kubectl
本文最后更新于:2023年12月5日 晚上
kubectl 是 kube-apiserver 的命令行客户端,就像 redis-cli 是 redis 的命令行客户端
安装 kubectl
https://kubernetes.io/zh/docs/tasks/tools/install-kubectl/
https://developer.aliyun.com/mirror/kubernetes?spm=a2c6h.13651102.0.0.3e221b11Qo8aZk
kubectl 详解
https://kubernetes.io/zh/docs/reference/kubectl/overview/
https://kubernetes.io/docs/reference/kubectl/overview/
kubectl [command] [TYPE] [NAME] [flags]command:指定要对一个或多个资源执行的操作,例如 create、get、describe、delete
TYPE:指定资源类型。不区分大小写, 可以指定单数、复数或缩写形式。例如,以下命令输出相同的结果:
kubectl get pod pod1
kubectl get pods pod1
kubectl get po pod1NAME:指定资源的名称。名称区分大小写。 如果省略名称,则显示所有资源的详细信息
# 类型相同的资源 TYPE1 name1 name2 name3...
kubectl get pod example-pod1 example-pod2
# 多个资源类型 TYPE1/name1 TYPE1/name2 TYPE2/name3 ...
kubectl get pod/example-pod1 replicationcontroller/example-rc1
# 用一个或多个文件指定资源 -f file1 -f file2 -f file3...
kubectl get -f ./pod.yamlflags:指定可选的参数。例如,可以使用 -s 或 -server 指定 Kubernetes API 服务器的地址和端口
从命令行指定的参数优先级最高
基本命令
create # 创建资源
expose # 将资源暴露为新的 Service
run # 在集群上运行一个特定的镜像
set # 使用命令行修改资源
edit # 使用编辑器修改资源,交互式
explain # 资源的详细信息
get # 显示一个或多个资源
delete # 删除资源get
kubectl get [(-o|--output=)json|yaml|wide|custom-columns=...|custom-columns-file=...|go-template=...|go-template-file=...|jsonpath=...|jsonpath-file=...] (TYPE[.VERSION [.GROUP] [NAME | -l label] | TYPE[.VERSION][.GROUP]/NAME ...) [flags] [options]
# 示例
kubectl get pods
kubectl get pods -A 相当于 kubectl get pods --all-namespaces
kubectl get pods -o wide
kubectl get replicationcontroller web
kubectl get deployments.v1.apps -o json
kubectl get -o json pod web-pod-13je7
kubectl get -f pod.yaml -o json
kubectl get -k dir/
kubectl get -o template pod/web-pod-13je7 --template={{.status.phase}}
kubectl get rc,services
kubectl get rc/web service/frontend pods/web-pod-13je7create
kubectl create -f FILENAME [options]
# 示例:
kubectl create -f ./pod.json
cat pod.json | kubectl create -f -
kubectl create -f docker-registry.yaml --edit -o jsonexpose
kubectl expose (-f FILENAME | TYPE NAME) [--port=port] [--protocol=TCP|UDP|SCTP] [--target-port=number-or-name] [--name=name] [--external-ip=external-ip-of-service] [--type=type] [options]
# 示例:
kubectl expose rc nginx --port=80 --target-port=8000
kubectl expose -f nginx-controller.yaml --port=80 --target-port=8000
kubectl expose pod valid-pod --port=444 --name=frontend
kubectl expose service nginx --port=443 --target-port=8443 --name=nginx-https
kubectl expose rc streamer --port=4100 --protocol=UDP --name=video-stream
kubectl expose rs nginx --port=80 --target-port=8000
kubectl expose deployment nginx --port=80 --target-port=8000set ★★★
kubectl set SUBCOMMAND [options]
SUBCOMMAND:
env # 更新环境变量,对应deployment的`spec.template.spec.containers.env`
image # 更新镜像
resources Update resource requests/limits on objects with pod templates
selector Set the selector on a resource
serviceaccount Update ServiceAccount of a resourcekubectl set image (-f FILENAME | TYPE NAME) CONTAINER_NAME_1=CONTAINER_IMAGE_1 ... CONTAINER_NAME_N=CONTAINER_IMAGE_N [options]
# 示例
kubectl set image deployment/nginx busybox=busybox nginx=nginx:1.9.1
kubectl set image deployments,rc nginx=nginx:1.9.1 --all
kubectl set image daemonset abc *=nginx:1.9.1
kubectl set image -f path/to/file.yaml nginx=nginx:1.9.1 --local -o yamledit
kubectl edit (RESOURCE/NAME | -f FILENAME) [options]
# 示例:
kubectl edit svc/docker-registry
KUBE_EDITOR="nano" kubectl edit svc/docker-registry
kubectl edit job.v1.batch/myjob -o json
kubectl edit deployment/mydeployment -o yaml --save-configrun
kubectl run NAME --image=<image> [--env="key=value"] [--port=port] [--dry-run=server|client] [--overrides=inline-json] [--command] -- [COMMAND] [args...] [options]
# 示例:
kubectl run nginx --image=nginx # 使用默认命令启动
kubectl run nginx --image=nginx -- <arg1> <arg2> ... <argN> #默认命令,自定义参数
kubectl run nginx --image=nginx --command -- <cmd> <arg1> ... <argN> #非默认命令
kubectl run test1 --image=harbor.ljk.local/baseimages/alpine:3.12.4 -- sleep 3600explain
kubectl explain RESOURCE [options]
kubectl explain <type>.<fieldName>[.<fieldName>] [options]使用 kubectl explain 查看配置清单怎么写,例如:使用 kubectl explain deployment 查看创建 deployment 资源的配置清单怎么写,使用 kubectl explain namespace 查看创建 namespace 资源的配置清单怎么写,等等
delete
kubectl delete ([-f FILENAME] | [-k DIRECTORY] | TYPE [(NAME | -l label | --all)]) [options]
# 示例:
kubectl delete -f ./pod.json
kubectl delete -k dir
cat pod.json | kubectl delete -f -
kubectl delete pod,service baz foo
kubectl delete pods,services -l name=myLabel
kubectl delete pod foo --now
kubectl delete pod foo --force
kubectl delete pods --all部署命令
rollout 管理资源的升级和回滚
scale 弹性伸缩Pod数量
autoscale 自动设置运行的pod数量(水平自动伸缩)rollout ★★★
kubectl rollout SUBCOMMAND [options]
SUBCOMMAND:
history 查看指定资源的操作记录
pause 暂停升级
restart Restart a resource
resume 继续升级
status Show the status of the rollout
undo 升级回滚kubectl rollout history (TYPE NAME | TYPE/NAME) [flags] [options]
# 示例:
kubectl rollout history deployment/abc
deployments "nginx-deployment"
EVISION CHANGE-CAUSE
1 kubectl apply --filename=nginx-deployment.yaml --record=true
2 kubectl set image deployment/abc nginx=nginx:1.9.1 --record=true
3 kubectl set image deployment/abc nginx=nginx:1.91 --record=true
kubectl rollout history daemonset/abc --revision=3 # 指定版本
kubectl rollout history deployment.v1.apps/nginx-deployment
kubectl rollout history deployment.v1.apps/nginx-deployment --revision=2kubectl rollout undo (TYPE NAME | TYPE/NAME) [flags] [options]
# 示例:
kubectl rollout undo deployment/abc # 回滚到上个版本
kubectl rollout undo daemonset/abc --to-revision=3 # 回滚到指定版本
kubectl rollout undo --dry-run=server deployment/abcscale
kubectl scale [--resource-version=version] [--current-replicas=count] --replicas=COUNT (-f FILENAME | <TYPE> <NAME>) [options]
# 示例:
kubectl scale --replicas=3 rs/foo
kubectl scale --replicas=3 -f foo.yaml
kubectl scale --current-replicas=2 --replicas=3 deployment/mysql
kubectl scale --replicas=5 rc/foo rc/bar rc/baz
kubectl scale --replicas=3 statefulset/webautoscale
kubectl autoscale (-f FILENAME | TYPE NAME | TYPE/NAME) [--min=MINPODS] --max=MAXPODS [--cpu-percent=CPU] [options]
# 示例:
kubectl autoscale deployment foo --min=2 --max=10
kubectl autoscale rc foo --max=5 --cpu-percent=80集群管理命令
certificate Modify certificate resources.
cluster-info 集群信息
top 集群资源 (CPU/Memory/Storage) 使用情况
cordon 警戒线,标记node不被调度,即不参加pod调度
uncordon 取消警戒标记为cordon的node,即参加pod调度
drain 驱逐node上的pod,用于node下线等场景
taint 给node标记污点cordon
uncordon
故障处理和调试命令
describe 显示资源或资源组的详细信息
logs 打印pod中容器的日志(标准输出的日志)
attach Attach to a running container
exec 和docker的exec实现一样的功能,只是更加智能,不用考虑容器在哪个节点上
port-forward Forward one or more local ports to a pod
proxy Run a proxy to the Kubernetes API server
cp Copy files and directories to and from containers.
auth Inspect authorization
debug Create debugging sessions for troubleshooting workloads and nodesdescribe ★★★
kubectl describe (-f FILENAME | TYPE [NAME_PREFIX | -l label] | TYPE/NAME) [options]
# 示例:
kubectl describe nodes kubernetes-node-emt8.c.myproject.internal
kubectl describe pods/nginx
kubectl describe -f pod.json
kubectl describe pods
kubectl describe po -l name=myLabel
kubectl describe pods frontend经常用此命令查看 pod 的日志
pod 没有启动的原因排错:
- kubectl get
- kubectl describe
- kubectl logs
- 到 pod 所在的宿主机去看宿主机的系统日志
logs
kubectl logs [-f] [-p] (POD | TYPE/NAME) [-c CONTAINER] [options]
# 示例:
kubectl logs nginx
kubectl logs nginx --all-containers=true
kubectl logs -lapp=nginx --all-containers=true
kubectl logs -p -c ruby web-1
kubectl logs -f -c ruby web-1
kubectl logs -f -lapp=nginx --all-containers=true
kubectl logs --tail=20 nginx
kubectl logs --since=1h nginx
kubectl logs --insecure-skip-tls-verify-backend nginx
kubectl logs job/hello
kubectl logs deployment/nginx -c nginx-1exec
kubectl exec (POD | TYPE/NAME) [-c CONTAINER] [flags] -- COMMAND [args...] [options]
# 示例:
kubectl exec mypod -- date
kubectl exec mypod -c ruby-container -- date
kubectl exec mypod -c ruby-container -i -t -- bash -il
kubectl exec mypod -i -t -- ls -t /usr
kubectl exec deploy/mydeployment -- date
kubectl exec svc/myservice -- date注意:进入容器只是查看信息,不要修改配置,如果需要修改配置,只能重新打镜像
高级命令
diff Diff live version against would-be applied version
apply Apply a configuration to a resource by filename or stdin
patch Update field(s) of a resource
replace Replace a resource by filename or stdin
wait Experimental: Wait for a specific condition on one or many resources.
kustomize Build a kustomization target from a directory or a remote url.diff
apply ★★★
kubectl apply (-f FILENAME | -k DIRECTORY) [options]
# 示例:
kubectl apply -f ./pod.json
kubectl apply -k dir/
cat pod.json | kubectl apply -f -
kubectl apply --prune -f manifest.yaml -l app=nginx
kubectl apply --prune -f manifest.yaml --all --prune-whitelist=core/v1/ConfigMappatch
修改、更新资源字段,支持 JSON 和 YAML 格式
kubectl patch (-f FILENAME | TYPE NAME) [-p PATCH|--patch-file FILE] [options]
-p:更新json资源文件
# 示例:
kubectl patch node k8s-node-1 -p '{"spec":{"unschedulable":true}}'
kubectl patch node k8s-node-1 -p $'spec:\n unschedulable: true'
kubectl patch -f node.json -p '{"spec":{"unschedulable":true}}'
kubectl patch pod valid-pod -p '{"spec":{"containers":[{"name":"kubernetes-serve-hostname","image":"new image"}]}}'
kubectl patch pod valid-pod --type='json' -p='[{"op": "replace", "path": "/spec/containers/0/image", "value":"newimage"}]'replace
使用配置文件或 stdin 来替换当前资源
kubectl replace -f FILENAME [options]
# 示例:
kubectl replace -f ./pod.json
cat pod.json | kubectl replace -f -
kubectl get pod mypod -o yaml | sed 's/\(image: myimage\):.*$/\1:v4/' | kubectl replace -f -
kubectl replace --force -f ./pod.jsoncreate 、apply、replace 的区别:
create:指定一个动作,新建资源replace:指定一个动作,替换资源apply:指定目标状态,不关心实现的过程
# 新建资源
kubectl create -f nginx.yaml
# 修改nginx.yaml,然后用修改后替换当前的
kubectl replace -f nginx.yaml相当于:
# 新建资源,相当于 `kubectl create`
kubectl apply -f nginx.yaml
# 修改nginx.yaml,然后更新资源,相当于 `kubectl path`
kubectl apply -f nginx.yamlwait
kustomize
设置命令
label Update the labels on a resource
annotate Update the annotations on a resource
completion Output shell completion code for the specified shell (bash or zsh)[root@k8s-master ~]$kubectl completion bash > /etc/profile.d/kubectl_completion.sh其他命令
api-resources 打印服务器上支持的API资源
api-versions 以 "group/version" 的形式打印API versions
config Modify kubeconfig files
plugin Provides utilities for interacting with plugins.
version Print the client and server version information
alpha
convert
options输出选项
Formatting output
kubectl [command] [TYPE] [NAME] -o <output_format>
-o wide:适合查看
-o json:适合监控Sorting list objects
kubectl [command] [TYPE] [NAME] --sort-by=<jsonpath_exp>示例:常用操作
示例:创建和使用插件
资源
kubectl api-resourceskubectl
http://blog.lujinkai.cn/运维/Kubernetes/kubectl/