k8s集群管理
集群管理命令
命令说明
子命令 | 说明 |
---|---|
help | 用于查看命令及子命令的帮助信息 |
cluster-info | 显示集群的相关配置信息 |
version | 查看服务器及客户端的版本信息 |
api-resources | 查看当前服务器上所有的资源对象 |
api-versions | 查看当前服务器上所有资源对象的版本 |
config | 管理当前节点上kubeconfig 的认证信息 |
help
# 查看帮助命令信息 [root@master ~]# kubectl help version Print the client and server version information for the current context. Examples: # Print the client and server versions for the current context kubectl version ... ...
cluster-info
# 查看集群状态信息 [root@master ~]# kubectl cluster-info Kubernetes control plane is running at https://192.168.1.50:6443 CoreDNS is running at https://192.168.1.50:6443/api/v1/namespaces/kube-system/services/kube-dns:dns/proxy ... ...
version
# 查看服务端与客户端版本信息 [root@master ~]# kubectl version WARNING: This version information is deprecated and will be replaced with the output from kubectl version --short. Use --output=yaml|json to get the full version. Client Version: version.Info{Major:"1", Minor:"26", GitVersion:"v1.26.0", GitCommit:"b46a3f887ca979b1a5d14fd39cb1af43e7e5d12d", GitTreeState:"clean", BuildDate:"2022-12-08T19:58:30Z", GoVersion:"go1.19.4", Compiler:"gc", Platform:"linux/amd64"} Kustomize Version: v4.5.7 Server Version: version.Info{Major:"1", Minor:"26", GitVersion:"v1.26.0", GitCommit:"b46a3f887ca979b1a5d14fd39cb1af43e7e5d12d", GitTreeState:"clean", BuildDate:"2022-12-08T19:51:45Z", GoVersion:"go1.19.4", Compiler:"gc", Platform:"linux/amd64"}
api-resources
# 查看资源对象类型 [root@master ~]# kubectl api-resources NAME SHORTNAMES APIVERSION NAMESPACED KIND bindings v1 true Binding endpoints ep v1 true Endpoints events ev v1 true Event ... ...
api-versions
# 查看资源对象版本 [root@master ~]# kubectl api-versions admissionregistration.k8s.io/v1 apiextensions.k8s.io/v1 apiregistration.k8s.io/v1 apps/v1 ... ...
config
# 查看当前认证使用的用户及证书 [root@master ~]# kubectl config get-contexts CURRENT NAME CLUSTER AUTHINFO * kubernetes-admin@kubernetes kubernetes kubernetes-admin # 使用 view 查看详细配置 [root@master ~]# kubectl config view apiVersion: v1 clusters: - cluster: certificate-authority-data: DATA+OMITTED server: https://192.168.1.50:6443 name: kubernetes contexts: - context: cluster: kubernetes user: kubernetes-admin name: kubernetes-admin@kubernetes current-context: kubernetes-admin@kubernetes kind: Config preferences: {} users: - name: kubernetes-admin user: client-certificate-data: REDACTED client-key-data: REDACTED
主机管理授权
[root@harbor ~]# vim /etc/hosts 192.168.1.30 harbor 192.168.1.50 master 192.168.1.51 node-0001 192.168.1.52 node-0002 192.168.1.53 node-0003 192.168.1.54 node-0004 192.168.1.55 node-0005 [root@harbor ~]# dnf install -y kubectl [root@harbor ~]# mkdir -p $HOME/.kube [root@harbor ~]# rsync -av master:/etc/kubernetes/admin.conf $HOME/.kube/config [root@harbor ~]# chown $(id -u):$(id -g) $HOME/.kube/config [root@harbor ~]# kubectl get nodes NAME STATUS ROLES AGE VERSION master Ready control-plane 24h v1.26.0 node-0001 Ready <none> 22h v1.26.0 node-0002 Ready <none> 22h v1.26.0 node-0003 Ready <none> 22h v1.26.0 node-0004 Ready <none> 22h v1.26.0 node-0005 Ready <none> 22h v1.26.0
Pod管理命令
使用run创建一个pod资源对象
kubectl run Pod名称 [选项/参数] --image=镜像名称:标签
创建Pod
# 创建 Pod [root@master ~]# kubectl run myweb --image=myos:nginx pod/myweb created # 查询资源对象 [root@master ~]# kubectl get pods -o wide NAME READY STATUS RESTARTS AGE IP NODE myweb 1/1 Running 0 3s 10.244.1.3 node-0001 [root@master ~]# curl http://10.244.1.3 Nginx is running !
Pod 创建过程
Pod概述:由一个或多个容器组成,k8s中最小的管理元素,是一个服务的多个进程的聚合单元
-同一个Pod共享网络IP及权限
-同一个Pod共享主机名称
-同一个Pod共享存储设备
该流程图描述了
-
用户发送请求给api-server
-
api-server记录到etcd中
-
api-server给用户返回结果,客户端已经执行完成
-
api-server调用scheduler为容器选择运行的主机
-
scheduler返回容器的调度结果
-
api-server把结果记录到etcd中
-
api-server调用对应主机的kubelet创建容器
-
kubelet调用本机docker完成容器的创建,并返回结果给api-server
-
api-server把结果记录到etcd中
Pod 生命周期
初始化容器 启动hook主程序 生命探测器
就绪探测器(等待就绪)
Pod 管理命令(一)
子命令 | 说明 | 备注 |
---|---|---|
run/create | 创建资源对象(run创建pod,create创建其他) | 可输出资源文件模板 |
get | 查看资源对象的状态信息 | 常用参数: -o 显示格式 |
describe | 查询资源对象的属性信息 | |
logs | 查看容器的报错信息 | 常用参数: -c 容器名称 |
get
# 查看 Pod 资源对象 [root@master ~]# kubectl get pods NAME READY STATUS RESTARTS AGE myweb 1/1 Running 0 10m # 只查看资源对象的名字 [root@master ~]# kubectl get pods -o name pod/myweb # 查看资源对象运行节点的信息 [root@master ~]# kubectl get pods -o wide NAME READY STATUS RESTARTS AGE IP NODE myweb 1/1 Running 0 10m 10.244.1.3 node-0001 # 查看资源对象详细信息,Yaml 格式 [root@master ~]# kubectl get pod myweb -o yaml apiVersion: v1 kind: Pod metadata: name: myweb ... ... # 查看名称空间 [root@master ~]# kubectl get namespaces NAME STATUS AGE default Active 39h kube-node-lease Active 39h kube-public Active 39h kube-system Active 39h # 查看 kube-system 名称空间中的 Pod 信息 [root@master ~]# kubectl -n kube-system get pods NAME READY STATUS RESTARTS AGE etcd-master 1/1 Running 0 39h kube-apiserver-master 1/1 Running 0 39h kube-controller-manager-master 1/1 Running 0 39h kube-scheduler-master 1/1 Running 0 39h ... ...
create
-n <namespace>
# 创建名称空间资源对象 [root@master ~]# kubectl create namespace work namespace/work created # 查看名称空间 [root@master ~]# kubectl get namespaces NAME STATUS AGE default Active 39h kube-node-lease Active 39h kube-public Active 39h kube-system Active 39h work Active 11s
run
# 创建简单 Pod 资源对象 [root@master ~]# kubectl -n work run myhttp --image=myos:httpd pod/myhttp created # 查询资源对象 [root@master ~]# kubectl -n work get pods -o wide NAME READY STATUS RESTARTS AGE IP NODE myhttp 1/1 Running 0 3s 10.244.2.2 node-0002 # 访问验证 [root@master ~]# curl http://10.244.2.2 Welcome to The Apache.
describe
# 查看资源对象的属性信息 [root@master ~]# kubectl describe pod myweb Name: myweb Namespace: default Priority: 0 Service Account: default Node: node-0001/192.168.1.51 ... ... Events: Type Reason Age From Message ---- ------ ---- ---- ------- Normal Scheduled 16m default-scheduler Successfully assigned default/myweb to node-0001 Normal Pulled 16m kubelet Container image "myos:nginx" already present on machine Normal Created 16m kubelet Created container myweb Normal Started 16m kubelet Started container myweb # 查看 work 名称空间下的 pod 信息 [root@master ~]# kubectl -n work describe pod myhttp Name: myhttp Namespace: work Priority: 0 Service Account: default Node: node-0002/192.168.1.52 ... ...
logs
# 访问服务,并查看日志 [root@master ~]# curl http://10.244.1.3/info.php [root@master ~]# curl http://10.244.2.2/info.php ... ... # 查看 myweb 日志 [root@master ~]# kubectl logs myweb 2022/11/12 18:28:54 [error] 7#0: *2 open() "/usr/local/nginx/html/info.php" failed (2: No such file or directory), client: 10.244.0.0, server: localhost, request: "GET /info.php HTTP/1.1", host: "10.244.2.12" # 查看 myhttp 日志 [root@master ~]# kubectl -n work logs myhttp [root@master ~]#
排错三兄弟
kubectl get 查看整体情况
kubectl descript 查看pod报错
kubectl logs 查看容器里报错
Pod 管理命令(二)
子命令 | 说明 | 备注 |
---|---|---|
exec | 在某一个容器内执行特定的命令 | 可选参数: -c 容器名称 |
cp | 在容器和宿主机之间拷贝文件或目录 | 可选参数: -c 容器名称 |
delete | 删除资源对象 | 可选参数: -l 标签 |
exec在容器内执行命令
kubectl exec [选项/参数] Pod名称 --操作命令
--选项终止符
# 在容器内执行命令 [root@master ~]# kubectl exec myweb -- ls 50x.html index.html [root@master ~]# kubectl exec -it myweb -- /bin/bash [root@myweb html]# ifconfig eth0 eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1450 inet 10.244.1.3 netmask 255.255.255.0 broadcast 10.244.2.255 ether 3a:32:78:59:ed:25 txqueuelen 0 (Ethernet) ... ...
cp
把init考进到容器里kubectl cp init myweb:/root/init
# 与容器进行文件或目录传输,容器里必须是绝对路径,本机可以是相对路径 [root@master ~]# kubectl cp myweb:/etc/yum.repos.d /root/aaa tar: Removing leading `/' from member names [root@master ~]# tree /root/aaa /root/aaa ├── local.repo ├── Rocky-AppStream.repo ├── Rocky-BaseOS.repo └── Rocky-Extras.repo 0 directories, 4 files [root@master ~]# kubectl -n work cp /etc/passwd myhttp:/root/mima [root@master ~]# kubectl -n exec myweb -- ls /root/ mima
[root@master ~]# kubectl run test1 --image=myos:nginx pod/test1 created [root@master ~]# kubectl run test2 --image=myos:httpd pod/test2 created
[root@master ~]# kubectl cp test1:/usr/local/nginx/html/index.html /root/a tar: Removing leading `/' from member names
[root@master ~]# kubectl cp /root/a test2:/var/www/html/index.html [root@master ~]# curl http://10.244.240.131 Nginx is running !
delete
# 删除资源对象 [root@master ~]# kubectl delete pods myweb pod "myweb" deleted # 删除 work 名称空间下所有 Pod 对象 [root@master ~]# kubectl -n work delete pods --all pod "myhttp" deleted # 删除名称空间 [root@master ~]# kubectl delete namespaces work namespace "work" deleted
资源对象文件
Pod 资源对象文件(默写)
1.命名规范
node+port==nodeport
NodePort==>大驼峰
nodePort==>小驼峰
key:value 关键字是 key用小驼峰 value大驼峰
type: NodePort
nodePort: 3306
2.键值对嵌套:
仅支持key:value [a,b,c]
键值对嵌套键值对 key:{k1:v1}
格式2 缩进2格
key:
k1:
v1
3.键值对嵌套数组 key:[a,b,c]
格式2
数组嵌套键值对
json格式;
{ "kind" : "Pod", "apiVersion" : "v1", "metadata" : {"name" : "myweb"}, "spec" : {"containers" : [{"name" : "webserver" , "image" : "myos:nginx"}]}, "status" : {} }
/etc/kubernetes/manifests 静态Pod文件
/var/lib/kubelet/config.yaml kubelet配置文件
[root@master ~]# vim myweb.yaml --- kind: Pod apiVersion: v1 metadata: name: myweb spec: containers: - name: webserver image: myos:nginx
资源文件管理命令
子命令 | 说明 | 备注 |
---|---|---|
create | 创建文件中定义的资源 | 支持指令式和资源对象文件配置 |
apply | 创建(更新)文件中定义的资源 | 只支持资源对象文件(声明式) |
delete | 删除文件中定义的资源 | 支持指令式和资源对象文件配置 |
create
# 创建资源对象 [root@master ~]# kubectl create -f myweb.yaml pod/myweb created # 不能更新,重复执行会报错 [root@master ~]# kubectl create -f myweb.yaml Error from server (AlreadyExists): error when creating "myweb.yaml": pods "myweb" already exists
delete
# 使用资源对象文件删除 [root@master ~]# kubectl delete -f myhttp.yaml pod "myhttp" deleted 相同效果kubectl delete pods myweb [root@master ~]# kubectl get pods No resources found in default namespace.
apply
# 创建资源对象 [root@master ~]# kubectl apply -f myweb.yaml pod/myweb created # 更新资源对象 [root@master ~]# kubectl apply -f myweb.yaml pod/myweb configured # 删除资源对象 [root@master ~]# kubectl delete -f myweb.yaml pod "myweb" deleted # 拓展提高 # 与 kubectl apply -f myweb.yaml 功能相同 [root@master ~]# cat myweb.yaml |kubectl apply -f -
使用一下命令可以快速建立多个myweb.yaml文件
sed 's,myweb,web2' myweb.yaml | kubectl apply -f -
for i in web{1..9};do
sed "s,myweb,${i}," myweb.yaml;
done | kubectl apply -f -