Kubernetes(k8s)常用命令

kubectl create - 创建资源

$ kubectl create deployment kubernetes-bootcamp --image=gcr.io/google-samples/kubernetes-bootcamp:v1
deployment.apps/kubernetes-bootcamp created

kubectl run - 快速创建

快速创建单容器Deployment.

$ kubectl run --image=nginx:alpine nginx-app --port=8180
pod/nginx-app created

kubectl get - 获取资源列表

类似于docker ps，查询各种资源列表。

# 获取所有当前pods
$ kubectl get pods
NAME        READY   STATUS    RESTARTS   AGE
nginx-app   1/1     Running   0          9m52s
# 通过label筛选
$ kubectl get pods -l run=kubernetes-bootcamp

# 列出所有depolyment
$ kubectl get deployments
NAME                  READY   UP-TO-DATE   AVAILABLE   AGE
kubernetes-bootcamp   1/1     1            1           38s

# 查看当前所有service
$ kubectl get services
NAME         TYPE        CLUSTER-IP   EXTERNAL-IP   PORT(S)   AGE
kubernetes   ClusterIP   10.96.0.1    <none>        443/TCP   19s
# 通过label筛选
$ kubectl get services -l run=kubernetes-bootcamp

kubectl describe - 查看资源详细信息

类似于docker inspect，获取资源的详细信息。无论何时，只要遇到pod有问题，都先describe看下pod的状态。比如容器创建后，状态一直Pending（未正常启动至Running状态），那么可以用kubectl describe查看具体的原因是什么。

# 查看所有pods详情
$ kubectl describe pods

# 查看指定service详情
$ kubectl describe services/kubernetes-bootcamp

# 查看指定pod详情
$ kubectl describe pods nginx-app
Name:         nginx-app
Namespace:    default
Priority:     0
Node:         ttg12/192.168.199.212
Start Time:   Thu, 02 Jul 2020 10:53:06 +0800
Labels:       run=nginx-app
Annotations:  <none>
Status:       Pending
IP:
IPs:          <none>
Containers:
  nginx-app:
    Container ID:
    Image:          nginx:alpine
    Image ID:
    Port:           8180/TCP
    Host Port:      0/TCP
    State:          Waiting
      Reason:       ContainerCreating
    Ready:          False
    Restart Count:  0
    Environment:    <none>
    Mounts:
      /var/run/secrets/kubernetes.io/serviceaccount from default-token-b79fd (ro)
Conditions:
  Type              Status
  Initialized       True
  Ready             False
  ContainersReady   False
  PodScheduled      True
Volumes:
  default-token-b79fd:
    Type:        Secret (a volume populated by a Secret)
    SecretName:  default-token-b79fd
    Optional:    false
QoS Class:       BestEffort
Node-Selectors:  <none>
Tolerations:     node.kubernetes.io/not-ready:NoExecute for 300s
                 node.kubernetes.io/unreachable:NoExecute for 300s
Events:
  Type     Reason            Age                  From               Message
  ----     ------            ----                 ----               -------
  Warning  FailedScheduling  59s (x5 over 5m12s)  default-scheduler  0/1 nodes are available: 1 node(s) had taint {node-role.kubernetes.io/master: }, that the pod didn't tolerate.
  Normal   Scheduled         20s                  default-scheduler  Successfully assigned default/nginx-app to ttg12
  Normal   Pulling           18s                  kubelet, ttg12     Pulling image "nginx:alpine"

kubectl exec - 在容器内执行命令

类似于docker exec，在容器内执行一个命令

$ kubectl exec nginx-app ps aux
kubectl exec [POD] [COMMAND] is DEPRECATED and will be removed in a future version. Use kubectl kubectl exec [POD] -- [COMMAND] instead.
PID   USER     TIME  COMMAND
    1 root      0:00 nginx: master process nginx -g daemon off;
   29 nginx     0:00 nginx: worker process
   30 nginx     0:00 nginx: worker process
   31 nginx     0:00 nginx: worker process
   32 nginx     0:00 nginx: worker process
   33 root      0:00 ps aux

kubectl proxy - 启动代理

The kubectl command can create a proxy that will forward communications into the cluster-wide, private network. The proxy can be terminated by pressing control-C and won't show any output while its running.

# 开启一个新terminal启动proxy。Ctrl+C可退出
$ kubectl proxy

在另一个Terminal中请求API

$ curl localhost:8001/version
{
  "major": "1",
  "minor": "18",
  "gitVersion": "v1.18.0",
  "gitCommit": "9e991415386e4cf155a24b1da15becaa390438d8",
  "gitTreeState": "clean",
  "buildDate": "2020-03-25T14:50:46Z",
  "goVersion": "go1.13.8",
  "compiler": "gc",
  "platform": "linux/amd64"
}

The proxy enables direct access to the API from the terminal.

kubectl logs - 查看pod日志

查看指定pod中的容器的日志:

$ kubectl logs nginx-app

kubectl expose - 暴露service端口

# 将原服务的内部端口8080暴露为随机端口
$ kubectl expose deployment/kubernetes-bootcamp --type="NodePort" --port 8080
service/kubernetes-bootcamp exposed
# 查看服务列表（新增了`service/kubernetes-bootcamp`）
$ kubectl get services
# 在脚本中可以如下获取外部端口号
$ export NODE_PORT=$(kubectl get services/kubernetes-bootcamp -o go-template='{{(index .spec.ports 0).nodePort}}')
$ echo NODE_PORT=$NODE_PORT
# 访问服务
$ curl $(minikube ip):$NODE_PORT

kubectl label - 给资源打标签

# 设置标签
$ kubectl label pod $POD_NAME app=v1
# 设置之后, 可如下使用: 
$ kubectl get pods -l app=v1

kubectl delete - 删除一个资源

# 通过标签筛选删除一个服务
$ kubectl delete service -l run=kubernetes-bootcamp

Hints:

1. 通过脚本获取一些pod/node信息：

# pod name
$ export POD_NAME=$(kubectl get pods -o go-template --template '{{range .items}}{{.metadata.name}}{{"\n"}}{{end}}')
# node port
$ export NODE_PORT=$(kubectl get services/kubernetes-bootcamp -o go-template='{{(index .spec.ports 0).nodePort}}')