您的位置:360文档中心› kubernetes学习之kubectl命令详解

kubernetes学习之kubectl命令详解

合集下载
  1. 1、下载文档前请自行甄别文档内容的完整性,平台不提供额外的编辑、内容补充、找答案等附加服务。
  2. 2、"仅部分预览"的文档,不可在线预览部分如存在完整性等问题,可反馈申请退款(可完整预览的文档不适用该条件!)。
  3. 3、如文档侵犯您的权益,请联系客服反馈,我们会尽快为您处理(人工客服工作时间:9:00-18:30)。

kubernetes学习之kubectl命令详解
kubectl使⽤详解
管理k8s核⼼资源,说⽩了就是管理k8s集群的各种资源,四组核⼼概念
pod和pod控制器
name和namespace
label和label***ker
ingress和service,service和ingress
管理k8s核⼼资源的三种基本办法:
陈述式管理⽅法:主要依赖命令⾏CLI⼯具进⾏管理
声明式管理⽅法:主要依赖同意资源配置清单(manifest)进⾏管理
GUI式管理⽅法:主要依赖图形化操作界⾯(web页⾯)进⾏管理
这三种办法互相依托,协同⼯作,所以这三种办法都要掌握
陈述式管理办法
查找名称空间
```bash
[root@hdss7-22 ~]# kubectl get namespace
NAME STATUS AGE
default Active 14d
kube-node-lease Active 14d
kube-public Active 14d
kube-system Active 14d
还可以简写
[root@hdss7-22 ~]# kubectl get ns
NAME STATUS AGE
default Active 14d
kube-node-lease Active 14d
kube-public Active 14d
kube-system Active 14d
[root@hdss7-22 ~]# kubectl get all -n default
NAME READY STATUS RESTARTS AGE
pod/nginx-ds-nmgjn 1/1 Running 1 6d22h
pod/nginx-ds-v7hrn 1/1 Running 1 6d22h
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/kubernetes ClusterIP 192.168.0.1 <none> 443/TCP 14d
NAME DESIRED CURRENT READY UP-TO-DATE AVAILABLE NODE SELECTOR AGE
daemonset.apps/nginx-ds 2 2 2 2 2 <none> 6d22h
-n default可以默认不写,除⾮显式指定名称空间,-n 名称空间
创建名称空间
[root@hdss7-22 ~]# kubectl create ns app
namespace/app created
[root@hdss7-22 ~]# kubectl get ns
NAME STATUS AGE
app Active 12s
删除
[root@hdss7-22 ~]# kubectl delete ns app
namespace "app" deleted
管理deployment资源
创建deployment
image是指定仓库⾥⾯的镜像
[root@hdss7-21 ~]# kubectl create deployment nginx-dp --image=/public/nginx:v1.7.9 -n kube-public
deployment.apps/nginx-dp created
[root@hdss7-21 ~]# kubectl get deploy -n kube-public
NAME READY UP-TO-DATE AVAILABLE AGE
nginx-dp 1/1 1 1 26s
[root@hdss7-21 ~]# kubectl get pods -n kube-public -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
nginx-dp-5dfc689474-lt7xp 1/1 Running 0 105s 172.7.22.3 <none> <none>
-o wide使⽤扩展的⽅式显⽰资源
看到这个pod IP,瞬间就反应到宿主机上,10.4.7.22,这就是为什么要规范我们的pod⽹络,它实际上是和我们的node⽹络有关联的。

[root@hdss7-22 ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
50900aac89d3 84581e99d807 "nginx -g 'daemon of…" 36 minutes ago Up 36 minutes k8s_my-nginx_nginx-ds-nmgjn_default_835d2419-769a-4d9c-b6a1-85967ad5989c_1 7072a0744000 /public/pause:latest "/pause" 36 minutes ago Up 36 minutes k8s_POD_nginx-ds-nmgjn_default_835d2419-769a-4d9c-b6a1-85967ad5989c_1
6177adeadd5e /public/nginx "nginx -g 'daemon of…" 6 days ago Exited (255) 36 minutes ago k8s_my-nginx_nginx-ds-nmgjn_default_835d2419-769a-4d9c-b6a1-85967ad5989c_0 780d1a240090 /public/pause:latest "/pause" 6 days ago Exited (255) 36 minutes ago k8s_POD_nginx-ds-nmgjn_default_835d2419-769a-4d9c-b6a1-85967ad5989c_0
这个"/pause"就是先⾏的把⽹络空间,ipc空间等占了
详细查看
[root@hdss7-21 ~]# kubectl describe deployment nginx-dp -n kube-public
Name: nginx-dp
Namespace: kube-public
CreationTimestamp: Mon, 17 Aug 2020 21:58:01 +0800
Labels: app=nginx-dp
Annotations: deployment.kubernetes.io/revision: 1
Selector: app=nginx-dp
Replicas: 1 desired | 1 updated | 1 total | 1 available | 0 unavailable
StrategyType: RollingUpdate
MinReadySeconds: 0
RollingUpdateStrategy: 25% max unavailable, 25% max surge
Pod Template:
Labels: app=nginx-dp
Containers:
nginx:
Image: /public/nginx:v1.7.9
Port: <none>
Host Port: <none>
Environment: <none>
Mounts: <none>
Volumes: <none>
Conditions:
Type Status Reason
---- ------ ------
Available True MinimumReplicasAvailable
Progressing True NewReplicaSetAvailable
OldReplicaSets: <none>
NewReplicaSet: nginx-dp-5dfc689474 (1/1 replicas created)
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal ScalingReplicaSet 7m52s deployment-controller Scaled up replica set nginx-dp-5dfc689474 to 1
Annotations:注解
Selector:标签选择器
StrategyType:更新策略:四种概念:蓝绿发布?滚动发布,灰度发布,⾦丝雀发布
k8s默认策略是滚动发布
Events:先找谁,谁⼲活,kubectl⼀条命令下去,先找ApiServer,通过ApiServer进⾏通信,ApiServer找scheduler,然后scheduler在最恰当的节点去起容器,⽐如有7-21节点是ready,7-22节点ready,它就有⼀些优选策略,预选策略是提前有⼀些要求,满⾜则选择。

就算要调度也是通知kubelet去⼲活,不会通过apiserver
可以看到kubelet的server是https://10.4.7.10:7443,⽽这,正好就是vip的IP和端⼝
[root@hdss7-21 ~]# cat /opt/kubernetes/server/bin/conf/kube-proxy.kubeconfig
apiVersion: v1
clusters:
- cluster:
.......
server: https://10.4.7.10:7443
.......
进⼊pod资源
[root@hdss7-21 ~]# kubectl get pods
NAME READY STATUS RESTARTS AGE
nginx-ds-nmgjn 1/1 Running 1 6d23h
nginx-ds-v7hrn 1/1 Running 1 6d23h
[root@hdss7-21 ~]# kubectl get pods -n kube-public
NAME READY STATUS RESTARTS AGE
nginx-dp-5dfc689474-lt7xp 1/1 Running 0 29m
[root@hdss7-21 ~]# kubectl exec -it nginx-dp-5dfc689474-lt7xp /bin/bash -n kube-public
root@nginx-dp-5dfc689474-lt7xp:/# ip add
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
8: eth0@if9: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 qdisc noqueue state UP
link/ether 02:42:ac:07:16:03 brd ff:ff:ff:ff:ff:ff
inet 172.7.22.3/24 brd 172.7.22.255 scope global eth0
valid_lft forever preferred_lft forever
使⽤docker exec也同样可以进⼊pod资源,⽽kubectl可以跨主机执⾏,就是说,可以在某个pod节点上查看其他pod的节点的pod资源
root@nginx-dp-5dfc689474-lt7xp:/# hostname
nginx-dp-5dfc689474-lt7xp
删除pod资源
[root@hdss7-21 ~]# kubectl get pods -n kube-public
NAME READY STATUS RESTARTS AGE
nginx-dp-5dfc689474-lt7xp 1/1 Running 0 39m
使⽤watch观察pod重建状态变化
[root@hdss7-21 ~]# watch -n 1 'kubectl describe deployment nginx-dp -n kube-public | grep -C 5 Event'
Every 1.0s: kubectl describe deployment nginx-dp -n kube-public | grep -C 5 Event Mon Aug 17 22:40:48 2020
---- ------ ------
Available True MinimumReplicasAvailable
Progressing True NewReplicaSetAvailable
OldReplicaSets: <none>
NewReplicaSet: nginx-dp-5dfc689474 (1/1 replicas created)
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal ScalingReplicaSet 42m deployment-controller Scaled up replica set nginx-dp-5dfc689474 to 1
删除pod资源其实就是重启pod的⽅法
[root@hdss7-21 ~]# kubectl delete pod nginx-dp-5dfc689474-lt7xp -n kube-public
pod "nginx-dp-5dfc689474-lt7xp" deleted
[root@hdss7-22 ~]# kubectl get pods -n kube-public
NAME READY STATUS RESTARTS AGE
nginx-dp-5dfc689474-n98tp 1/1 Running 0 46s
看到这⾥nginx的名字已经变了
nginx-dp-5dfc689474-lt7xp
nginx-dp-5dfc689474-n98tp
再扩展查看
[root@hdss7-22 ~]# kubectl get pods -n kube-public -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
nginx-dp-5dfc689474-n98tp 1/1 Running 0 2m31s 172.7.21.3 <none> <none>
可以看到现在已经running在172.7.21.3节点上,已经调度到172.7.21.3节点上。

为什么这样⼦?
因为scheduler发现7.21和7.22⼀样闲,就开始启动优选策略,然后如果两个忙闲都⼀样,⽹络带宽等都⼀样,就随机选择⼀个。

使⽤强制删除,需要加参数:--force--grace-period=0
kubectl delete pod nginx-dp-5dfc689474-lt7xp -n kube-public --force--grace-period=0
删除deployment
kubectl delete deployment nginx-dp -n kube-public
管理service资源
创建service
[root@hdss7-21 ~]# kubectl create deployment nginx-dp --image=/public/nginx:v1.7.9 -n kube-public
deployment.apps/nginx-dp created
[root@hdss7-21 ~]# kubectl get all -n kube-public
NAME READY STATUS RESTARTS AGE
pod/nginx-dp-5dfc689474-k2k8j 1/1 Running 0 64s
NAME READY UP-TO-DATE AVAILABLE AGE
deployment.apps/nginx-dp 1/1 1 1 64s
NAME DESIRED CURRENT READY AGE
replicaset.apps/nginx-dp-5dfc689474 1 1 1 64s
当pod资源被删除之后(不是强制删除),就会发现pod从这个节点漂移到另外⼀个节点上,它虽然接受⼀个pod控制器控制,它属于⼀种漂移的状态,因此IP变了,所以需要抽象出⼀种稳定的service,来提供稳定的服务。

[root@hdss7-21 ~]# kubectl expose deployment nginx-dp --port=80 -n kube-public
service/nginx-dp exposed
[root@hdss7-21 ~]# kubectl get all -n kube-public
NAME READY STATUS RESTARTS AGE
pod/nginx-dp-5dfc689474-k2k8j 1/1 Running 0 5m28s
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/nginx-dp ClusterIP 192.168.222.251 <none> 80/TCP 26s
NAME READY UP-TO-DATE AVAILABLE AGE
deployment.apps/nginx-dp 1/1 1 1 5m28s
NAME DESIRED CURRENT READY AGE
replicaset.apps/nginx-dp-5dfc689474 1 1 1 5m28s
可以看到NAME那⾥多出了service资源被列出来,这个service资源还有⼀个clusterIP,clusterIP就是service固定的pod点,现在在另外⼀个节点,22节点上查看
[root@hdss7-22 ~]# kubectl get pods -n kube-public
NAME READY STATUS RESTARTS AGE
nginx-dp-5dfc689474-k2k8j 1/1 Running 0 9m20s
[root@hdss7-22 ~]# kubectl get pods -n kube-public
NAME READY STATUS RESTARTS AGE
nginx-dp-5dfc689474-k2k8j 1/1 Running 0 9m46s
[root@hdss7-22 ~]# kubectl get all -n kube-public
NAME READY STATUS RESTARTS AGE
pod/nginx-dp-5dfc689474-k2k8j 1/1 Running 0 9m56s
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/nginx-dp ClusterIP 192.168.222.251 <none> 80/TCP 4m54s
NAME READY UP-TO-DATE AVAILABLE AGE
deployment.apps/nginx-dp 1/1 1 1 9m56s
NAME DESIRED CURRENT READY AGE
replicaset.apps/nginx-dp-5dfc689474 1 1 1 9m56s
curl⼀下
[root@hdss7-22 ~]# curl 192.168.222.251
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
body {
width: 35em;
margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif;
}
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>
<p>For online documentation and support please refer to
<a href="/"></a>.<br/>
Commercial support is available at
<a href="/"></a>.</p>
<p><em>Thank you for using nginx.</em></p>
</body>
</html>
使⽤ipvsadm -Ln查看
[root@hdss7-22 ~]# ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.0.1:443 nq
-> 10.4.7.21:6443 Masq 1 0 0
-> 10.4.7.22:6443 Masq 1 0 0
TCP 192.168.222.251:80 nq
-> 172.7.22.3:80 Masq 1 0 0
扩容
[root@hdss7-22 ~]# kubectl scale deployment nginx-dp --replicas=2 -n kube-public
deployment.extensions/nginx-dp scaled
[root@hdss7-22 ~]# ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.0.1:443 nq
-> 10.4.7.21:6443 Masq 1 0 0
-> 10.4.7.22:6443 Masq 1 0 0
TCP 192.168.222.251:80 nq
-> 172.7.21.3:80 Masq 1 0 0
-> 172.7.22.3:80 Masq 1 0 0
可以看到在最下⾯,多了172.7.22.3:80,看到⽆论下⾯的pod怎么变,前⾯的endpoint192.168.222.251:80 nq不会变。

service就是抽象出来⼀个相对稳定的点,让服务能够有⼀个稳定的点接⼊进去。

把deployment改回来。

[root@hdss7-22 ~]# kubectl scale deployment nginx-dp --replicas=1 -n kube-public
deployment.extensions/nginx-dp scaled
查看service
[root@hdss7-21 ~]# kubectl describe svc nginx-dp -n kube-public
Name: nginx-dp
Namespace: kube-public
Labels: app=nginx-dp
Annotations: <none>
Selector: app=nginx-dp
Type: ClusterIP
IP: 192.168.222.251
Port: <unset> 80/TCP
TargetPort: 80/TCP
Endpoints: 172.7.22.3:80
Session Affinity: None
Events: <none>
service是怎么找到这个pod的?
因为它依赖于k8s的特⾊管理功能,叫做Label Selector。

就是凡是有app=nginx-dp,⼜在同⼀个命名空间(kube-public)内的,service都能匹配到这个pod,因此service就通过这个标签选择器将这个关联起来了。

可以通过运算节点能够ping到IP,⽽其他节点都不能,所以只有在k8s集群⾥,这个IP才有意义,这是⼀个虚的IP,它并没有占⽤整个全⽹空间,只有在k8s这个192.168⽹段内才⽣效。

[root@hdss7-21 ~]# ping 192.168.222.251
PING 192.168.222.251 (192.168.222.251) 56(84) bytes of data.
64 bytes from 192.168.222.251: icmp_seq=1 ttl=64 time=0.051 ms
64 bytes from 192.168.222.251: icmp_seq=2 ttl=64 time=0.053 ms
集群的⽹络不会主动暴露到集群的外⾯的,这个ClusterIP只对集群内部有⽤,对集群外部没⽤,让⼈⼀看这个IP就是虚的,没⼈⽤,提醒这就是⼀个虚的IP。

[root@hdss7-22 ~]# ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.0.1:443 nq
-> 10.4.7.21:6443 Masq 1 0 0
-> 10.4.7.22:6443 Masq 1 0 0
TCP 192.168.222.251:80 nq
-> 172.7.22.3:80 Masq 1 0 0
192.168.222.251:80 nq
nq:永不排队
陈述式资源管理⽅法⼩结
kubernetes集群管理资源的唯⼀⼊⼝是通过相应的⽅法调⽤apiserver的接⼝
kubectl是官⽅CLI命令⾏⼯具,⽤于与apiserver进⾏通信,将⽤户在命令⾏输⼊的命令,组织并转化为apiserver能识别的信息,进⽽实现管理k8s各种资源的⼀种有效途径陈述式资源管理⽅法可以满⾜90%以上的资源管理需求,但它的缺点也很明显:
命令冗长、复杂、难以记忆
特定场景下,⽆法实现管理需求
对资源的增删查操作⽐较容易,改就很痛苦。

相关文档
最新文档