Kubernetes 命令
一 kuberctl
1 查看命名空间中的资源
kubectl get pods --namespace kube-system
2 查看命名空间的描述
kubectl describe ns kube-system
Name: kube-system
Labels: kubernetes.io/metadata.name=kube-system
Annotations: <none>
Status: Active
No resource quota.
No LimitRange resource.
3 describe pod 查看pod的相关信息
kubectl describe pods kube-flannel-ds-amd64-zqs6k --namespace kube-system
4 describe node
kubectl describe node k8s-master1
5 获取dashboard的相关信息
kubectl get pods,svc -n kubernetes-dashboard
6 获取所有的命名空间
kubectl get pods --all-namespaces
7 直接删除命名空间
kubectl delete namespaces kubernetes-dashboard
8 删除命名空间中的节点
--force 强制
kubectl delete pods kube-flannel-ds-amd64-x9hg9 -n kube-system --force
9 访问命名空间
curl --insecure https://192.168.56.200:6443/api/v1/kube-system
10.1 查看需要授权证书的节点
[root@k8s-master logs]# kubectl get csr
NAME AGE SIGNERNAME REQUESTOR REQUESTEDDURATION CONDITION
node-csr-tsic3mMf63p3vsp_7fZDJ_OrdLPNu0I1B8Z82kGzblQ 17h kubernetes.io/kube-apiserver-client-kubelet kubelet-bootstrap <none> Approved
10.2 已经授权的证书无法在deny,但可以通过delete来进行删除操作
[root@k8s-master logs]# kubectl get csr
NAME AGE SIGNERNAME REQUESTOR REQUESTEDDURATION CONDITION
node-csr-tsic3mMf63p3vsp_7fZDJ_OrdLPNu0I1B8Z82kGzblQ 17h kubernetes.io/kube-apiserver-client-kubelet kubelet-bootstrap <none> Approved
#已经授权的证书无法在deny,但可以通过delete来进行删除操作
[root@k8s-master logs]# kubectl delete csr node-csr-tsic3mMf63p3vsp_7fZDJ_OrdLPNu0I1B8Z82kGzblQ
certificatesigningrequest.certificates.k8s.io "node-csr-tsic3mMf63p3vsp_7fZDJ_OrdLPNu0I1B8Z82kGzblQ" deleted
[root@k8s-master logs]# kubectl get cs
Warning: v1 ComponentStatus is deprecated in v1.19+
NAME STATUS MESSAGE ERROR
scheduler Healthy ok
etcd-0 Healthy {"health":"true","reason":""}
controller-manager Healthy ok
[root@k8s-master logs]# kubectl get csr
NAME AGE SIGNERNAME REQUESTOR REQUESTEDDURATION CONDITION
node-csr-tsic3mMf63p3vsp_7fZDJ_OrdLPNu0I1B8Z82kGzblQ 4s kubernetes.io/kube-apiserver-client-kubelet kubelet-bootstrap <none> Pending
二 Deployment 应用
1 Pod 容器的集合,通常将紧密相关的一组容器放到一个pod中,同一个pod中的所有容器共享IP地址和
Port空间,它们在一个network namespace中
2 k8s部署一个应用
kubectl run 命名 --image=docker.io/kubernetes-bootcamp:v1 --port=8080
默认情况下,所有pod只能在集群内部访问,为了能够从外部访问,需要将容器的8080端口映射到节点的端口
kubectl expose deployment/kubernetes-bootcamp --type=“NodePort” --port 8080
3 k8s获取端口映射
kubectl get services
curl 主机名:映射的端口
4 k8s获取副本数
kubectl get deployments
5 scale
k8s将副本数增加到3个
kubectl scale deployments/kubernetes-bootcamp --replicas=3
[root@k8s-master1 package]# kubectl get deployments
NAME READY UP-TO-DATE AVAILABLE AGE
nginx-deployment 1/3 3 1 2d4h
[root@k8s-master1 package]# kubectl delete deployments/nginx-deployment
deployment.apps "nginx-deployment" deleted
6 k8s删除一个副本
kubectl scale deployments/kubernetes-bootcamp --replicas=2
kubectl get deployments
kubectl get pods
7 滚动更新
kubectl set image deployments/kubernetes-bootcamp \
kubernetes-bootcamp=jocatalin/kubernetes-bootcamp:v2
8 回退到v1版本
kubectl rellout undo deployments/kubernetes-bootcamp
验证 curl 主机名:映射的端口
9 获取某一概念的帮助
kubectl explain deloyment
10 kubectl edit查看 集群中当前运行的资源
[root@k8s-master1 cfg]# kubectl edit deployment nginx-deployment
#Please edit the object below. Lines beginning with a '#' will be ignored,
#and an empty file will abort the edit. If an error occurs while saving this file will be
#reopened with the relevant failures.
#
apiVersion: apps/v1
kind: Deployment
metadata:
annotations:
deployment.kubernetes.io/revision: "1"
kubectl.kubernetes.io/last-applied-configuration: |
{"apiVersion":"apps/v1","kind":"Deployment","metadata":{"annotations":{},"labels":{"app":"nginx"},"name":"nginx-deployment","namespace":"default"},"spec":{"replicas":2,"selector":{"matchLabels":{"app":"nginx"}},"template":{"metadata":{"labels":{"app":"nginx"}},"spec":{"containers":[{"image":"nginx:stable","name":"nginx","ports":[{"containerPort":80}]}]}}}}
creationTimestamp: "2021-09-06T07:07:49Z"
generation: 1
labels:
app: nginx
name: nginx-deployment
namespace: default
resourceVersion: "117504"
uid: 7c4a2831-edcb-4db9-85f8-b557ee2debd7
spec:
progressDeadlineSeconds: 600
replicas: 2
revisionHistoryLimit: 10
selector:
matchLabels:
app: nginx
strategy:
rollingUpdate:
maxSurge: 25%
maxUnavailable: 25%
type: RollingUpdate
template:
metadata:
creationTimestamp: null
labels:
app: nginx
spec:
containers:
- image: nginx:stable
imagePullPolicy: IfNotPresent
name: nginx
ports:
- containerPort: 80
protocol: TCP
resources: {}