![2b8a52da9833fd380b36fcd1704c8651.png](https://img-blog.csdnimg.cn/img_convert/2b8a52da9833fd380b36fcd1704c8651.png)
kubectl常用命令归档:
1 - k8s运行的服务是 kubectl,一般这个服务要设置默认开机启动
[root@k8s-master ~]# systemctl enable kubelet.service
2 - 查看命令帮助
[root@k8s-master ~]# kubectl -h
3 - 查看更详细pod内容
[root@k8s-master ~]# kubectl get pod -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
nginx-ds-ct2lx 1/1 Running 0 24h 10.244.2.2 k8s-node2 <none> <none>
nginx-ds-gpslg 1/1 Running 0 24h 10.244.1.2 k8s-node <none> <none>
4 - 查看单个Pod的当前状态
[root@k8s-master ~]# kubectl describe pod nginx-ds-ct2lx
Name: nginx-ds-ct2lx
Namespace: default
Priority: 0
Node: k8s-node2/10.0.0.220
Start Time: Thu, 28 May 2020 15:33:34 +0800
Labels: app=nginx-ds
controller-revision-hash=65d4b5cd6b
pod-template-generation=1
Annotations: <none>
Status: Running
IP: 10.244.2.2
IPs:
IP: 10.244.2.2
Controlled By: DaemonSet/nginx-ds
Containers:
my-nginx:
Container ID: docker://6f22f3ed661ef1d05ab3609e09843c0c6e253e06528ae4a817fa71156eb0be80
Image: nginx:1.7.9
Image ID: docker-pullable://nginx@sha256:e3456c851a152494c3e4ff5fcc26f240206abac0c9d794affb40e0714846c451
Port: 80/TCP
Host Port: 0/TCP
State: Running
Started: Thu, 28 May 2020 15:35:03 +0800
Ready: True
Restart Count: 0
Environment: <none>
Mounts:
/var/run/secrets/kubernetes.io/serviceaccount from default-token-gf85d (ro)
Conditions:
Type Status
Initialized True
Ready False
ContainersReady True
PodScheduled True
Volumes:
default-token-gf85d:
Type: Secret (a volume populated by a Secret)
SecretName: default-token-gf85d
Optional: false
QoS Class: BestEffort
Node-Selectors: <none>
Tolerations: node.kubernetes.io/disk-pressure:NoSchedule
node.kubernetes.io/memory-pressure:NoSchedule
node.kubernetes.io/not-ready:NoExecute
node.kubernetes.io/pid-pressure:NoSchedule
node.kubernetes.io/unreachable:NoExecute
node.kubernetes.io/unschedulable:NoSchedule
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Scheduled <unknown> default-scheduler Successfully assigned default/nginx-ds-ct2lx to k8s-node2
Normal Pulling 24h kubelet, k8s-node2 Pulling image "nginx:1.7.9"
Normal Pulled 24h kubelet, k8s-node2 Successfully pulled image "nginx:1.7.9"
Normal Created 24h kubelet, k8s-node2 Created container my-nginx
Normal Started 24h kubelet, k8s-node2 Started container my-nginx
5 - 查看命名空间下所有pod的状态
[root@k8s-master ~]# kubectl get pod -n kube-system
NAME READY STATUS RESTARTS AGE
coredns-7ff77c879f-55ltm 1/1 Running 2 28h
coredns-7ff77c879f-99twh 1/1 Running 2 28h
etcd-k8s-master 1/1 Running 6 28h
kube-apiserver-k8s-master 1/1 Running 5 28h
kube-controller-manager-k8s-master 1/1 Running 5 28h
kube-flannel-ds-amd64-hzssh 1/1 Running 2 25h
kube-flannel-ds-amd64-jlgq8 1/1 Running 2 25h
kube-flannel-ds-amd64-n7kbj 1/1 Running 2 25h
kube-proxy-2tk6m 1/1 Running 0 25h
kube-proxy-b546c 1/1 Running 6 28h
kube-proxy-jv45b 1/1 Running 0 25h
kube-scheduler-k8s-master 1/1 Running 5 28h
6 - 查看某个命名空间下的pod当前状态(查看kube-scheduler-k8s-master)
[root@k8s-master ~]# kubectl describe pod kube-scheduler-k8s-master -n kube-system
Name: kube-scheduler-k8s-master
Namespace: kube-system
Priority: 2000000000
Priority Class Name: system-cluster-critical
Node: k8s-master/10.0.0.200
Start Time: Fri, 29 May 2020 15:54:35 +0800
Labels: component=kube-scheduler
tier=control-plane
Annotations: kubernetes.io/config.hash: 2c04fc5e4761bd2ada4d5c31bd4317ad
kubernetes.io/config.mirror: 2c04fc5e4761bd2ada4d5c31bd4317ad
kubernetes.io/config.seen: 2020-05-28T12:06:12.513422254+08:00
kubernetes.io/config.source: file
Status: Running
IP: 10.0.0.200
IPs:
IP: 10.0.0.200
Controlled By: Node/k8s-master
Containers:
kube-scheduler:
Container ID: docker://33fe41e50133b7446d4e30d214c03fef8205788ec23d3b7793bb945db0cedf09
Image: registry.aliyuncs.com/google_containers/kube-scheduler:v1.18.1
Image ID: docker-pullable://registry.aliyuncs.com/google_containers/kube-scheduler@sha256:28e3b5320504fd20622e6860459f128289a3d4d8d17ac9dfb4408ca171e9e4bc
Port: <none>
Host Port: <none>
Command:
kube-scheduler
--authentication-kubeconfig=/etc/kubernetes/scheduler.conf
--authorization-kubeconfig=/etc/kubernetes/scheduler.conf
--bind-address=127.0.0.1
--kubeconfig=/etc/kubernetes/scheduler.conf
--leader-elect=true
State: Running
Started: Fri, 29 May 2020 15:54:39 +0800
Last State: Terminated
Reason: Error
Exit Code: 2
Started: Thu, 28 May 2020 18:23:55 +0800
Finished: Thu, 28 May 2020 18:35:29 +0800
Ready: True
Restart Count: 5
Requests:
cpu: 100m
Liveness: http-get https://127.0.0.1:10259/healthz delay=15s timeout=15s period=10s #success=1 #failure=8
Environment: <none>
Mounts:
/etc/kubernetes/scheduler.conf from kubeconfig (ro)
Conditions:
Type Status
Initialized True
Ready True
ContainersReady True
PodScheduled True
Volumes:
kubeconfig:
Type: HostPath (bare host directory volume)
Path: /etc/kubernetes/scheduler.conf
HostPathType: FileOrCreate
QoS Class: Burstable
Node-Selectors: <none>
Tolerations: :NoExecute
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal SandboxChanged 21h kubelet, k8s-master Pod sandbox changed, it will be killed and re-created.
Normal Pulled 21h kubelet, k8s-master Container image "registry.aliyuncs.com/google_containers/kube-scheduler:v1.18.1" already present on machine
Normal Created 21h kubelet, k8s-master Created container kube-scheduler
Normal Started 21h kubelet, k8s-master Started container kube-scheduler
Normal SandboxChanged 15m kubelet, k8s-master Pod sandbox changed, it will be killed and re-created.
Normal Pulled 15m kubelet, k8s-master Container image "registry.aliyuncs.com/google_containers/kube-scheduler:v1.18.1" already present on machine
Normal Created 15m kubelet, k8s-master Created container kube-scheduler
Normal Started 15m kubelet, k8s-master Started container kube-scheduler
7 - 进入到这个pod的容器内部(进kube-scheduler-k8s-master)
[root@k8s-master ~]# kubectl -n kube-system exec -it kube-scheduler-k8s-master sh
kubectl exec [POD] [COMMAND] is DEPRECATED and will be removed in a future version. Use kubectl kubectl exec [POD] -- [COMMAND] instead.
# ls
bin dev home lib64 mnt proc run srv tmp var
boot etc lib media opt root sbin sys usr
#
8 - 将单个 pod 的详细信息输出为 YAML 格式的对象
[root@k8s-master ~]# kubectl get pod nginx-ds-ct2lx -o yaml
9 - 通过使用 --sort-by 参数指定任何数字或字符串字段来对对象进行排序
[root@k8s-master ~]# kubectl get pods --sort-by=.metadata.name
NAME READY STATUS RESTARTS AGE
nginx-ds-ct2lx 1/1 Running 0 25h
nginx-ds-gpslg 1/1 Running 0 25h
10 - 使用 example-service.yaml 中的定义创建服务
[root@k8s-master ~]# kubectl apply -f example-service.yaml
11 - 使用 example-controller.yaml 中的定义创建 replication controller
[root@k8s-master ~]# kubectl apply -f example-controller.yaml
12 - kubectl get - 列出一个或多个资源
## 以纯文本输出格式列出所有 pod。
[root@k8s-master ~]# kubectl get pods
NAME READY STATUS RESTARTS AGE
nginx-ds-ct2lx 1/1 Running 0 25h
nginx-ds-gpslg 1/1 Running 0 25h
## 以纯文本输出格式列出所有 pod,并包含附加信息(如节点名)。
[root@k8s-master ~]# kubectl get pods -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
nginx-ds-ct2lx 1/1 Running 0 25h 10.244.2.2 k8s-node2 <none> <none>
nginx-ds-gpslg 1/1 Running 0 25h 10.244.1.2 k8s-node <none> <none>
## 以纯文本输出格式列出所有副本控制器和服务。
[root@k8s-master ~]# kubectl get rc,services
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/kubernetes ClusterIP 10.1.0.1 <none> 443/TCP 28h
service/nginx-ds NodePort 10.1.163.141 <none> 80:30164/TCP 25h
## 列出在节点 k8s-node 上运行的所有 pod
[root@k8s-master ~]# kubectl get pods --field-selector=spec.nodeName=k8s-node
NAME READY STATUS RESTARTS AGE
nginx-ds-gpslg 1/1 Running 0 25h
13 - kubectl describe - 显示一个或多个资源的详细状态,默认情况下包括未初始化的资源
## 显示名称为 k8s-node的节点的详细信息。
[root@k8s-master ~]# kubectl describe nodes k8s-node
## 显示名为 nginx-ds-gpslg 的 pod 的详细信息。
[root@k8s-master ~]# kubectl describe pods/nginx-ds-gpslg
Name: nginx-ds-gpslg
Namespace: default
Priority: 0
Node: k8s-node/10.0.0.210
Start Time: Thu, 28 May 2020 15:33:34 +0800
Labels: app=nginx-ds
controller-revision-hash=65d4b5cd6b
pod-template-generation=1
Annotations: <none>
Status: Running
IP: 10.244.1.2
IPs:
IP: 10.244.1.2
#
…………………………………………………………………………
14 - kubectl get 命令
kubectl get 命令通常用于检索同一资源类型的一个或多个资源。
它具有丰富的参数,允许您使用 -o 或 --output 参数自定义输出格式。
您可以指定 -w 或 --watch 参数以开始观察特定对象的更新。
kubectl describe 命令更侧重于描述指定资源的许多相关方面。
它可以调用对 API 服务器 的多个 API 调用来为用户构建视图。
例如,该 kubectl describe node 命令不仅检索有关节点的信息,还检索在其上运行的 pod 的摘要,为节点生成的事件等。
15 - kubectl delete - 从文件、stdin 或指定标签选择器、名称、资源选择器或资源中删除资源
## 使用 pod.yaml 文件中指定的类型和名称删除 pod。
[root@k8s-master ~]# kubectl delete -f pod.yaml
## 删除标签名= <label-name> 的所有 pod 和服务。
[root@k8s-master ~]# kubectl delete pods,services -l name=<label-name>
## 删除所有具有标签名称= <label-name> 的 pod 和服务,包括未初始化的那些。
[root@k8s-master ~]# kubectl delete pods,services -l name=<label-name> --include-uninitialized
## 删除所有 pod,包括未初始化的 pod
[root@k8s-master ~]# kubectl delete pods --all
16 - kubectl exec - 对 pod 中的容器执行命令
## 从 pod <pod-name> 中获取运行 'date' 的输出。默认情况下,输出来自第一个容器。
[root@k8s-master ~]# kubectl exec <pod-name> date
## 运行输出 'date' 获取在容器的 <container-name> 中 pod <pod-name> 的输出。
[root@k8s-master ~]# kubectl exec <pod-name> -c <container-name> date
## 获取一个交互 TTY 并运行 /bin/bash <pod-name >。默认情况下,输出来自第一个容器。
[root@k8s-master ~]# kubectl exec -ti <pod-name> /bin/bash
官方的kubectl参考:
Kubectl Reference Docskubernetes.io二、 安装调试工具利器 kubectl-debug(Pod故障诊断)
kubectl-debug 是一个简单的 kubectl 插件, 能够帮助你便捷地进行 Kubernetes 上的 Pod 排障诊断. 背后做的事情很简单: 在运行中的 Pod 上额外起一个新容器, 并将新容器加入到目标容器的 pid, network, user 以及 ipc namespace 中, 这时我们就可以在新容器中直接用 netstat, tcpdump 这些熟悉的工具来解决问题了, 而旧容器可以保持最小化, 不需要预装任何额外的排障工具。
kubectl-debug 包含两部分, 一部分是用户侧的 kubectl 插件, 另一部分是部署在所有 k8s 节点上的 agent(用于启动"新容器", 同时也作为 SPDY 连接的中继). 在 agentless 中, kubectl-debug 会在 debug 开始时创建 debug-agent Pod, 并在结束后自动清理.(默认开启agentless模式)
![9a526db63937dbf08eb8008bb026cf0d.png](https://img-blog.csdnimg.cn/img_convert/9a526db63937dbf08eb8008bb026cf0d.png)
步骤分别是:
+ 插件查询 ApiServer:demo-pod 是否存在,所在节点是什么
+ ApiServer 返回 demo-pod 所在所在节点
+ 插件请求在目标节点上创建 Debug Agent Pod
+ Kubelet 创建 Debug Agent Pod
+ 插件发现 Debug Agent 已经 Ready,发起 debug 请求(长连接)
+ Debug Agent 收到 debug 请求,创建 Debug 容器并加入目标容器的各个 Namespace 中,创建完成后,与 Debug 容器的 tty 建立连接
+ 接下来,客户端就可以开始通过 5,6 这两个连接开始 debug 操作。操作结束后,Debug Agent 清理 Debug 容器,插件清理 Debug Agent,一次 Debug 完成。
安装
1 -下载安装 kubectl debug 插件
[root@k8s-master ~]# tar -zxvf kubectl-debug.tar.gz
LICENSE
README.md
kubectl-debug
[root@k8s-master ~]# ls
abc.cfg flannel-v12.tar kubectl-debug.tar.gz LICENSE README.md
anaconda-ks.cfg kubectl-debug kube-flannel.yml nginx-ds.yml recommended.yaml
[root@k8s-master ~]# mv kubectl-debug /usr/local/bin/
2 - 安装 debug-agent DaemonSet
[root@k8s-master ~]# kubectl apply -f
> https://raw.githubusercontent.com/aylei/kubectl-debug/master/scripts/agent_daemonset.yml
daemonset.apps/debug-agent created
![cf84cb344c2311e23578dffdd0a7d6ff.png](https://img-blog.csdnimg.cn/img_convert/cf84cb344c2311e23578dffdd0a7d6ff.png)