Kubectl最佳命令示例

分享于 

18分钟阅读

Linux

  简体

Kubectl命令示例

1.列出所有pod

使用kubectl get pods命令列出所有可用的pod,如下面的示例所示,


[root@localhost ~]# kubectl get pods
 NAME READY STATUS RESTARTS AGE
test-pod-0-64958d679f-qxzbs 1/1 Running 0 3d21h
test-pod-1-86b655bbff-789nd 1/1 Running 0 3d21h
test-pod-2-6f6c8f9fdd-xm44w 1/1 Running 0 3d21h
test-pod-3-0 1/1 Running 0 3d21h
test-pod-4-d7c457fc7-775gx 1/1 Running 0 3d21h
test-pod-5-6d77f97f45-kkl8n 1/1 Running 0 3d21h
test-pod-6-66ff6db548-4lh58 2/2 Running 0 3d21h
test-pod-7-p6b5q 1/1 Running 0 3d21h
test-pod-8-b577cf8b6-kw8s4 1/1 Running 0 3d21h


2.列出所有kube dns pods


[root@localhost ~]# kubectl get pods -n kube-system
NAME READY STATUS RESTARTS AGE
test-pod-0-5644d7b6d9-58ddc 1/1 Running 0 3d21h
kube-dns-5644d7b6d9-f7gxb 1/1 Running 0 3d21h
kube-apiserver-172.31.33.220 1/1 Running 0 3d21h
kube-controller-manager-172.31.33.220 1/1 Running 0 3d21h
kube-proxy-lcj2g 1/1 Running 0 3d21h
kube-scheduler-172.31.33.220 1/1 Running 0 3d21h
kube-net-bbg7w 2/2 Running 1 3d21h


3.列出所有持久卷

你需要使用--sort-by=.spec.capacity.storage选项根据存储容量列出所有持久卷,如下面的示例所示,从输出中可以看到,pod按存储容量的递增顺序显示。


[root@localhost ~]# kubectl get pv --sort-by=.spec.capacity.storage
NAME CAPACITY ACCESS MODES RECLAIM POLICY STATUS CLAIM STORAGECLASS REASON AGE
test-pod-0-logs-vol-0 2Gi RWO Retain Bound example/logs-test-pod-0 local-storage 3d21h
test-pod-1-logs-vol-0 2Gi RWO Retain Bound example/logs-test-pod-1-0 local-storage 3d21h
test-pod-2-logs-vol-0 2Gi RWO Retain Bound example/logs-test-pod-2-0 local-storage 3d21h
test-pod-3-logs-vol-0 2Gi RWO Retain Bound example/logs-test-pod-3-0 local-storage 3d21h
test-pod-4-vol 7Gi RWO Retain Bound example/test-pod-4-k8s-0 local-storage 3d21h
test-pod-5-vol-0 10Gi RWO Retain Bound example/data-test-pod-5-0 local-storage 3d21h
test-pod-6-0-logs-vol-0 10Gi RWO Retain Bound example/logs-test-pod-6-0 local-storage 3d21h
test-pod-7-vol-0 10Gi RWO Retain Bound example/data-test-pod-7-0 local-storage 3d21h
test-pod-8-vol-0 10Gi RWO Retain Bound example/data-test-pod-8-0 local-storage 3d21h
test-pod-9-vol-0 10Gi RWO Retain Bound example/data-test-pod-9-0 local-storage 3d21h


4.检查所有服务

如果要查看所有服务,则需要使用kubectl get services命令,如下面的示例所示,此输出将帮助你确定当前正在运行的服务以及当前关闭的服务。


[root@localhost ~]# kubectl get services
 NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
test-pod-0 ClusterIP 10.96.65.83 <none> 4883/TCP 4d
test-pod-1 ClusterIP 10.99.221.111 <none> 4883/TCP 4d
test-pod-2 ClusterIP 10.105.137.228 <none> 7083/TCP 4d
test-pod-3 ClusterIP None <none> 9042/TCP 4d
test-pod-4 ClusterIP 10.102.184.122 <none> 80/TCP 4d
test-pod-5 ClusterIP 10.103.106.186 <none> 8080/TCP 4d
test-pod-6 ClusterIP 10.104.196.193 <none> 8443/TCP,6080/TCP 4d
test-pod-7 ClusterIP 10.102.175.62 <none> 80/TCP,443/TCP 4d
test-pod-8 ClusterIP 10.103.54.109 <none> 9000/TCP 4d
test-pod-9 ClusterIP 10.106.58.196 172.31.33.220 5671/TCP,5672/TCP,4369/TCP 4d


5.列出当前命名空间中的所有pods

如果要列出当前命名空间中的所有pods,就需要使用 kubectl get pods -o wide 在此输出中,你可以检查node的IP以及pod运行的位置。


[root@localhost ~]# kubectl get pods -o wide
 NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
test-pod-0-64958d679f-qxzbs 1/1 Running 0 4d 192.113.12.38 72.31.33.220 <none> <none>
test-pod-1-86b655bbff-789nd 1/1 Running 0 4d 192.113.12.39 72.31.33.220 <none> <none>
test-pod-2-6f6c8f9fdd-xm44w 1/1 Running 0 4d 192.113.12.19 72.31.33.220 <none> <none>
test-pod-3-0 1/1 Running 0 4d 192.113.12.10 72.31.33.220 <none> <none>
test-pod-4-d7c457fc7-775gx 1/1 Running 0 4d 192.113.12.28 72.31.33.220 <none> <none>
test-pod-5-6d77f97f45-kkl8n 1/1 Running 0 4d 192.113.12.26 72.31.33.220 <none> <none>
test-pod-6-66ff6db548-4lh58 2/2 Running 0 4d 192.113.12.12 72.31.33.220 <none> <none>


6.获取Pod YAML

如果想检查pod yaml,那么你需要使用 kubectl get pod <pod_name> -o yaml 命令如下所示,可以从YAML输出检查pod配置细节,


[root@localhost ~]# kubectl get pod test-pod-0 -o yaml
apiVersion: v1
kind: Pod
metadata:
annotations:
pod.alpha.kubernetes.io/initialized: "true"
creationTimestamp: "2020-03-12T12:19:43Z"
generateName: test-pod
labels:
app: test-pod
controller-revision-hash: test-pod-7d8b79498
statefulset.kubernetes.io/pod-name: test-pod-0
name: test-pod-0
namespace: example
ownerReferences:
- apiVersion: apps/v1
blockOwnerDeletion: true
controller: true
kind: StatefulSet
name: test-pod
uid: 2b89e51c-ad8f-45c4-9597-4c68c8c39a32


7.描述pods

如果想了解pod的完整描述,那么你需要使用 kubectl describe pod <pod_name> 如下所示的命令,当有时pod由于某些错误而无法出现时,此命令非常有用,


[root@localhost ~]# kubectl describe pod test-pod-0
Name: test-pod-0
Namespace: example
Priority: 0
Node: 172.31.33.220/172.31.33.220
Start Time: Thu, 12 Mar 2020 12:19:44 +0000
Labels: app=test-pod
controller-revision-hash=test-pod-7d8b79498
statefulset.kubernetes.io/pod-name=test-pod-0
Annotations: pod.alpha.kubernetes.io/initialized: true
Status: Running
IP: 192.113.12.10
IPs:
IP: 192.113.12.10
Controlled By: StatefulSet/test-pod
Containers:
config-datastore:
Container ID: docker://e82ed82037e8fd4b52e4ad75fe9d537c857fdd239a46738f5e92c4d4c314114f
Image: aio:rel-5.1.0p1
Image ID: docker://sha256:5f12324b26dc58ec6c363ba21ce53cdd7366e1f4ce35e8eba71e0af6026b768c
Port: 9042/TCP
Host Port: 0/TCP


8.检查所有节点

如果要查看Kubernetes集群中的所有节点,则需要使用kubectl get nodes命令,如下所示,从下面的输出可以看到,这是一个单一的node集群。


[root@localhost ~]# kubectl get nodes
NAME STATUS ROLES AGE VERSION
172.31.33.220 Ready master 4d v1.16.1


9.显示所有Pods标签

如果要查看所有pods的标签,就需要使用 kubectl get pods --show-labels


[root@localhost ~]# kubectl get pods --show-labels
 NAME READY STATUS RESTARTS AGE LABELS
test-pod-0-64958d679f-qxzbs 1/1 Running 0 4d app=test-pod-0,pod-template-hash=64958d679f
test-pod-1-86b655bbff-789nd 1/1 Running 0 4d app=test-pod-1,pod-template-hash=86b655bbff
test-pod-2-6f6c8f9fdd-xm44w 1/1 Running 0 4d app=test-pod-2,pod-template-hash=6f6c8f9fdd
test-pod-3 1/1 Running 0 4d app=test-pod-3,controller-revision-hash=test-pod-3-7d8b79498,statefulset.kubernetes.io/pod-name=test-pod-3
test-pod-4-d7c457fc7-775gx 1/1 Running 0 4d app=test-pod-4,pod-template-hash=d7c457fc7
test-pod-5-6d77f97f45-kkl8n 1/1 Running 0 4d app=test-pod-5,pod-template-hash=6d77f97f45
test-pod-6-66ff6db548-4lh58 2/2 Running 0 4d app=test-pod-6,pod-template-hash=66ff6db548
test-pod-7-p6b5q 1/1 Running 0 4d app=test-pod-7,controller-revision-hash=64444d5b79,pod-template-generation=1,version=v1.0


10.列出Pods使用的所有secrets


[root@localhost ~]# kubectl get pods -o json | jq '.items[].spec.containers[].env[]?.valueFrom.secretKeyRef.name' | grep -v null | sort | uniq
"aws-secrets"
"test-cert"
"hocsecret"
"ingress-crt"
"test-cert"


11.转储pods日志

如果要转储pod的完整日志,就需要使用下面的命令,


[root@localhost ~]# kubectl logs test-pod-0 | more
Successfully added cron job
+ mem_json='{
"name": "memtuning",
"version": "1.0.0",
"components": [
{
"name": "test-pod-0",
"memconfig": [
{
"range": "7-14",
"value": "64m"
},
{
"range": "15-23",
"value": "512m"
},
{
"range": "24-30",
"value": "1024m"
},
{
"range": "31-59",
"value": "2048m"
},


12.在现有pods中运行命令

如果要在pod内部运行命令而不实际登录到pod,就需要在下面使用 kubectl exec <pod_name> -- <commands> 命令,这里我尝试使用du-sh命令检查test-pod-0pod的/u01/test目录的大小,而不需要登录test-pod-0pod,如下所示,


[root@localhost ~]# kubectl exec test-pod-0 -- du -sh /u01/test/
935M /u01/test/


13.显示连续日志

如果要查看特定pod的流日志,则需要使用-f选项,如下面的示例所示,此命令在排除pod错误时非常有用。


[root@localhost ~]# kubectl logs -f test-pod-0
2020-03-16 12:43:52,582 DEBG 'test' stdout output:
INFO [Service Thread] 2020-03-16 12:43:52,582 StatusLogger.java:101 - system_auth.resource_role_permissons_index 0,0
INFO [Service Thread] 2020-03-16 12:43:52,582 StatusLogger.java:101 - system_auth.role_permissions 0,0

2020-03-16 12:43:52,583 DEBG 'test' stdout output:
INFO [Service Thread] 2020-03-16 12:43:52,582 StatusLogger.java:101 - system_traces.sessions 0,0
INFO [Service Thread] 2020-03-16 12:43:52,582 StatusLogger.java:101 - system_traces.events 0,0

2020-03-16 12:43:59,060 DEBG 'test' stdout output:
WARN [PERIODIC-COMMIT-LOG-SYNCER] 2020-03-16 12:43:59,060 NoSpamLogger.java:94 - Out of 0 commit log syncs over the past 0.00s with average duration of Infinityms, 1 have exceeded the configured commit interval by an average of 21.47ms


14.获取容器度量

如果要查看pod及容器的指标,就需要使用下面的命令。


[root@localhost ~]# kubectl top pod test-pod-0 --containers
POD NAME CPU(cores) MEMORY(bytes)
test-pod-0 test-pod 220m 2241Mi


15.登录到Pod

如果想登录到pod,那么你需要使用下面的kubectl命令在test-pod-0 pod中打开bash提示,


[root@localhost ~]# kubectl exec -ti test-pod-0 bash
bash-4.1#


-t :stdin是一个TTY

-i:将stdin传递给容器

16.检查集群信息

如果想检查Kubernetes集群摘要,那么你可以使用以下cluster-info选项,此命令将告诉你当前正在运行Kubernetes主机的URL,


[root@localhost ~]# kubectl cluster-info
Kubernetes master is running at https://72.39.43.220:6443
KubeDNS is running at https://12.71.43.220:6443/api/v1/namespaces/kube-system/services/kube-dns:dns/proxy

To further debug and diagnose cluster problems, use 'kubectl cluster-info dump'.


17.转储集群信息

如果想转储所有kubernetes集群日志,那么你需要使用以下命令,请注意,这个命令的输出可以很长,因为这个命令将提供关于所有集群pods的完整细节。


[root@localhost ~]# kubectl cluster-info dump
2020-03-12 12:36:32,649 DEBG 'test-pod-0' stderr output:
at net.appcito.barista.occonsumer.OCConsumerHandler.handleCommand(OCConsumerHandler.java:62)
at net.appcito.messaging.ocutils.OCConsumer.handleDelivery(OCConsumer.java:77)
at net.jodah.lyra.internal.ConsumerDelegate.handleDelivery(ConsumerDelegate.java:53)
at com.rabbitmq.client.impl.ConsumerDispatcher$5.run(ConsumerDispatcher.java:140)
at com.rabbitmq.client.impl.ConsumerWorkService$WorkPoolRunnable.run(ConsumerWorkService.java:85)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
at java.lang.Thread.run(Thread.java:748)

==== END logs for container test-pod of pod example/test-pod-0-6f6c8f9fdd-xm44w ====
==== START logs for container test-pod of pod example/test-pod-0 ====


18.显示node的指标

如果要查看集群node的资源利用率,就需要使用下面的命令,


[root@localhost ~]# kubectl top node 72.131.183.22
 NAME CPU(cores) CPU% MEMORY(bytes) MEMORY%
72.131.183.22 3051m 38% 24953Mi 78%


19.删除pods

如果想删除一个pod,你可以简单地使用delete pod <pod_name>选项,如下所示,


[root@localhost ~]# kubectl delete pod test-pod-0
pod "test-pod-0" deleted


20.删除所有pods

如果你想删除所有的Kubernetes集群pods,那么awk将非常方便地选择所有的第一列,并将这些列作为xargs命令的输入,一次删除所有的pods,而不是逐个删除。


[root@localhost ~]# kubectl get pods | awk '{ print $1};' | xargs kubectl delete pods
pod "test-pod-0-64958d679f-qxzbs" deleted
pod "test-pod-1-86b655bbff-789nd" deleted
pod "test-pod-2-6f6c8f9fdd-xm44w" deleted
pod "test-pod-3" deleted
pod "test-pod-4"-d7c457fc7-775gx" deleted
pod "test-pod-5-6d77f97f45-kkl8n" deleted
pod "test-pod-6-66ff6db548-4lh58" deleted
pod "test-pod-7-p6b5q" deleted
pod "test-pod-8-b577cf8b6-kw8s4" deleted
pod "test-pod-9-5bdf4f6887-dwkpm" deleted
pod "test-pod-10" deleted
pod "test-pod-11" deleted


21.获取所有API资源

如果想检查所有的API资源,那么你需要使用下面的API Resources选项。


[root@localhost ~]# kubectl api-resources
NAME SHORTNAMES APIGROUP NAMESPACED KIND
bindings true Binding
componentstatuses cs false ComponentStatus
configmaps cm true ConfigMap
endpoints ep true Endpoints
events ev true Event
limitranges limits true LimitRange


22.使用Kubectl命令检查其他选项

还可以使用以下kubectl选项检查可用于--help命令的所有选项,例如如果想检查kubectl get pods示例可以使用的所有选项,那么你需要使用 kubectl get pods --help 命令如下所示。


[root@ip-172-31-33-220 ~]# kubectl get pods --help
Display one or many resources

Prints a table of the most important information about the specified resources. You can filter the list using a label
selector and the --selector flag. If the desired resource type is namespaced you will only see results in your current
namespace unless you pass --all-namespaces.

Uninitialized objects are not shown unless --include-uninitialized is passed.



COM  COMM  Comma