 kubectl api-resources --namespaced=true
 kubectl api-resources --namespaced=false

rs

 kubectl get rs
 kubectl describe rs/frontend
 备注:frontend为rs的名字

pod

 kubectl get pods frontend-9si5l -o yaml
 备注:ownerReferences段显示此pod属于哪个ReplicaSet
 kubectl get pods --show-labels
 kubectl get pod cloud-test-7affgg87wx-9kfxk -o yaml
 # 获取cloud命名空间中第一个pod的metadata信息
 kubectl get pod -n cloud -o jsonpath='{.items[0].metadata}'

 # 获取cloud命名空间中第三个pod的宿主机IP
 kubectl get pod -n cloud -o jsonpath='{.items[2].status.hostIP}'

 # 获取cloud命名空间中所有pod的宿主机IP
 kubectl get pod -n cloud -o jsonpath='{.items[*].status.hostIP}'

 # 获取所有节点的IP地址及在k8s中的主机名
 kubectl get node -o jsonpath='{.items[*].status.addresses[*].address}'

 # 获取所有节点的IP地址
 kubectl get node -o jsonpath='{.items[*].status.addresses[0].address}'

 备注:如果字段是map类型,则必须用[]才能获取下级信息

 # 获取 ports 中所有 protocol 是 TCP 的 name
 kubectl get svc kube-dns -n kube-system -o jsonpath='{$.spec.ports[?(@.name=="metrics")].port}'
 解释:@ 符号代表当前对象,?() 原文是 filter 理解为过滤,() 中写条件

endpoints

# kubectl get ep --all-namespaces

hpa

# kubectl get hpa
# kubectl get hpa istio-ingressgateway -n istio-system -o json

deployment

 kubectl get deployment --all-namespaces
 展开字段说明:
  * NAME: cluster中deployment的名字
  * DESIRED: 应用期望的replicas数量
  * CURRENT: 当前已经正常运行的replicas数量
  * UP-TO-DATE: 已经更新为期望状态的replicas的数量
  * AVAILABLE: 显示可供用户使用的应用程序副本的数量
  * AGE: 应用运行总时长
 kubectl rollout status deployment.v1.apps/nginx-deloyment
 kubectl rollout history deployment/nginx-deployment --revision=2
 kubectl describe deployments
 kubectl config view
 kubectl cluster-info

events

 kubectl get events

通过代理方式访问服务

 http://kubernetes_master_address/api/v1/namespaces/{namespace_name}/services/{service_name}[:port_name]/proxy
  * <service_name> - 代理到默认端口proxies to the default or unnamed port using http
  * <service_name>:<port_name> - 代理到指定的端口proxies to the specified port using http
  * https:<service_name>: - 代理到默认端口proxies to the default or unnamed port using https (note the trailing colon)
  * https:<service_name>:<port_name> - 代理到指定的端口

其他类操作

 kubectl config set-context --current --namespace=kube-system

 备注:验证
 kubectl config view --minify |grep namespace:

获取k8s元数据

ps -ef |grep etcd

/usr/local/bin/etcd --name=master1.smx-dev-k8s.smx.com --cert-file=/etc/etcd/ssl/etcd.pem --key-file=/etc/etcd/ssl/etcd-key.pem --peer-cert-file=/etc/etcd/ssl/etcd.pem --peer-key-file=/etc/etcd/ssl/etcd-key.pem --trusted-ca-file=/etc/kubernetes/ssl/ca.pem --peer-trusted-ca-file=/etc/kubernetes/ssl/ca.pem --initial-advertise-peer-urls=https://10.0.133.211:2380 --listen-peer-urls=https://10.0.133.211:2380 --listen-client-urls=https://10.0.133.211:2379,http://127.0.0.1:2379 --advertise-client-urls=https://10.0.133.211:2379 --initial-cluster-token=etcd-cluster-0 --initial-cluster=master3.smx-dev-k8s.smx.com=https://10.0.133.213:2380,master2.smx-dev-k8s.smx.com=https://10.0.133.212:2380,master1.smx-dev-k8s.smx.com=https://10.0.133.211:2380 --initial-cluster-state=new --data-dir=/var/lib/etcd
 export ETCDCTL_API=3 
 etcdctl  --cacert=/etc/kubernetes/ssl/ca.pem --endpoints https://10.0.133.211:2379 get / --prefix --keys-only
 etcdctl  --cacert=/etc/kubernetes/ssl/ca.pem --endpoints https://10.0.133.211:2379 get  /registry/leases/  --prefix

istio设置

 kubectl label namespace yunpingtai istio-injection=disabled
 kubectl get namespace -L istio-injection

结语

回首页