| 兩邊的前次修訂版 前次修改
下次修改 | 前次修改
|
| tech:kubectl [2020/12/22 12:29] – jonathan | tech:kubectl [2023/02/04 16:47] (目前版本) – jonathan |
|---|
| | ====== Kubectl 語法整理 ====== |
| | |
| | ===== 指定特別 kubeconf 檔方式 ===== |
| | * Exp. kubeconf 檔案存放在 /iiidevops/kube-config/config |
| | * <cli>kubectl --kubeconfig /iiidevops/kube-config/config get pod</cli> |
| | |
| | ===== 檢查 K8s Cluster 的健康狀態 ===== |
| | * 參考 - https://stackoverflow.com/questions/54882727/kubectl-using-command-to-get-cluster-status |
| | * <cli>kubectl get componentstatus</cli>結果類似以下訊息:<cli> |
| | $ kubectl get componentstatus |
| | NAME STATUS MESSAGE ERROR |
| | controller-manager Healthy ok |
| | scheduler Healthy ok |
| | etcd-0 Healthy {"health":"true"} |
| | </cli> |
| | |
| | ===== 讀取 K8s Cluster Name 的方式 ===== |
| | * 參考 - https://stackoverflow.com/questions/38242062/how-to-get-kubernetes-cluster-name-from-k8s-api |
| | * 方法1 <cli>kubectl config current-context</cli>結果:<cli> |
| | rkeuser@devops2:~$ kubectl config current-context |
| | iiidevops-k8s |
| | </cli> |
| | * 方法2 <cli>kubectl config view</cli>結果:<cli> |
| | rkeuser@devops2:~$ kubectl config view |
| | apiVersion: v1 |
| | clusters: |
| | - cluster: |
| | certificate-authority-data: DATA+OMITTED |
| | server: https://172.16.0.172:6443 |
| | name: iiidevops-k8s |
| | contexts: |
| | - context: |
| | cluster: iiidevops-k8s |
| | user: kube-admin-iiidevops-k8s |
| | name: iiidevops-k8s |
| | current-context: iiidevops-k8s |
| | kind: Config |
| | preferences: {} |
| | users: |
| | - name: kube-admin-iiidevops-k8s |
| | user: |
| | client-certificate-data: REDACTED |
| | client-key-data: REDACTED |
| | </cli> |
| | |
| | ===== 顯示 K8s 內的 POD 清單 ===== |
| | * <cli>kubectl get pod</cli> Exp.<cli> |
| | localadmin@iiidevops-73:~$ kubectl get pod |
| | NAME READY STATUS RESTARTS AGE |
| | devopsapi-dbbcf7fd4-j5nv2 1/1 Running 0 36m |
| | devopsdb-5555449b8d-rd2z9 1/1 Running 0 37m |
| | devopsui-84496c7fcc-bd99r 1/1 Running 0 126m |
| | redmine-547cbdbbbb-wk9s6 1/1 Running 1 17h |
| | redmine-postgresql-6fb9475c6c-gs9gh 1/1 Running 0 17h |
| | sonarqube-server-6ccbf4c54f-vksmp 1/1 Running 0 17h |
| | </cli> |
| | * 加上 -n 參數 指定所要查詢的 namespace 內 pod 清單 <cli>kubectl get pod -n kube-system</cli> Exp.<cli> |
| | $ kubectl get pod -n kube-system |
| | NAME READY STATUS RESTARTS AGE |
| | calico-kube-controllers-c955d588c-kcm7r 1/1 Running 2 36h |
| | calico-node-sghsm 1/1 Running 2 36h |
| | : |
| | rke-metrics-addon-deploy-job-dhjbl 0/1 Completed 0 36h |
| | rke-network-plugin-deploy-job-6vzqh 0/1 Completed 0 36h |
| | </cli> |
| | |
| | * 加上 -A 參數可呈現所有 namespace 的 pod 清單 <cli>kubectl get pod -A</cli> Exp.<cli> |
| | localadmin@iiidevops-hv-2:~$ kubectl get pod -A |
| | NAMESPACE NAME READY STATUS RESTARTS AGE |
| | cattle-pipeline registry-proxy-96bbj 1/1 Running 0 40m |
| | cattle-system cattle-cluster-agent-7d569b986c-57485 1/1 Running 0 145m |
| | : |
| | kube-system rke-metrics-addon-deploy-job-tb2sn 0/1 Completed 0 146m |
| | kube-system rke-network-plugin-deploy-job-pcgss 0/1 Completed 0 146m |
| | p-8kvwh-pipeline docker-registry-57fbddc6cc-ch9cw 1/1 Running 0 40m |
| | p-8kvwh-pipeline jenkins-f4d6b89cb-h8554 1/1 Running 0 40m |
| | p-8kvwh-pipeline minio-5ccb99b5c7-kp9lc 1/1 Running 0 40m |
| | </cli> |
| | |
| | ===== 顯示 K8s 內 POD 的 logs ===== |
| | * <cli>kubectl logs [pod NAME]</cli> Exp. <cli> |
| | localadmin@iiidevops-73:~$ kubectl logs redmine-547cbdbbbb-wk9s6 | tail -20 |
| | I, [2020-12-21T10:47:03.089762 #1] INFO -- : Rendered enumerations/_form.html.erb (2.8ms) |
| | I, [2020-12-21T10:47:03.090267 #1] INFO -- : Rendered enumerations/new.html.erb within layouts/admin (4.2ms) |
| | I, [2020-12-21T10:47:03.095432 #1] INFO -- : Rendered admin/_menu.html.erb (4.9ms) |
| | I, [2020-12-21T10:47:03.095745 #1] INFO -- : Rendering layouts/base.html.erb |
| | I, [2020-12-21T10:47:03.107140 #1] INFO -- : Rendered layouts/base.html.erb (11.3ms) |
| | I, [2020-12-21T10:47:03.107464 #1] INFO -- : Completed 200 OK in 32ms (Views: 19.9ms | ActiveRecord: 5.8ms) |
| | I, [2020-12-21T10:47:05.101236 #1] INFO -- : Started POST "/enumerations" for 10.20.0.74 at 2020-12-21 10:47:05 +0000 |
| | I, [2020-12-21T10:47:05.102407 #1] INFO -- : Processing by EnumerationsController#create as HTML |
| | I, [2020-12-21T10:47:05.102487 #1] INFO -- : Parameters: {"utf8"=>"✓", "authenticity_token"=>"wRaItdciacpkIjcxxxxxxxxxxrdQWdKf66WuZPq6AGAIQyK9BLeuyOlyKODKQedaCNdAoADOadTy+3UH4mTeg==", "enumeration"=>{"type"=>"IssuePriority", "name"=>"Low", "active"=>"1", "is_default"=>"0"}, "commit"=>"Create"} |
| | I, [2020-12-21T10:47:05.112128 #1] INFO -- : Current user: admin (id=1) |
| | I, [2020-12-21T10:47:05.192218 #1] INFO -- : Redirected to http://10.20.0.74:32748/enumerations |
| | I, [2020-12-21T10:47:05.192469 #1] INFO -- : Completed 302 Found in 90ms (ActiveRecord: 17.5ms) |
| | 10.20.0.74 - - [21/Dec/2020:10:47:05 UTC] "POST /enumerations HTTP/1.1" 302 102 |
| | http://10.20.0.74:32748/enumerations/new?type=IssuePriority -> /enumerations |
| | 10.20.0.74 - - [21/Dec/2020:10:47:05 UTC] "GET /enumerations HTTP/1.1" 200 8526 |
| | http://10.20.0.74:32748/enumerations/new?type=IssuePriority -> /enumerations |
| | 10.20.0.74 - - [22/Dec/2020:02:21:47 UTC] "GET /users/current.json HTTP/1.1" 200 253 |
| | - -> /users/current.json |
| | 10.20.0.74 - - [22/Dec/2020:02:21:47 UTC] "GET /users.json?offset=0&limit=25&key=d64c31axxxxxxxxxxd085fc5825ec257b31a3ec7 HTTP/1.1" 200 230 |
| | - -> /users.json?offset=0&limit=25&key=d64c31aff3xxxxxxxxxx5fc5825ec257b31a3ec7 |
| | |
| | </cli> |
| | |
| | ===== 顯示 K8s 內 POD 的描述資訊 ===== |
| | * <cli>kubectl describe pod [pod NAME]</cli> Exp. <cli> |
| | localadmin@iiidevops-71:~/deploy-devops$ kubectl describe pod devopsapi-cdccbcb48-qv4n9 |
| | Name: devopsapi-cdccbcb48-qv4n9 |
| | Namespace: default |
| | Priority: 0 |
| | Node: iiidevops-72/10.20.0.72 |
| | Start Time: Thu, 24 Dec 2020 06:27:37 +0000 |
| | Labels: app=devopsapi |
| | pod-template-hash=cdccbcb48 |
| | : |
| | : |
| | Normal Pulling 15s (x2 over 38s) kubelet Pulling image "iiiorg/devops-api:develop" |
| | Warning Failed 11s (x2 over 34s) kubelet Failed to pull image "iiiorg/devops-api:develop": rpc error: code = Unknown desc = Error response from daemon: toomanyrequests: You have reached your pull rate limit. You may increase the limit by authenticating and upgrading: https://www.docker.com/increase-rate-limit |
| | Warning Failed 11s (x2 over 34s) kubelet Error: ErrImagePull |
| | </cli> |
| | ===== 進入一個 POD 內操作 ===== |
| | * <cli>kubectl exec -it [POD Name] -- bash</cli> Exp.<cli> |
| | localadmin@iiidevops-hv-2:~$ kubectl exec -it devopsapi-74c78bb4c8-77phj -- bash |
| | root@devopsapi-74c78bb4c8-77phj:/usr/src/app# ls -lt |
| | total 76 |
| | drwxr-xr-x 1 root root 4096 Jan 23 08:18 apis |
| | drwxrwxrwx 2 root root 4096 Jan 23 08:18 logs |
| | -rw-r--r-- 1 root root 41 Jan 22 22:15 git_commit |
| | -rwxr-xr-x 1 root root 435 Jan 22 22:15 Dockerfile |
| | -rwxr-xr-x 1 root root 11357 Jan 22 22:15 LICENSE |
| | -rwxr-xr-x 1 root root 878 Jan 22 22:15 README.md |
| | -rwxr-xr-x 1 root root 1994 Jan 22 22:15 _alembic.ini |
| | : |
| | : |
| | -rwxr-xr-x 1 root root 3133 Jan 22 22:15 k8s_config |
| | root@devopsapi-c9ddc8cdf-mrb9f:/usr/src/app# |
| | </cli> |
| | * 如果要進入不同 namespace 的 pod 操作就需要加上 --namespace="xxx" 的參數 Exp.<cli> |
| | localadmin@iiidevops-hv-2:~$ kubectl exec -it --namespace="p-8kvwh-pipeline" minio-5ccb99b5c7-kp9lc -- traceroute 172.17.13.183 |
| | traceroute to 172.17.13.183 (172.17.13.183), 30 hops max, 46 byte packets |
| | 1 172-17-13-183.kubernetes.default.svc.cluster.local (172.17.13.183) 0.007 ms 0.009 ms 0.007 ms |
| | </cli> |
| | |
| | ===== 顯示 K8s 內的 deploy 清單 ===== |
| | * <cli>kubctl get deploy</cli> Exp.<cli> |
| | localadmin@iiidevops-73:~$ kubectl get deploy |
| | NAME READY UP-TO-DATE AVAILABLE AGE |
| | devopsapi 1/1 1 1 17h |
| | devopsdb 1/1 1 1 37m |
| | devopsui 1/1 1 1 17h |
| | redmine 1/1 1 1 17h |
| | redmine-postgresql 1/1 1 1 17h |
| | sonarqube-server 1/1 1 1 17h |
| | </cli> |
| | |
| | ===== 移除 K8s 內的 deploy pod ===== |
| | * <cli>kubctl delete deploy [deploy NAME]</cli> Exp.<cli> |
| | localadmin@iiidevops-73:~$ kubectl delete deploy devopsui devopsdb devopsapi |
| | deployment.apps "devopsui" deleted |
| | deployment.apps "devopsdb" deleted |
| | deployment.apps "devopsapi" deleted |
| | </cli> |
| | |
| | ===== 顯示 K8s 內的 namespace 清單 ===== |
| | * <cli>kubctl get namespace </cli> Exp.<cli> |
| | iiidevops@iiidevops1:~$ kubectl get namespace |
| | NAME STATUS AGE |
| | account Active 49d |
| | cattle-pipeline Active 6d22h |
| | cattle-system Active 50d |
| | default Active 50d |
| | iii-devops-toolchain Active 6d22h |
| | ingress-nginx Active 50d |
| | kube-node-lease Active 50d |
| | kube-public Active 50d |
| | kube-system Active 50d |
| | p-pdx2d-pipeline Active 6d22h |
| | security-scan Active 50d |
| | </cli> |
| | |
| | ===== 移除 K8s 內的 namespace deploy pod ===== |
| | * <cli>kubctl delete namespace [namespace NAME]</cli> Exp.<cli> |
| | iiidevops@iiidevops1:~$ kubectl delete namespace iii-devops-toolchain |
| | namespace "iii-devops-toolchain" deleted |
| | </cli> |
| | |
| | ===== 讀取 Secret 的內容 ===== |
| | * <cli>kubectl get secret [secret_name]</cli> Exp.<cli> |
| | rkeuser@dev4-86:~$ kubectl get secret |
| | NAME TYPE DATA AGE |
| | default-token-pssx6 kubernetes.io/service-account-token 3 21d |
| | gitlab Opaque 1 21d |
| | harbor Opaque 1 21d |
| | harbor-harbor-clair Opaque 3 21d |
| | harbor-harbor-clair-internal-tls kubernetes.io/tls 3 21d |
| | harbor-harbor-core Opaque 8 21d |
| | : |
| | </cli> |
| | * 顯示 secret 的內容, 有定義那些 key<cli>kubectl describe secret [secret_name]</cli> Exp.<cli> |
| | rkeuser@dev4-86:~$ kubectl describe secret harbor |
| | Name: harbor |
| | Namespace: default |
| | Labels: <none> |
| | Annotations: field.cattle.io/creatorId: user-jwvbx |
| | field.cattle.io/projectId: local:p-rhflt |
| | lifecycle.cattle.io/create.secretsController_local: true |
| | secret.user.cattle.io/secret: true |
| | |
| | Type: Opaque |
| | |
| | Data |
| | ==== |
| | harbor-local: 25 bytes |
| | </cli> |
| | * 顯示 secret key 的 value 編碼內容<cli> |
| | kubectl get secrets/<secret_name> --template={{.data.<key>}} |
| | </cli> Exp.<cli> |
| | kubectl get secrets/harbor --template={{.data.harbor-local}} |
| | </cli> |
| | <WRAP center round tip 60%> |
| | ** 如果要直接解碼可使用 base64 -d 的方式處理** Exp. <cli> |
| | kubectl get secrets/harbor --template={{.data.harbor-local}} | base64 -d |
| | </cli> |
| | </WRAP> |
| | |
| | ===== 讀取 kubelet 內的 pod 目錄編號 ===== |
| | * 實際 pod 的檔案存在 node 內的 /var/lib/kubelet/pods 內, 可透過以下語法獲知 pod 的目錄編號<cli> |
| | kubectl get pods -A -o custom-columns=NodeName:.spec.nodeName,PodName:.metadata.name,PodUID:.metadata.uid |
| | </cli> |
| | * ++看實際範例|<cli> |
| | rkeuser@demo-77:~$ kubectl get pods -A -o custom-columns=NodeName:.spec.nodeName,PodName:.metadata.name,PodUID:.metadata.uid |
| | NodeName PodName PodUID |
| | 10.20.0.79 a1-master-db-dpy-79bc97bf96-xmqxw 34dad11c-7f38-44c1-b1b0-e06d760d2a7e |
| | 10.20.0.79 a1-master-db-gui-7cc89bcb59-vlhtz 9cc444c9-3986-4ba2-a535-9f44f6bb10cf |
| | 10.20.0.79 a1-master-sq-4-wkv2l 94dc6771-bea0-46bd-a0ec-0128e7c5c16d |
| | 10.20.0.78 apeg-python-flask-master-serv-dpy-86b655666-9ngdf 0903dcd1-c1f5-4704-b8ba-7991d11e882d |
| | 10.20.0.78 aptgit-220209-master-db-dpy-5f7986d9c-wvv2c 7209d08f-d0b8-428d-922c-87b3f6fe5787 |
| | 10.20.0.77 aptgit-220209-master-db-gui-67bbbf77cb-h9qxh 498451f9-fa3a-4fa6-bd2c-dd1ae1d9a3b7 |
| | 10.20.0.79 aptgit-220209-master-db-gui-67bbbf77cb-t79qf ba6e310c-a106-426e-910a-290e836c40a9 |
| | 10.20.0.78 aptgit-220209-master-serv-dpy-5cf7cccd4d-66vns 522553e2-3323-44cb-bb02-3995d625c033 |
| | 10.20.0.77 aptgit-220209-master-serv-dpy-5cf7cccd4d-k2jl8 f8a147db-3eee-4d40-b051-f6b00bc0a644 |
| | : |
| | </cli> 直接看 aptgit-220209-master-db-gui-67bbbf77cb-h9qxh -> 498451f9-fa3a-4fa6-bd2c-dd1ae1d9a3b7 這個 POD 的檔案<cli> |
| | rkeuser@demo-77:~$ sudo ls -lRt /var/lib/kubelet/pods/498451f9-fa3a-4fa6-bd2c-dd1ae1d9a3b7 |
| | /var/lib/kubelet/pods/498451f9-fa3a-4fa6-bd2c-dd1ae1d9a3b7: |
| | total 16 |
| | -rw-r--r-- 1 root root 241 Jan 7 09:04 etc-hosts |
| | drwxr-x--- 3 root root 4096 Jun 25 2022 containers |
| | drwxr-x--- 3 root root 4096 Jun 25 2022 plugins |
| | drwxr-x--- 3 root root 4096 Jun 25 2022 volumes |
| | |
| | /var/lib/kubelet/pods/498451f9-fa3a-4fa6-bd2c-dd1ae1d9a3b7/containers: |
| | total 4 |
| | drwxr-x--- 2 root root 4096 Jan 7 09:04 mariadb-gui |
| | |
| | /var/lib/kubelet/pods/498451f9-fa3a-4fa6-bd2c-dd1ae1d9a3b7/containers/mariadb-gui: |
| | total 0 |
| | -rw-rw-rw- 1 root root 0 Jan 7 09:04 832a851d |
| | -rw-rw-rw- 1 root root 0 Nov 19 09:26 d65ebd13 |
| | -rw-rw-rw- 1 root root 0 Oct 15 06:39 d516d827 |
| | -rw-rw-rw- 1 root root 0 Oct 14 19:16 ea72f4fc |
| | -rw-rw-rw- 1 root root 0 Sep 17 11:11 94285167 |
| | -rw-rw-rw- 1 root root 0 Aug 28 18:14 edc19f39 |
| | -rw-rw-rw- 1 root root 0 Jul 30 2022 cbf94e15 |
| | -rw-rw-rw- 1 root root 0 Jul 14 2022 f3f9f859 |
| | -rw-rw-rw- 1 root root 0 Jun 25 2022 46143b63 |
| | |
| | /var/lib/kubelet/pods/498451f9-fa3a-4fa6-bd2c-dd1ae1d9a3b7/plugins: |
| | total 4 |
| | drwxr-x--- 2 root root 4096 Jan 30 07:48 kubernetes.io~empty-dir |
| | |
| | /var/lib/kubelet/pods/498451f9-fa3a-4fa6-bd2c-dd1ae1d9a3b7/plugins/kubernetes.io~empty-dir: |
| | total 0 |
| | |
| | /var/lib/kubelet/pods/498451f9-fa3a-4fa6-bd2c-dd1ae1d9a3b7/volumes: |
| | total 4 |
| | drwxr-xr-x 2 root root 4096 Jan 30 07:48 kubernetes.io~secret |
| | |
| | /var/lib/kubelet/pods/498451f9-fa3a-4fa6-bd2c-dd1ae1d9a3b7/volumes/kubernetes.io~secret: |
| | total 0 |
| | rkeuser@demo-77:~$ |
| | </cli>++ |
| | |
| | |
| | |
| | {{tag>k8s iiidevops kubectl}} |
| |