OpenShift 4 之一些有用的命令
- oc 是如何访问API Server的
- oc whomai
- 获得集群的 Sub-DomainName
- 自动命令补全
- 获取内部Registry
- 获取集群信息
- 获取OpenShift集群版本
- 获取API对象类型和版本
- 解释K8s对象的API结构
- 查看K8s对象的API版本
- 转换对象API的版本
- 获取节点信息
- 获取当前OpenShift发行版本以及相关Image详细信息
- 列出节点运行的所有Pod
- 删除一个应用所有相关对象
- 查看Pod/Image/ImageStream/Node使用资源排名
- 列出Pod中的Container名称
- 删除已经完成的Pod
- 列出集群中存储的所有容器
- 列出PROJECT中包含的所有类型对象
- 将要创建的应用对象生成YAML文件
- 部署包含2个Container的Pod应用
- 导出项目中的K8s对象资源
- 关闭/开启OpenShift集群更新后节点自动重启
- 更新新的pull-secret
- 使用custom-columns
- 按照过滤条件查找对象
- 获取对象的特定 annotations 内容
- 删除用户
- 根据json查找所有项目里的pvc
- 从secret中获取证书
- 查看master证书
- 查看OperatorHub中所有可用Operator
- 导出指定Kubernetes对象资源
- kubectl 命令示例
oc 是如何访问API Server的
$ oc whoami -t --loglevel
oc whomai
- 获得登录用户的token
$ oc whoami -t
- 获得API Server地址
$ oc whoami --show-server
- 获得Console地址
$ oc whoami --show-console
- 获得登录用户的Conext
$ oc whoami -c
获得集群的 Sub-DomainName
$ oc get ingresscontroller default -n openshift-ingress-operator -o jsonpath='{.status.domain}'
apps.cluster-vrpf7.vrpf7.sandbox1239.opentlc.com
自动命令补全
先执行以下命令,然后重新登录即可。
$ yum -y install bash-completion
$ oc completion bash >> /etc/bash_completion.d/oc_completion
获取内部Registry
$ oc registry info
image-registry.openshift-image-registry.svc:5000
获取集群信息
$ oc cluster-info
Kubernetes master is running at https://api.crc.testing:6443
获取OpenShift集群版本
$ oc get clusterversions
NAME VERSION AVAILABLE PROGRESSING SINCE STATUS
version 4.2.8 True False 22d Cluster version is 4.2.8
获取API对象类型和版本
$ oc api-resources
NAME SHORTNAMES APIGROUP NAMESPACED KIND
bindings true Binding
componentstatuses cs false ComponentStatus
configmaps cm true ConfigMap
endpoints ep true Endpoints
events ev true Event
limitranges limits true LimitRange
namespaces ns false Namespace
nodes no false Node
persistentvolumeclaims pvc true PersistentVolumeClaim
persistentvolumes pv false PersistentVolume
pods po true Pod
podtemplates true PodTemplate
replicationcontrollers rc true ReplicationController
resourcequotas quota true ResourceQuota
secrets true Secret
serviceaccounts sa true ServiceAccount
services svc true Service
mutatingwebhookconfigurations admissionregistration.k8s.io false MutatingWebhookConfiguration
validatingwebhookconfigurations admissionregistration.k8s.io false ValidatingWebhookConfiguration
customresourcedefinitions crd,crds apiextensions.k8s.io false CustomResourceDefinition
apiservices apiregistration.k8s.io false APIService
controllerrevisions apps true ControllerRevision
daemonsets ds apps true DaemonSet
deployments deploy apps true Deployment
replicasets rs apps true ReplicaSet
statefulsets sts apps true StatefulSet
deploymentconfigs dc apps.openshift.io true DeploymentConfig
tokenreviews authentication.k8s.io false TokenReview
localsubjectaccessreviews authorization.k8s.io true LocalSubjectAccessReview
selfsubjectaccessreviews authorization.k8s.io false SelfSubjectAccessReview
selfsubjectrulesreviews authorization.k8s.io false SelfSubjectRulesReview
subjectaccessreviews authorization.k8s.io false SubjectAccessReview
clusterrolebindings authorization.openshift.io false ClusterRoleBinding
clusterroles authorization.openshift.io false ClusterRole
localresourceaccessreviews authorization.openshift.io true LocalResourceAccessReview
localsubjectaccessreviews authorization.openshift.io true LocalSubjectAccessReview
resourceaccessreviews authorization.openshift.io false ResourceAccessReview
rolebindingrestrictions authorization.openshift.io true RoleBindingRestriction
rolebindings authorization.openshift.io true RoleBinding
roles authorization.openshift.io true Role
selfsubjectrulesreviews authorization.openshift.io true SelfSubjectRulesReview
subjectaccessreviews authorization.openshift.io false SubjectAccessReview
subjectrulesreviews authorization.openshift.io true SubjectRulesReview
horizontalpodautoscalers hpa autoscaling true HorizontalPodAutoscaler
clusterautoscalers autoscaling.openshift.io false ClusterAutoscaler
machineautoscalers autoscaling.openshift.io true MachineAutoscaler
cronjobs cj batch true CronJob
jobs batch true Job
buildconfigs bc build.openshift.io true BuildConfig
builds build.openshift.io true Build
certificatesigningrequests csr certificates.k8s.io false CertificateSigningRequest
credentialsrequests cloudcredential.openshift.io true CredentialsRequest
apiservers config.openshift.io false APIServer
authentications config.openshift.io false Authentication
builds config.openshift.io false Build
clusteroperators co config.openshift.io false ClusterOperator
clusterversions config.openshift.io false ClusterVersion
consoles config.openshift.io false Console
dnses config.openshift.io false DNS
featuregates config.openshift.io false FeatureGate
images config.openshift.io false Image
infrastructures config.openshift.io false Infrastructure
ingresses config.openshift.io false Ingress
networks config.openshift.io false Network
oauths config.openshift.io false OAuth
operatorhubs config.openshift.io false OperatorHub
projects config.openshift.io false Project
proxies config.openshift.io false Proxy
schedulers config.openshift.io false Scheduler
consoleclidownloads console.openshift.io false ConsoleCLIDownload
consoleexternalloglinks console.openshift.io false ConsoleExternalLogLink
consolelinks console.openshift.io false ConsoleLink
consolenotifications console.openshift.io false ConsoleNotification
leases coordination.k8s.io true Lease
events ev events.k8s.io true Event
daemonsets ds extensions true DaemonSet
deployments deploy extensions true Deployment
ingresses ing extensions true Ingress
networkpolicies netpol extensions true NetworkPolicy
podsecuritypolicies psp extensions false PodSecurityPolicy
replicasets rs extensions true ReplicaSet
machinedisruptionbudgets mdb,mdbs healthchecking.openshift.io true MachineDisruptionBudget
machinehealthchecks mhc,mhcs healthchecking.openshift.io true MachineHealthCheck
images image.openshift.io false Image
imagesignatures image.openshift.io false ImageSignature
imagestreamimages isimage image.openshift.io true ImageStreamImage
imagestreamimports image.openshift.io true ImageStreamImport
imagestreammappings image.openshift.io true ImageStreamMapping
imagestreams is image.openshift.io true ImageStream
imagestreamtags istag image.openshift.io true ImageStreamTag
configs imageregistry.operator.openshift.io false Config
dnsrecords ingress.operator.openshift.io true DNSRecord
network-attachment-definitions net-attach-def k8s.cni.cncf.io true NetworkAttachmentDefinition
machines machine.openshift.io true Machine
machinesets machine.openshift.io true MachineSet
containerruntimeconfigs ctrcfg machineconfiguration.openshift.io false ContainerRuntimeConfig
controllerconfigs machineconfiguration.openshift.io false ControllerConfig
kubeletconfigs machineconfiguration.openshift.io false KubeletConfig
machineconfigpools mcp machineconfiguration.openshift.io false MachineConfigPool
machineconfigs mc machineconfiguration.openshift.io false MachineConfig
mcoconfigs machineconfiguration.openshift.io true MCOConfig
baremetalhosts bmh,bmhost metal3.io true BareMetalHost
alertmanagers monitoring.coreos.com true Alertmanager
podmonitors monitoring.coreos.com true PodMonitor
prometheuses monitoring.coreos.com true Prometheus
prometheusrules monitoring.coreos.com true PrometheusRule
servicemonitors monitoring.coreos.com true ServiceMonitor
clusternetworks network.openshift.io false ClusterNetwork
egressnetworkpolicies network.openshift.io true EgressNetworkPolicy
hostsubnets network.openshift.io false HostSubnet
netnamespaces network.openshift.io false NetNamespace
ingresses ing networking.k8s.io true Ingress
networkpolicies netpol networking.k8s.io true NetworkPolicy
runtimeclasses node.k8s.io false RuntimeClass
oauthaccesstokens oauth.openshift.io false OAuthAccessToken
oauthauthorizetokens oauth.openshift.io false OAuthAuthorizeToken
oauthclientauthorizations oauth.openshift.io false OAuthClientAuthorization
oauthclients oauth.openshift.io false OAuthClient
authentications operator.openshift.io false Authentication
consoles operator.openshift.io false Console
dnses operator.openshift.io false DNS
imagecontentsourcepolicies operator.openshift.io false ImageContentSourcePolicy
ingresscontrollers operator.openshift.io true IngressController
kubeapiservers operator.openshift.io false KubeAPIServer
kubecontrollermanagers operator.openshift.io false KubeControllerManager
kubeschedulers operator.openshift.io false KubeScheduler
networks operator.openshift.io false Network
openshiftapiservers operator.openshift.io false OpenShiftAPIServer
openshiftcontrollermanagers operator.openshift.io false OpenShiftControllerManager
servicecas operator.openshift.io false ServiceCA
servicecatalogapiservers operator.openshift.io false ServiceCatalogAPIServer
servicecatalogcontrollermanagers operator.openshift.io false ServiceCatalogControllerManager
catalogsourceconfigs csc operators.coreos.com true CatalogSourceConfig
catalogsources catsrc operators.coreos.com true CatalogSource
clusterserviceversions csv,csvs operators.coreos.com true ClusterServiceVersion
installplans ip operators.coreos.com true InstallPlan
operatorgroups og operators.coreos.com true OperatorGroup
operatorsources opsrc operators.coreos.com true OperatorSource
subscriptions sub,subs operators.coreos.com true Subscription
packagemanifests packages.operators.coreos.com true PackageManifest
poddisruptionbudgets pdb policy true PodDisruptionBudget
podsecuritypolicies psp policy false PodSecurityPolicy
projectrequests project.openshift.io false ProjectRequest
projects project.openshift.io false Project
appliedclusterresourcequotas quota.openshift.io true AppliedClusterResourceQuota
clusterresourcequotas clusterquota quota.openshift.io false ClusterResourceQuota
clusterrolebindings rbac.authorization.k8s.io false ClusterRoleBinding
clusterroles rbac.authorization.k8s.io false ClusterRole
rolebindings rbac.authorization.k8s.io true RoleBinding
roles rbac.authorization.k8s.io true Role
routes route.openshift.io true Route
configs samples.operator.openshift.io false Config
priorityclasses pc scheduling.k8s.io false PriorityClass
podsecuritypolicyreviews security.openshift.io true PodSecurityPolicyReview
podsecuritypolicyselfsubjectreviews security.openshift.io true PodSecurityPolicySelfSubjectReview
podsecuritypolicysubjectreviews security.openshift.io true PodSecurityPolicySubjectReview
rangeallocations security.openshift.io false RangeAllocation
securitycontextconstraints scc security.openshift.io false SecurityContextConstraints
csidrivers storage.k8s.io false CSIDriver
csinodes storage.k8s.io false CSINode
storageclasses sc storage.k8s.io false StorageClass
volumeattachments storage.k8s.io false VolumeAttachment
brokertemplateinstances template.openshift.io false BrokerTemplateInstance
processedtemplates template.openshift.io true Template
templateinstances template.openshift.io true TemplateInstance
templates template.openshift.io true Template
tuneds tuned.openshift.io true Tuned
groups user.openshift.io false Group
identities user.openshift.io false Identity
useridentitymappings user.openshift.io false UserIdentityMapping
users user.openshift.io false User
$ oc api-versions
admissionregistration.k8s.io/v1beta1
apiextensions.k8s.io/v1beta1
apiregistration.k8s.io/v1
apiregistration.k8s.io/v1beta1
apps.openshift.io/v1
apps/v1
apps/v1beta1
apps/v1beta2
authentication.k8s.io/v1
authentication.k8s.io/v1beta1
authorization.k8s.io/v1
authorization.k8s.io/v1beta1
authorization.openshift.io/v1
autoscaling.openshift.io/v1
autoscaling.openshift.io/v1beta1
autoscaling/v1
autoscaling/v2beta1
autoscaling/v2beta2
batch/v1
batch/v1beta1
build.openshift.io/v1
certificates.k8s.io/v1beta1
cloudcredential.openshift.io/v1
config.openshift.io/v1
console.openshift.io/v1
coordination.k8s.io/v1
coordination.k8s.io/v1beta1
events.k8s.io/v1beta1
extensions/v1beta1
healthchecking.openshift.io/v1alpha1
image.openshift.io/v1
imageregistry.operator.openshift.io/v1
ingress.operator.openshift.io/v1
k8s.cni.cncf.io/v1
machine.openshift.io/v1beta1
machineconfiguration.openshift.io/v1
metal3.io/v1alpha1
monitoring.coreos.com/v1
network.openshift.io/v1
networking.k8s.io/v1
networking.k8s.io/v1beta1
node.k8s.io/v1beta1
oauth.openshift.io/v1
operator.openshift.io/v1
operator.openshift.io/v1alpha1
operators.coreos.com/v1
operators.coreos.com/v1alpha1
operators.coreos.com/v1alpha2
operators.coreos.com/v2
packages.operators.coreos.com/v1
policy/v1beta1
project.openshift.io/v1
quota.openshift.io/v1
rbac.authorization.k8s.io/v1
rbac.authorization.k8s.io/v1beta1
route.openshift.io/v1
samples.operator.openshift.io/v1
scheduling.k8s.io/v1
scheduling.k8s.io/v1beta1
security.openshift.io/v1
storage.k8s.io/v1
storage.k8s.io/v1beta1
template.openshift.io/v1
tuned.openshift.io/v1
user.openshift.io/v1
v1
解释K8s对象的API结构
$ oc explain Pod --recursive
$ oc explain pod.spec.affinity
查看K8s对象的API版本
$ oc get --raw /apis/autoscaling/v2beta2
{"kind":"APIResourceList","apiVersion":"v1","groupVersion":"autoscaling/v2beta2","resources":[{"name":"horizontalpodautoscalers","singularName":"","namespaced":true,"kind":"HorizontalPodAutoscaler","verbs":["create","delete","deletecollection","get","list","patch","update","watch"],"shortNames":["hpa"],"categories":["all"],"storageVersionHash":"oQlkt7f5j/A="},{"name":"horizontalpodautoscalers/status","singularName":"","namespaced":true,"kind":"HorizontalPodAutoscaler","verbs":["get","patch","update"]}]}
转换对象API的版本
将pod.yaml转换成最新的对象版本,并打印出来。
$ oc convert -f pod.yaml
获取节点信息
$ oc get nodes -o wide
NAME STATUS ROLES AGE VERSION INTERNAL-IP EXTERNAL-IP OS-IMAGE KERNEL-VERSION CONTAINER-RUNTIME
crc-2n9vw-master-0 Ready master,worker 22d v1.14.6+6ac6aa4b0 192.168.130.11 <none> Red Hat Enterprise Linux CoreOS 42.81.20191119.1 (Ootpa) 4.18.0-147.0.3.el8_1.x86_64 cri-o://1.14.11-0.24.dev.rhaos4.2.gitc41de67.el8
获取当前OpenShift发行版本以及相关Image详细信息
$ oc adm release info --commits
Name: 4.2.8
Digest: sha256:4bf307b98beba4d42da3316464013eac120c6e5a398646863ef92b0e2c621230
Created: 2019-11-21T09:36:15Z
OS/Arch: linux/amd64
Manifests: 324
Metadata files: 4
Pull From: quay.io/openshift-release-dev/ocp-release@sha256:4bf307b98beba4d42da3316464013eac120c6e5a398646863ef92b0e2c621230
Release Metadata:
Version: 4.2.8
Upgrades: 4.1.24, 4.2.0, 4.2.2, 4.2.4, 4.2.7
Metadata:
description:
Metadata:
url: https://access.redhat.com/errata/RHBA-2019:3919
Component Versions:
Kubernetes 1.14.6
Images:
NAME REPO COMMIT
aws-machine-controllers https://github.com/openshift/cluster-api-provider-aws d77b7ae80f23ce511c620f095e8d10844929311c
azure-machine-controllers https://github.com/openshift/cluster-api-provider-azure 719f40a46924bb1a46143a8df291b33ec17075b8
baremetal-installer https://github.com/openshift/installer 425e4ff0037487e32571258640b39f56d5ee5572
baremetal-machine-controllers https://github.com/openshift/cluster-api-provider-baremetal a2a477909c1d518ef7cf28601e5d7db56a4d4069
baremetal-operator https://github.com/openshift/baremetal-operator 7869f83d0e93fdb9c589eaf66b7d459d67b39f83
baremetal-runtimecfg https://github.com/openshift/baremetal-runtimecfg d5bb4c0889ee6c57675def821103f42f6eefcd35
cli https://github.com/openshift/oc 420c3d6212a959907360fb0b6545f2f0ab173271
cli-artifacts https://github.com/openshift/oc 420c3d6212a959907360fb0b6545f2f0ab173271
cloud-credential-operator https://github.com/openshift/cloud-credential-operator b905f49fd022cdc6674a85fa4bcf0f423128831b
cluster-authentication-operator https://github.com/openshift/cluster-authentication-operator 64fc3691e84c60d7e395c9f3c7d1653bcbe78604
cluster-autoscaler https://github.com/openshift/kubernetes-autoscaler c44b83dacbdd3dc6bc051c96a1b0d6f6865c685b
cluster-autoscaler-operator https://github.com/openshift/cluster-autoscaler-operator 045aea45264c5d47ccfdc924906f43a016eab169
cluster-bootstrap https://github.com/openshift/cluster-bootstrap 106f76b4d183cc24e58d26b3b57b2bf1e2362a9d
cluster-config-operator https://github.com/openshift/cluster-config-operator 7e4895c7e79826566b0bcfab724b8b21cecc597d
cluster-dns-operator https://github.com/openshift/cluster-dns-operator b751e751a3a421a3039eeb25b2859dc5f17cc679
cluster-image-registry-operator https://github.com/openshift/cluster-image-registry-operator 8743c75acda13f0033002d897129d7756b92d655
cluster-ingress-operator https://github.com/openshift/cluster-ingress-operator 2a6afceeef9e96bf586bcc8effe57c7e45c3ecd0
cluster-kube-apiserver-operator https://github.com/openshift/cluster-kube-apiserver-operator 2515807cd5baf006944df47595deaba12a3a08e5
cluster-kube-controller-manager-operator https://github.com/openshift/cluster-kube-controller-manager-operator 1525b57ebafdec3d15886ec47e4efa5bfeb34e69
cluster-kube-scheduler-operator https://github.com/openshift/cluster-kube-scheduler-operator a42fcb7538e6fecad9278d650b04aced7c4e88be
cluster-machine-approver https://github.com/openshift/cluster-machine-approver a4a28b0e09ea04592319782a9fb9398aa9569934
cluster-monitoring-operator https://github.com/openshift/cluster-monitoring-operator 7e2d7841ff7ba5532c9662cba1b1103b04bf3990
cluster-network-operator https://github.com/openshift/cluster-network-operator 63b0cb389ac17cfcaabd77b957d5b0d9287842b1
cluster-node-tuned https://github.com/openshift/openshift-tuned eeaa972122468e5521344d3d88e18565f308c304
cluster-node-tuning-operator https://github.com/openshift/cluster-node-tuning-operator 02247d0c731236178aa228816e03ee4357c67de9
cluster-openshift-apiserver-operator https://github.com/openshift/cluster-openshift-apiserver-operator 76ae60eb1baa4496a5097c3be282873f99ea70d3
cluster-openshift-controller-manager-operator https://github.com/openshift/cluster-openshift-controller-manager-operator 377cff19428838c0b2c4fbde762e535471922a92
cluster-samples-operator https://github.com/openshift/cluster-samples-operator 533c9993c23611f26a3d26aecef037b93547e2f9
cluster-storage-operator https://github.com/openshift/cluster-storage-operator 7c627a01ca2b85f5dfdd901950398c697e3c87e9
cluster-svcat-apiserver-operator https://github.com/openshift/cluster-svcat-apiserver-operator f8b8b5b355d0b525d25600fe8713297be0a3e8bf
cluster-svcat-controller-manager-operator https://github.com/openshift/cluster-svcat-controller-manager-operator 9ef3f62c4b3d7b824c9b0b86c2081d694faff5ea
cluster-update-keys https://github.com/openshift/cluster-update-keys cca4ce696383e70ae669e770bd63265a9540b721
cluster-version-operator https://github.com/openshift/cluster-version-operator e5e468961b5fd687f65844d511690d7ed0046447
configmap-reloader https://github.com/openshift/configmap-reload 841b0bfe743999fcc9b0528ea689f728eb92aee7
console https://github.com/openshift/console cbd9bbd69dbca55b17f019eea4e7332f2b40cf0b
console-operator https://github.com/openshift/console-operator d6f670515cab5f7e4b56c161aad47515ad6a45f8
container-networking-plugins https://github.com/openshift/containernetworking-plugins b5e1059a79397ef886a8047cb4c61919c787f5f5
coredns https://github.com/openshift/coredns 51569b24b4a92d6d8df2020c2e8e2866c5e78266
deployer https://github.com/openshift/oc 420c3d6212a959907360fb0b6545f2f0ab173271
docker-builder https://github.com/openshift/builder 2f99856fb715f9ae1584a996ddef0770d3952167
docker-registry https://github.com/openshift/image-registry e3d24d9b1b9719423109805e93a82285db761827
etcd https://github.com/openshift/etcd 3ebe3d9fa2302e5ae4712781caac61fc12d5f7f9
gcp-machine-controllers https://github.com/openshift/cluster-api-provider-gcp 602750a8c1762faf052124fc400b9342514ed8f3
grafana https://github.com/openshift/grafana 91b439eee0cf1ac742ef63cf2a8f7fc9ea3e1432
haproxy-router https://github.com/openshift/router 9072754a0a4c311b0e5ac8a9707e692a9b4f7156
hyperkube https://github.com/openshift/ose 6ac6aa4b0fce97d28a292927555522f60291782b
insights-operator https://github.com/openshift/insights-operator 27768551b735b1cd6a4c9363db8b71a2a2b5c471
installer https://github.com/openshift/installer 425e4ff0037487e32571258640b39f56d5ee5572
installer-artifacts https://github.com/openshift/installer 425e4ff0037487e32571258640b39f56d5ee5572
ironic https://github.com/openshift/ironic-image 246346b5f7fb8f871ab61f6a49f820f84bda9d2f
ironic-inspector https://github.com/openshift/ironic-inspector-image b83630cefa1a72b2d8ce03c9701acb4f117ab6f5
ironic-ipa-downloader https://github.com/openshift/ironic-ipa-downloader b1a144985e413d0c7f3d66bf8f47ecf14e8d617d
ironic-rhcos-downloader https://github.com/openshift/ironic-rhcos-downloader 93c9e1c5cf83e25487933e46d5aadbe1c68dfea5
ironic-static-ip-manager https://github.com/openshift/ironic-static-ip-manager e33314bda6f366472a2371c5598ff2d7dba111c8
jenkins https://github.com/openshift/jenkins e13fbe9ff385ff29f7627aecbfb0727bbfe2d565
jenkins-agent-maven https://github.com/openshift/jenkins e13fbe9ff385ff29f7627aecbfb0727bbfe2d565
jenkins-agent-nodejs https://github.com/openshift/jenkins e13fbe9ff385ff29f7627aecbfb0727bbfe2d565
k8s-prometheus-adapter https://github.com/openshift/k8s-prometheus-adapter 9c5a42a3fb4bd2adfa24fc10292a36becc669e1e
keepalived-ipfailover https://github.com/openshift/images 1be922de56a99f4e254eb9c2fc42d30e5596cf77
kube-client-agent https://github.com/openshift/kubecsr 227189dae8e64eca5ad13a8bb96df8d8d5502f35
kube-etcd-signer-server https://github.com/openshift/kubecsr 227189dae8e64eca5ad13a8bb96df8d8d5502f35
kube-proxy https://github.com/openshift/sdn a8140cc16f57414529bde1d8a010ec6a4292bead
kube-rbac-proxy https://github.com/openshift/kube-rbac-proxy 2658b2444b9992ea474177c73ca9f40f68f04304
kube-state-metrics https://github.com/openshift/kube-state-metrics 07b29740ca81f5ddf527b8eb700247f7be4474a8
kuryr-cni https://github.com/openshift/kuryr-kubernetes 87d0a1bf2af11636cef2089f4e575a1fbb5db6af
kuryr-controller https://github.com/openshift/kuryr-kubernetes 87d0a1bf2af11636cef2089f4e575a1fbb5db6af
libvirt-machine-controllers https://github.com/openshift/cluster-api-provider-libvirt 8bf0d9472acb65f1c5134d847f6a5f7e5258a5b3
local-storage-static-provisioner https://github.com/openshift/sig-storage-local-static-provisioner da340b475eb847c17cefe2f2f9bf9be1a3382d4a
machine-api-operator https://github.com/openshift/machine-api-operator 474e14e4965a8c5e6788417c851ccc7fad1acb3a
machine-config-operator https://github.com/openshift/machine-config-operator 55bb5fc17da0c3d76e4ee6a55732f0cba93e8520
machine-os-content
mdns-publisher https://github.com/openshift/mdns-publisher b02f19c5243c9a3ef41eafc41e9d90a24adc0f60
multus-admission-controller https://github.com/openshift/multus-admission-controller ccd6c61c10aaa02c31a2053a1a6ac587cee6abb6
multus-cni https://github.com/openshift/multus-cni d3a1815632cc3e1c7beb10165f960b4708d097fa
must-gather https://github.com/openshift/must-gather 318faeffd87d70d6727fd4cb30da28aab7c87da3
node https://github.com/openshift/sdn a8140cc16f57414529bde1d8a010ec6a4292bead
oauth-proxy https://github.com/openshift/oauth-proxy 104fe17337fb627194e0848d2907a73016fef000
oauth-server https://github.com/openshift/oauth-server 3ac077fa8097fb851532453fa6e772e1dcfcb3bb
openshift-apiserver https://github.com/openshift/openshift-apiserver 55d971b2b5aa43b2ae45fed148cf73c149ca79a7
openshift-controller-manager https://github.com/openshift/openshift-controller-manager 76900b07c76cb81079d1421ac650c0d04c69a48f
openshift-state-metrics https://github.com/openshift/openshift-state-metrics c01d2de651071389d2621c46e934fd9cb2bf4b8d
openstack-machine-controllers https://github.com/openshift/cluster-api-provider-openstack 52a3e249a7053149b08374fd989fd5543d3bdcbd
operator-lifecycle-manager https://github.com/operator-framework/operator-lifecycle-manager 34c5c301b63d0d086ea5aa3153bb6c876ecd7ea8
operator-marketplace https://github.com/operator-framework/operator-marketplace 906bffd1dea6464efd9d73d42f03d411ef6cb158
operator-registry https://github.com/operator-framework/operator-registry 98ebd3400de159c019b864c6ef7c17eb426d9698
ovn-kubernetes https://github.com/openshift/ovn-kubernetes 2838bf96025aa08e0472c016294ce425b2ff15df
pod https://github.com/openshift/images 1be922de56a99f4e254eb9c2fc42d30e5596cf77
prom-label-proxy https://github.com/openshift/prom-label-proxy dd9a418af5835ddb1a5181ae6f1303f86d8b1ef3
prometheus https://github.com/openshift/prometheus 52650c0fd84e82e20b5dcfa283c69a9e7ada16cb
prometheus-alertmanager https://github.com/openshift/prometheus-alertmanager 6858fa0f51a7d37db0bb7ff7497aaeef3333f18b
prometheus-config-reloader https://github.com/openshift/prometheus-operator 38109e45e3a6de5243de6ec45067402b67726c95
prometheus-node-exporter https://github.com/openshift/node_exporter 177a938ce401c3928a025fc1fd2ea1ca0ce1c230
prometheus-operator https://github.com/openshift/prometheus-operator 38109e45e3a6de5243de6ec45067402b67726c95
sdn-controller https://github.com/openshift/sdn a8140cc16f57414529bde1d8a010ec6a4292bead
service-ca-operator https://github.com/openshift/service-ca-operator f6720573b9b63147436374e51e6fda44683b1e9f
service-catalog https://github.com/openshift/service-catalog 7d8b2a29d2e6f1daa81b9b788c944f07cf3513e1
telemeter https://github.com/openshift/telemeter 3308c2642bfb673cb6bb61d8e120436675c06c13
tests https://github.com/openshift/ose 6ac6aa4b0fce97d28a292927555522f60291782b
列出节点运行的所有Pod
$ oc describe node <NODENAME>
删除一个应用所有相关对象
$ oc delete all --selector app=<APP-NAME> -o name
查看Pod/Image/ImageStream/Node使用资源排名
$ oc adm top images
$ oc adm top imagestreams
以下需要新安装OpenShift的metrics功能
$ oc adm top pod
$ oc adm top node
列出Pod中的Container名称
$ oc get pods -o jsonpath="{.items[*].spec.containers[*].name}" -l app=**POD-NAME**
删除已经完成的Pod
$ oc delete pod --field-selector=status.phase==Succeeded --all-namespaces
列出集群中存储的所有容器
$ for node in $(oc get nodes -o name);do oc debug ${node} -- chroot /host sh -c 'crictl images -o json' 2>/dev/null | jq -r .images[].repoTags[]; done | sort -u
列出PROJECT中包含的所有类型对象
$ oc api-resources --verbs=list --namespaced -o name | xargs -n 1 oc get --show-kind --ignore-not-found -n <PROJECT>
将要创建的应用对象生成YAML文件
使用“–dry-run”+“-o yaml”的组合,可以生成需要创建的对象YAML文件。注意:部分命令的“–dry-run=true”已经被“–dry-run=client”替换了,可以查看命令参数确认到底使用哪个。
$ oc new-app https://github.com/openshift/ruby-hello-world -o yaml> myapp.yaml
$ vi myapp.yaml
$ oc create -f myapp.yaml
$ oc create deployment --image=nginx nginx --dry-run=client -o yaml > nginx-deployment.yaml
$ vi nginx-deployment
$ oc create -f nginx-deployment
部署包含2个Container的Pod应用
$ oc new-app nginx+mysql
$ oc new-app \
ruby~https://github.com/openshift/ruby-hello-world \
mysql \
--group=ruby+mysql
导出项目中的K8s对象资源
$ projects=$(oc get projects --output=jsonpath={.items..metadata.name})
$ for project in $projects; do
echo "exporting project $project"
oc get --export deploymentconfigs,routes,svc,pvc,buildconfigs,secrets,configmap -n $project -o yaml > $project.yaml
done
关闭/开启OpenShift集群更新后节点自动重启
- 关闭升级后节点自动重启功能
oc patch --type=merge --patch='{"spec":{"paused":true}}' machineconfigpool/master
oc patch --type=merge --patch='{"spec":{"paused":true}}' machineconfigpool/worker
- 打开升级后节点自动重启功能(OpenShift的缺省配置)
oc patch --type=merge --patch='{"spec":{"paused":false}}' machineconfigpool/master
oc patch --type=merge --patch='{"spec":{"paused":false}}' machineconfigpool/worker
更新新的pull-secret
oc set data secret/pull-secret -n openshift-config --from-file=.dockerconfigjson=pull-secret.txt
使用custom-columns
oc get pod -o custom-columns=PROJECT:metadata.namespace -n openshift-apiserver
按照过滤条件查找对象
oc get pods --field-selector status.phase=Running
oc get pods --field-selector status.podIP=10.131.0.92,status.phase=Running
获取对象的特定 annotations 内容
occget pods tmp -o go-template=$‘{{index .metadata.annotations “kubernetes.io/created-by”}}\n’
删除用户
$ oc get user
NAME UID FULL NAME IDENTITIES
admin 45b18d2b-43b9-4890-b3a9-b6ebe3e904fc htpasswd_provider:admin
admin1 75b708dc-9f51-4a2e-b98a-794dce368ab8 htpasswd_provider:admin1
admin2 4d58c172-3505-4ce8-b19c-b15928376367 htpasswd_provider:admin2
admin3 60b0306f-039c-4f21-b564-08c97d3f147a htpasswd_provider:admin3
admin4 0245b027-f0ca-49cd-8869-de4e0bfa1a57 htpasswd_provider:admin4
admin6 5305dcb5-2fc6-4628-ab3a-c71fac9c44fd htpasswd_provider:admin6
admin7 9394b659-1eb3-4eaf-b1c3-5efc0cd625cc htpasswd_provider:admin7
user1 2d01103f-86f0-4c65-85a0-2b02d3136ce6 htpasswd_provider:user1
$ oc get identity
NAME IDP NAME IDP USER NAME USER NAME USER UID
htpasswd_provider:admin htpasswd_provider admin admin 45b18d2b-43b9-4890-b3a9-b6ebe3e904fc
htpasswd_provider:admin1 htpasswd_provider admin1 admin1 75b708dc-9f51-4a2e-b98a-794dce368ab8
htpasswd_provider:admin2 htpasswd_provider admin2 admin2 4d58c172-3505-4ce8-b19c-b15928376367
htpasswd_provider:admin3 htpasswd_provider admin3 admin3 60b0306f-039c-4f21-b564-08c97d3f147a
htpasswd_provider:admin4 htpasswd_provider admin4 admin4 0245b027-f0ca-49cd-8869-de4e0bfa1a57
htpasswd_provider:admin6 htpasswd_provider admin6 admin6 5305dcb5-2fc6-4628-ab3a-c71fac9c44fd
htpasswd_provider:admin7 htpasswd_provider admin7 admin7 9394b659-1eb3-4eaf-b1c3-5efc0cd625cc
htpasswd_provider:user1 htpasswd_provider user1 user1 2d01103f-86f0-4c65-85a0-2b02d3136ce6
$ oc delete user admin7
$ oc delete identity htpasswd_provider:admin7
根据json查找所有项目里的pvc
$ oc get pvc --all-namespaces -o json | jq -r ' .items[] | [.metadata.namespace,.metadata.name,.status.capacity.storage|tostring]|@csv'
"ci-cd","jenkins","5Gi"
"openshift-image-registry","pvc-ocp-registry","100Gi"
"openshift-image-registry","pvc-registry","100Gi"
"pv-demo","pvc-busybox","500Mi"
从secret中获取证书
$ oc get secret console-serving-cert -n openshift-console -o json | jq -r '.data."tls.crt"' | base64 -d > foo.pem
$ openssl crl2pkcs7 -nocrl -certfile foo.pem | openssl pkcs7 -print_certs -noout
subject=/CN=console.openshift-console.svc
issuer=/CN=openshift-service-serving-signer@1620997728
subject=/CN=openshift-service-serving-signer@1620997728
issuer=/CN=openshift-service-serving-signer@1620997728
查看master证书
$ oc whoami --show-server
https://api.ocp4-1.example.com:6443
$ echo -n | openssl s_client -connect api.ocp4-1.example.com:6443 -servername api.ocp4-1.example.com:6443 2>/dev/null | openssl x509 -noout -subject -issuer
subject= /CN=172.30.0.1
issuer= /OU=openshift/CN=kube-apiserver-service-network-signer
查看OperatorHub中所有可用Operator
$ oc get packagemanifest -n openshift-marketplace
NAME CATALOG AGE
here-service-operator-certified Certified Operators 8h
cic-operator-with-crds Certified Operators 8h
minio-operator Certified Operators 8h
openshift-gitops-operator Red Hat Operators 8h
atomicorp-helm-operator-certified-rhmp Red Hat Marketplace 8h
ansible-automation-platform-operator Red Hat Operators 8h
apicast-operator Red Hat Operators 8h
servicemeshoperator Red Hat Operators 8h
percona-server-mongodb-operator-certified Certified Operators 8h
robin-storage-trial-rhmp Red Hat Marketplace 8h
varnish-operator Community Operators 8h
lib-bucket-provisioner Community Operators 8h
vertical-pod-autoscaler Red Hat Operators 8h
web-terminal Red Hat Operators 8h
...
导出指定Kubernetes对象资源
$ oc new-project test
$ oc new-app --image=quay.io/dawnskyliu/hello-openshift
$ oc adm inspect deployment/hello-openshift -n test --dest-dir=./test-deployment
Wrote inspect data to ./test-deployment.
$ tree ./test-deployment/
./test-deployment/
|-- event-filter.html
|-- namespaces
| `-- test
| `-- apps
| `-- deployments
| `-- hello-openshift.yaml
`-- timestamp
$ oc adm inspect ns/test --dest-dir=./test-project
Gathering data for ns/test...
Wrote inspect data to ./test-project.
$ tree ./test-project/
./test-project/
|-- event-filter.html
|-- namespaces
| `-- test
| |-- apps
| | |-- daemonsets.yaml
| | |-- deployments.yaml
| | |-- replicasets.yaml
| | `-- statefulsets.yaml
| |-- apps.openshift.io
| | `-- deploymentconfigs.yaml
| |-- autoscaling
| | `-- horizontalpodautoscalers.yaml
| |-- batch
| | |-- cronjobs.yaml
| | `-- jobs.yaml
| |-- build.openshift.io
| | |-- buildconfigs.yaml
| | `-- builds.yaml
| |-- core
| | |-- configmaps.yaml
| | |-- endpoints.yaml
| | |-- events.yaml
| | |-- persistentvolumeclaims.yaml
| | |-- pods.yaml
| | |-- replicationcontrollers.yaml
| | |-- secrets.yaml
| | `-- services.yaml
| |-- discovery.k8s.io
| | `-- endpointslices.yaml
| |-- image.openshift.io
| | `-- imagestreams.yaml
| |-- pods
| | `-- hello-openshift-6498d9b75d-52rzv
| | |-- hello-openshift
| | | `-- hello-openshift
| | | `-- logs
| | | |-- current.log
| | | |-- previous.insecure.log
| | | `-- previous.log
| | `-- hello-openshift-6498d9b75d-52rzv.yaml
| |-- policy
| | `-- poddisruptionbudgets.yaml
| |-- route.openshift.io
| | `-- routes.yaml
| `-- test.yaml
`-- timestamp
kubectl 命令示例
https://kubernetes.io/docs/reference/generated/kubectl/kubectl-commands
2103
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
