2. 科技
    3. 04、Kubernetes集群功能演示(kubectl管理命令的使用)

    04、Kubernetes集群功能演示(kubectl管理命令的使用)

    科技2022-07-31  95

    04、Kubernetes 集群功能演示(kubectl管理命令的使用)

    通过一段学习,我们的Kubernetes已经部署起来,现在就开始功能的演示。 Kubectl是管理k8s集群的命令行工具,通过生成的json格式传递给apiserver进行创建、查看、管理的操作。

    一、kubectl帮助信息

    kubectl run --help [root@master01 ~]# kubectl --help kubectl controls the Kubernetes cluster manager.(kubectl控制Kubernetes集群管理器) Find more information at(更多信息请访问): https://kubernetes.io/docs/reference/kubectl/overview/

    Basic Commands (Beginner):基本命令(初级)

    create Create a resource from a file or from stdin.(从文件或stdin创建资源) expose 使用 replication controller, service, deployment 或者 pod 并暴露它作为一个 新的 Kubernetes Service run 在集群中运行一个指定的镜像 set 为 objects 设置一个指定的特征

    Basic Commands (Intermediate):基本命令(中级)

    explain 查看资源的文档 get 显示一个或更多 resources edit 在服务器上编辑一个资源 delete Delete resources by filenames, stdin,resources and names, or by resources and label selector(按文件名、stdin、资源和名称删除资源,或按资源和标签选择器删除资源)

    Deploy Commands:部署命令

    rollout Manage the rollout of a resource scale Set a new size for a Deployment, ReplicaSet or Replication Controller autoscale 自动调整一个 Deployment, ReplicaSet, 或者 ReplicationController 的副本数量

    Cluster Management Commands:集群管理命令

    certificate 修改 certificate 资源. cluster-info 显示集群信息 top Display Resource (CPU/Memory/Storage) usage.(显示资源(CPU/内存/存储)使用情况) cordon 标记 node 为 unschedulable uncordon 标记 node 为 schedulable drain Drain node in preparation for maintenance(排水节点,准备维护) taint 更新一个或者多个 node 上的 taints

    Troubleshooting and Debugging Commands:故障排除和调试命令

    describe 显示一个指定 resource 或者 group 的 resources 详情 logs 输出容器在 pod 中的日志 attach Attach 到一个运行中的 container exec 在一个 container 中执行一个命令 port-forward Forward one or more local ports to a pod(将一个或多个本地端口转发到一个pod) proxy 运行一个 proxy 到 Kubernetes API server cp 复制 files 和 directories 到 containers 和从容器中复制 files 和 directories. auth Inspect authorization(检查授权)

    Advanced Commands:先进的命令

    diff Diff live version against would-be applied version apply 通过文件名或标准输入流(stdin)对资源进行配置 patch 使用 strategic merge patch 更新一个资源的 field(s) replace 通过 filename 或者 stdin替换一个资源 wait Experimental: Wait for a specific condition on one or many resources. convert 在不同的 API versions 转换配置文件 kustomize Build a kustomization target from a directory or a remote url.

    Settings Commands:设置命令

    label 更新在这个资源上的 labels annotate 更新一个资源的注解 completion Output shell completion code for the specified shell (bash or zsh)

    Other Commands:其他命令

    alpha Commands for features in alpha api-resources Print the supported API resources on the server api-versions Print the supported API versions on the server, in the form of “group/version” config 修改 kubeconfig 文件 plugin Provides utilities for interacting with plugins. version 输出 client 和 server 的版本信息

    二、项目的生命周期

    创建–》发布–》更新–》回滚–》删除

    1、创建kubectl run

    kubectl run 命令

    语法:

    kubectl run NAME --image=image(镜像) [–env=“key=value”] [–port=port(端口)] [–replicas=replicas(副本)] [–dry-run=bool(测试状态)] [–overrides=inline-json(重写)] [–command(命令)] --[COMMAND] [args…] [options]

    创建nginx

    (1)创建nginx镜像,副本集数量为3个

    [root@master01 ~]# kubectl run nginx --image=nginx:latest --port=80 --replicas=3 Flag --replicas has been deprecated, has no effect and will be removed in the future. pod/nginx created

    报错:Flag --replicas has been deprecated, has no effect and will be removed in the future. 经查询说是–replicas已弃用 ,推荐用 deployment 创建 pods

    但是,这里已经提示pod/nginx created(pod/nginx已创建)应该先删除,再用yml创建。

    #找到原先安装的pod的name kubectl get pods #删除上面语句产生的nginx kubectl delete pods nginx [root@master01 ~]# kubectl get pods #找到原先安装的pod的name NAME READY STATUS RESTARTS AGE nginx 1/1 Running 0 34m [root@master01 ~]# kubectl delete pods nginx #删除上面语句产生的nginx-deploy pod "nginx" deleted

    现在已经删除了。 接下来我们把下面的yml代码复制,粘贴到vim nginx-deployment.yaml里面去。 粘贴过程中可能会代码错位,进入vim 编辑模式前输入:set paste解决缩进错乱的问题。

    # API 版本号 apiVersion: apps/v1 # 类型,如:Pod/ReplicationController/Deployment/Service/Ingress kind: Deployment metadata: # Kind 的名称 name: nginx-app spec: selector: matchLabels: # 容器标签的名字,发布 Service 时,selector 需要和这里对应 app: nginx # 部署的实例数量 replicas: 2 template: metadata: labels: app: nginx spec: # 配置容器,数组类型,说明可以配置多个容器 containers: # 容器名称 - name: nginx # 容器镜像 image: nginx:1.17 # 只有镜像不存在时,才会进行镜像拉取 imagePullPolicy: IfNotPresent ports: # Pod 端口 - containerPort: 80

    然后通过kubectl apply -f nginx-deployment.yaml来创建。

    [root@master01 ~]# vim nginx-deployment.yaml [root@master01 ~]# kubectl apply -f nginx-deployment.yaml deployment.apps/nginx-deployment created [root@master01 ~]# kubectl get deployment NAME READY UP-TO-DATE AVAILABLE AGE nginx-deployment 2/2 2 2 34s

    (2)查看创建的镜像,控制器,副本集

    [root@master01 ~]# kubectl get pods,deployment,replicaset NAME READY STATUS RESTARTS AGE pod/nginx-deployment-6b474476c4-mgb8l 1/1 Running 0 7m23s pod/nginx-deployment-6b474476c4-x2m4r 1/1 Running 0 7m23s NAME READY UP-TO-DATE AVAILABLE AGE deployment.apps/nginx-deployment 2/2 2 2 7m23s NAME DESIRED CURRENT READY AGE replicaset.apps/nginx-deployment-6b474476c4 2 2 2 7m23s [root@master01 ~]#

    2、发布kubectl expose

    kubectl expose命令

    语法:

    kubectl expose (-f FILENAME | TYPE NAME) [–port=port(端口:群集之间内部通讯的端口)] [–protocol=TCP|UDP|SCTP] [–target-port=number-or-name(端口:暴露在外部的端口)] [–name=name(名称)] [–external-ip=external-ip-of-service] [–type=type(类型)] [options(选项)]

    发布nginx:

    (1)发布nginx,类型为deployment,对内的端口号为80,对外暴露的端口也是80,并且deployment的名称为nginx-service,其类型为NodePort

    [root@master01 ~]# kubectl expose deployment nginx-deployment --port=80 --type=LoadBalancer service/nginx-deployment exposed [root@master01 ~]#

    (2)查看资源对象,查看所有Pod列表,以及查看services服务

    [root@master01 ~]# kubectl get pods,svc NAME READY STATUS RESTARTS AGE pod/nginx-deployment-6b474476c4-mgb8l 1/1 Running 0 11m pod/nginx-deployment-6b474476c4-x2m4r 1/1 Running 0 11m NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE service/kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 2d8h service/nginx-deployment LoadBalancer 10.106.69.201 <pending> 80:32271/TCP 82s

    (3)查看资源对象简写

    [root@master01 ~]# kubectl api-resources NAME SHORTNAMES APIGROUP NAMESPACED KIND bindings true Binding componentstatuses cs false ComponentStatus configmaps cm true ConfigMap endpoints ep true Endpoints events ev true Event limitranges limits true LimitRange namespaces ns false Namespace nodes no false Node persistentvolumeclaims pvc true PersistentVolumeClaim persistentvolumes pv false PersistentVolume pods po true Pod podtemplates true PodTemplate replicationcontrollers rc true ReplicationController resourcequotas quota true ResourceQuota secrets true Secret serviceaccounts sa true ServiceAccount services svc true Service mutatingwebhookconfigurations admissionregistration.k8s.io false MutatingWebhookConfiguration validatingwebhookconfigurations admissionregistration.k8s.io false ValidatingWebhookConfiguration customresourcedefinitions crd,crds apiextensions.k8s.io false CustomResourceDefinition apiservices apiregistration.k8s.io false APIService controllerrevisions apps true ControllerRevision daemonsets ds apps true DaemonSet deployments deploy apps true Deployment replicasets rs apps true ReplicaSet statefulsets sts apps true StatefulSet tokenreviews authentication.k8s.io false TokenReview localsubjectaccessreviews authorization.k8s.io true LocalSubjectAccessReview selfsubjectaccessreviews authorization.k8s.io false SelfSubjectAccessReview selfsubjectrulesreviews authorization.k8s.io false SelfSubjectRulesReview subjectaccessreviews authorization.k8s.io false SubjectAccessReview horizontalpodautoscalers hpa autoscaling true HorizontalPodAutoscaler cronjobs cj batch true CronJob jobs batch true Job certificatesigningrequests csr certificates.k8s.io false CertificateSigningRequest leases coordination.k8s.io true Lease endpointslices discovery.k8s.io true EndpointSlice events ev events.k8s.io true Event ingresses ing extensions true Ingress ingressclasses networking.k8s.io false IngressClass ingresses ing networking.k8s.io true Ingress networkpolicies netpol networking.k8s.io true NetworkPolicy runtimeclasses node.k8s.io false RuntimeClass poddisruptionbudgets pdb policy true PodDisruptionBudget podsecuritypolicies psp policy false PodSecurityPolicy clusterrolebindings rbac.authorization.k8s.io false ClusterRoleBinding clusterroles rbac.authorization.k8s.io false ClusterRole rolebindings rbac.authorization.k8s.io true RoleBinding roles rbac.authorization.k8s.io true Role priorityclasses pc scheduling.k8s.io false PriorityClass csidrivers storage.k8s.io false CSIDriver csinodes storage.k8s.io false CSINode storageclasses sc storage.k8s.io false StorageClass volumeattachments storage.k8s.io false VolumeAttachment

    (4)查看关联后端的节点

    [root@master01 ~]# kubectl get endpoints NAME ENDPOINTS AGE kubernetes 10.10.30.40:6443 2d8h nginx-deployment 10.244.1.3:80,10.244.2.2:80 2m54s

    (5)网络状态详细信息

    [root@master01 ~]# kubectl get pods -o wide NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES nginx-deployment-6b474476c4-mgb8l 1/1 Running 0 13m 10.244.1.3 work02 <none> <none> nginx-deployment-6b474476c4-x2m4r 1/1 Running 0 13m 10.244.2.2 work01 <none> <none>

    (6)查看服务暴露的端口

    [root@master01 ~]# kubectl get svc NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 2d8h nginx-deployment LoadBalancer 10.106.69.201 <pending> 80:32271/TCP 3m43s

    在node01操作,查看负载均衡端口32271

    注意:kubernetes里kube-proxy支持三种模式,在v1.8之前我们使用的是iptables 以及 userspace两种模式,在kubernetes 1.8之后引入了ipvs模式,所以我们要实现安装一个 ipvsadm的软件包

    [root@localhost ~]# yum install ipvsadm -y IP Virtual Server version 1.2.1 (size=4096) Prot LocalAddress:Port Scheduler Flags -> RemoteAddress:Port Forward Weight ActiveConn InActConn

    在node02操作,同样安装ipvsadmin工具查看

    [root@localhost ~]# yum install ipvsadm -y [root@master01 ~]# ipvsadm -L -n IP Virtual Server version 1.2.1 (size=4096) Prot LocalAddress:Port Scheduler Flags -> RemoteAddress:Port Forward Weight ActiveConn InActConn

    在master1操作 查看访问日志(注意:如果访问其他node无法访问检查proxy组件)

    [root@master01 ~]# kubectl get pods NAME READY STATUS RESTARTS AGE nginx-deployment-6b474476c4-mgb8l 1/1 Running 0 17m nginx-deployment-6b474476c4-x2m4r 1/1 Running 0 17m

    在没有访问的情况下,是没有日志的

    [root@master01 ~]# kubectl logs nginx-deployment-6b474476c4-mgb8l [root@master01 ~]# kubectl logs nginx-deployment-6b474476c4-x2m4r

    去浏览器进行访问后,再去进行日志的查看

    输入:http://10.10.30.40:32271/

    [root@master01 ~]# kubectl logs nginx-deployment-6b474476c4-x2m4r 10.244.0.0 - - [04/Oct/2020:18:33:38 +0000] "GET / HTTP/1.1" 200 612 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4209.2 Safari/537.36" "-" 2020/10/04 18:33:39 [error] 6#6: *1 open() "/usr/share/nginx/html/favicon.ico" failed (2: No such file or directory), client: 10.244.0.0, server: localhost, request: "GET /favicon.ico HTTP/1.1", host: "10.10.30.40:32271", referrer: "http://10.10.30.40:32271/" 10.244.0.0 - - [04/Oct/2020:18:33:39 +0000] "GET /favicon.ico HTTP/1.1" 404 571 "http://10.10.30.40:32271/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4209.2 Safari/537.36" "-"

    3、更新kubecl set

    kubecl set命令

    更新nginx 为1.14版本

    (1)谷歌浏览器重新加载刷新页面查看nginx版本信息

    kubecl set命令

    [root@localhost ~]# kubectl set --help Configure application resources These commands help you make changes to existing application resources. Available Commands: env Update environment variables on a pod template image 更新一个 pod template 的镜像 resources 在对象的 pod templates 上更新资源的 requests/limits selector 设置 resource 的 selector serviceaccount Update ServiceAccount of a resource subject Update User, Group or ServiceAccount in a RoleBinding/ClusterRoleBinding Usage: kubectl set SUBCOMMAND [options] Use "kubectl <command> --help" for more information about a given command. Use "kubectl options" for a list of global command-line options (applies to all commands).

    (2)获取修改模板

    [root@localhost ~]# kubectl set image --help Examples: # Set a deployment's nginx container image to 'nginx:1.9.1', and its busybox container image to 'busybox'. kubectl set image deployment/nginx busybox=busybox nginx=nginx:1.9.1

    (3)更新

    [root@localhost bin]# kubectl set image deployment/nginx nginx=nginx:1.14 deployment.extensions/nginx image updated [root@localhost ~]# kubectl get pods -w NAME READY STATUS RESTARTS AGE nginx-6ff7c89c7c-cbrth 0/1 ContainerCreating 0 14s nginx-7697996758-d6l5w 1/1 Running 0 179m nginx-7697996758-rtl66 1/1 Running 0 179m nginx-7697996758-zghwr 1/1 Running 0 179m nginx-6ff7c89c7c-cbrth 1/1 Running 0 39s nginx-7697996758-d6l5w 1/1 Terminating 0 179m nginx-6ff7c89c7c-fdfdv 0/1 Pending 0 0s nginx-6ff7c89c7c-fdfdv 0/1 Pending 0 0s nginx-6ff7c89c7c-fdfdv 0/1 ContainerCreating 0 0s nginx-7697996758-d6l5w 0/1 Terminating 0 179m nginx-7697996758-d6l5w 0/1 Terminating 0 179m nginx-7697996758-d6l5w 0/1 Terminating 0 179m nginx-6ff7c89c7c-fdfdv 1/1 Running 0 27s nginx-7697996758-rtl66 1/1 Terminating 0 179m nginx-6ff7c89c7c-2bfhh 0/1 Pending 0 0s nginx-6ff7c89c7c-2bfhh 0/1 Pending 0 0s nginx-6ff7c89c7c-2bfhh 0/1 ContainerCreating 0 0s nginx-7697996758-rtl66 0/1 Terminating 0 179m nginx-7697996758-rtl66 0/1 Terminating 0 3h nginx-7697996758-rtl66 0/1 Terminating 0 3h nginx-6ff7c89c7c-2bfhh 1/1 Running 0 17s nginx-7697996758-zghwr 1/1 Terminating 0 3h nginx-7697996758-zghwr 0/1 Terminating 0 3h nginx-7697996758-zghwr 0/1 Terminating 0 3h nginx-7697996758-zghwr 0/1 Terminating 0 3h

    (4)Ctrl+c中断监听,更新速度快

    [root@localhost ~]# kubectl get pods NAME READY STATUS RESTARTS AGE nginx-6ff7c89c7c-2bfhh 1/1 Running 0 117s nginx-6ff7c89c7c-cbrth 1/1 Running 0 3m3s nginx-6ff7c89c7c-fdfdv 1/1 Running 0 2m24s

    (5)再回到浏览器界面,重新加载,查看版本号

    4、回滚kubectl rollout

    kubectl rollout命令

    [root@localhost ~]# kubectl rollout --help Manage the rollout of a resource. Valid resource types include: * deployments * daemonsets * statefulsets Examples: # Rollback to the previous deployment kubectl rollout undo deployment/abc # Check the rollout status of a daemonset kubectl rollout status daemonset/foo Available Commands: history 显示 rollout 历史 pause 标记提供的 resource 为中止状态 resume 继续一个停止的 resource status 显示 rollout 的状态 undo 撤销上一次的 rollout Usage: kubectl rollout SUBCOMMAND [options] Use "kubectl <command> --help" for more information about a given command. Use "kubectl options" for a list of global command-line options (applies to all commands).

    (1)查看历史版本

    [root@localhost ~]# kubectl rollout history deployment/nginx deployment.extensions/nginx REVISION CHANGE-CAUSE 1 <none> 2 <none>

    (2)执行回滚

    [root@localhost ~]# kubectl rollout undo deployment/nginx deployment.extensions/nginx

    (3)检查回滚状态

    [root@localhost ~]# kubectl rollout status deployment/nginx Waiting for deployment "nginx" rollout to finish: 1 old replicas are pending termination... Waiting for deployment "nginx" rollout to finish: 1 old replicas are pending termination... deployment "nginx" successfully rolled out

    (4)回到浏览器界面,重新加载,查看版本号

    5、删除kubectl delete

    kubectl delete命令

    (1)删除nginx

    [root@localhost ~]# kubectl get deploy #查看deployment NAME DESIRED CURRENT UP-TO-DATE AVAILABLE AGE nginx 3 3 3 3 3h18m [root@localhost ~]# **kubectl delete deployment/nginx** deployment.extensions "nginx" deleted [root@localhost ~]# **kubectl get deploy** **#**再查看,删除成功 No resources found.

    (2)删除服务svc

    [root@localhost ~]# kubectl get svc NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE kubernetes ClusterIP 10.0.0.1 <none> 443/TCP 3d10h nginx-service NodePort 10.0.0.121 <none> 80:37434/TCP 177m [root@localhost ~]# kubectl delete svc/nginx-service service "nginx-service" deleted [root@localhost ~]# kubectl get svc NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE kubernetes ClusterIP 10.0.0.1 <none> 443/TCP 3d10h
    Processed: 0.015, SQL: 8