一、kubectl 陳述式管理方法
kubectl小潔:
kubectl是官方的CLI命令行工具,用於apiserver進行通信,將用戶在命令行輸入的命令,組織並轉化爲apiserver能識別的信息,進而實現管理k8s各種資源的一種有效途徑。
1、查看當前集羣所有命名空間
[root@test-nodes1 ~]# kubectl get namespace
NAME STATUS AGE
default Active 42h
kube-node-lease Active 42h
kube-public Active 42h
kube-system Active 42h
------------------------------------------------------------------------------------------
2、查看default命名空間下的所有資源
[root@test-nodes1 ~]# kubectl get all -n default
NAME READY STATUS RESTARTS AGE
pod/nginx-ds-76fr8 0/1 ImagePullBackOff 0 39h
pod/nginx-ds-zz7jn 0/1 ErrImagePull 0 39h
pod/nginx-ds1-qg45q 1/1 Running 0 39h
pod/nginx-ds1-whnmv 1/1 Running 0 39h
#pod資源
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/kubernetes ClusterIP 192.168.0.1 <none> 443/TCP 42h
#service資源
NAME DESIRED CURRENT READY UP-TO-DATE AVAILABLE NODE SELECTOR AGE
daemonset.apps/nginx-ds 2 2 0 2 0 <none> 39h
daemonset.apps/nginx-ds1 2 2 2 2 2 <none> 39h
#pod控制器
------------------------------------------------------------------------------------------
3、創建與刪除命名空間
[root@test-nodes1 ~]# kubectl create namespace test
namespace/test created
[root@test-nodes1 ~]# kubectl get namespace
NAME STATUS AGE
default Active 42h
kube-node-lease Active 42h
kube-public Active 42h
kube-system Active 42h
test Active 6s
[root@test-nodes1 ~]# kubectl delete namespace test
namespace "test" deleted
------------------------------------------------------------------------------------------
4、創建deployment(pods控制器)資源
[root@test-nodes1 ~]# kubectl create deployment nignx-dp --image=test-harbor.cedarhd.com/public/nginx:v1.7.9 -n kube-public
deployment.apps/nignx-dp created
------------------------------------------------------------------------------------------
5、查看kube-public命名空間下的deployment資源控制器
[root@test-nodes1 ~]# kubectl get deployment -n kube-public
NAME READY UP-TO-DATE AVAILABLE AGE
nignx-test 0/1 1 0 70s
------------------------------------------------------------------------------------------
6、查看kube-public命名空間下pods的運行情況
[root@test-nodes1 ~]# kubectl get deployment -n kube-public
NAME READY UP-TO-DATE AVAILABLE AGE
nignx-test 1/1 1 1 21s
------------------------------------------------------------------------------------------
7、查看kube-public空間下的pods資源
[root@test-nodes1 ~]# kubectl get pods -n kube-public -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
nignx-dp-7f6d4979bd-nnc57 0/1 ImagePullBackOff 0 13m 172.7.21.4 test-nodes1.cedarhd.com <none> <none>
nignx-test-655d6fbcb5-r9t57 1/1 Running 0 4m1s 172.7.22.4 test-nodes2.cedarhd.com <none> <none>
------------------------------------------------------------------------------------------
8、在test-nodes2.cedarhd.com節點上curl 172.7.22.4 nginx
[root@test-nodes2 ~]# curl 172.7.22.4
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
body {
width: 35em;
margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif;
}
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>
<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>
<p><em>Thank you for using nginx.</em></p>
</body>
</html>
------------------------------------------------------------------------------------------
9、查看deployment下具體pods(nginx-test)詳細信息
[root@test-nodes1 ~]# kubectl describe deployment nignx-test -n kube-public
Name: nignx-test
Namespace: kube-public
CreationTimestamp: Mon, 03 Feb 2020 02:02:59 -0500
Labels: app=nignx-test
Annotations: deployment.kubernetes.io/revision: 1
Selector: app=nignx-test
Replicas: 1 desired | 1 updated | 1 total | 1 available | 0 unavailable
StrategyType: RollingUpdate
MinReadySeconds: 0
RollingUpdateStrategy: 25% max unavailable, 25% max surge
Pod Template:
Labels: app=nignx-test
Containers:
nginx:
Image: test-harbor.cedarhd.com/public/nginx:v1.7.9
Port: <none>
Host Port: <none>
Environment: <none>
Mounts: <none>
Volumes: <none>
Conditions:
Type Status Reason
---- ------ ------
Available True MinimumReplicasAvailable
Progressing True NewReplicaSetAvailable
OldReplicaSets: <none>
NewReplicaSet: nignx-test-655d6fbcb5 (1/1 replicas created)
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal ScalingReplicaSet 22m deployment-controller Scaled up replica set nignx-test-655d6fbcb5 to 1
------------------------------------------------------------------------------------------
10、進入nginx-test pod資源
[root@test-nodes1 ~]# kubectl get pods -n kube-public
NAME READY STATUS RESTARTS AGE
nignx-test-655d6fbcb5-r9t57 1/1 Running 0 24m
[root@test-nodes1 ~]# kubectl exec -ti nignx-test-655d6fbcb5-r9t57 /bin/bash -n kube-public
#與docker 操作方法一致
root@nignx-test-655d6fbcb5-r9t57:/# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
12: eth0@if13: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 qdisc noqueue state UP
link/ether 02:42:ac:07:16:04 brd ff:ff:ff:ff:ff:ff
inet 172.7.22.4/24 brd 172.7.22.255 scope global eth0
valid_lft forever preferred_lft forever
------------------------------------------------------------------------------------------
11、刪除pod資源(即重啓)
[root@test-nodes1 ~]# kubectl delete pod nignx-test-655d6fbcb5-r9t57 -n kube-public
pod "nignx-test-655d6fbcb5-r9t57" deleted
[root@test-nodes1 ~]# kubectl get pods -n kube-public -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
nignx-dp-7f6d4979bd-nnc57 0/1 ImagePullBackOff 0 40m 172.7.21.4 test-nodes1.cedarhd.com <none> <none>
nignx-test-655d6fbcb5-c42z8 1/1 Running 0 18s 172.7.21.5 test-nodes1.cedarhd.com <none> <none>
------------------------------------------------------------------------------------------
12、刪除deployment
[root@test-nodes1 ~]# kubectl get deploy -n kube-public
NAME READY UP-TO-DATE AVAILABLE AGE
nignx-dp 0/1 1 0 53m
nignx-test 1/1 1 1 36m
[root@test-nodes1 ~]# kubectl delete deploy nignx-dp -n kube-public
deployment.extensions "nignx-dp" deleted
------------------------------------------------------------------------------------------
13、爲nginx-dp pod資源創建service資源,保障pod的高可用,通過集羣IP訪問
[root@test-nodes1 ~]# kubectl get all -n kube-public
NAME READY STATUS RESTARTS AGE
pod/nginx-dp-5b9b697bcc-jtrlp 1/1 Running 0 17s
NAME READY UP-TO-DATE AVAILABLE AGE
deployment.apps/nginx-dp 1/1 1 1 17s
NAME DESIRED CURRENT READY AGE
replicaset.apps/nginx-dp-5b9b697bcc 1 1 1 17s
[root@test-nodes1 ~]# kubectl get pods -n kube-public -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
nginx-dp-5b9b697bcc-jtrlp 1/1 Running 0 3m19s 172.7.21.4 test-nodes1.cedarhd.com <none> <none>
[root@test-nodes1 ~]# kubectl expose deployment nginx-dp --port=80 -n kube-public
service/nginx-dp exposed
[root@test-nodes1 ~]# kubectl get svc -n kube-public #查看service資源
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
nginx-dp ClusterIP 192.168.224.56 <none> 80/TCP 12m
[root@test-nodes1 ~]# kubectl get all -n kube-public
NAME READY STATUS RESTARTS AGE
pod/nginx-dp-5b9b697bcc-jtrlp 1/1 Running 0 5m21s
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/nginx-dp ClusterIP 192.168.224.56 <none> 80/TCP 79s
NAME READY UP-TO-DATE AVAILABLE AGE
deployment.apps/nginx-dp 1/1 1 1 5m21s
NAME DESIRED CURRENT READY AGE
replicaset.apps/nginx-dp-5b9b697bcc 1 1 1 5m21s
[root@test-nodes1 ~]# curl 192.168.224.56
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
body {
width: 35em;
margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif;
}
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>
<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>
<p><em>Thank you for using nginx.</em></p>
</body>
</html>
[root@test-nodes1 ~]# ipvsadm -ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.0.1:443 nq
-> 10.3.153.221:6443 Masq 1 0 0
-> 10.3.153.222:6443 Masq 1 0 0
TCP 192.168.224.56:80 nq
-> 172.7.21.4:80 Masq 1 0 0
二、kubectl 聲明式管理方法
小結:
聲明式資源管理方法依賴於—資源配置清單(yaml\json),偏於修改POD配置。
![K8S 之 kubectl詳解]()
1、查看當前pod的資源配置清單
[root@test-nodes1 ~]# kubectl get pods -n kube-public
NAME READY STATUS RESTARTS AGE
nginx-dp-5b9b697bcc-jtrlp 1/1 Running 0 5h21m
-nodes1.cedarhd.com <none> <none>
[root@test-nodes1 ~]# kubectl get pods nginx-dp-5b9b697bcc-jtrlp -n kube-public -o yaml
apiVersion: v1
kind: Pod #類型爲pod
metadata:
creationTimestamp: "2020-02-03T07:50:11Z"
generateName: nginx-dp-5b9b697bcc-
labels:
app: nginx-dp
pod-template-hash: 5b9b697bcc
name: nginx-dp-5b9b697bcc-jtrlp
namespace: kube-public
ownerReferences:
- apiVersion: apps/v1
blockOwnerDeletion: true
controller: true
kind: ReplicaSet
name: nginx-dp-5b9b697bcc
uid: 30bbaf90-c97e-4167-9419-45a632e9b3ce
resourceVersion: "222257"
selfLink: /api/v1/namespaces/kube-public/pods/nginx-dp-5b9b697bcc-jtrlp
uid: 59d63844-8ee7-4d7e-8536-d4e5de1ba903
spec:
containers:
- image: test-harbor.cedarhd.com/public/nginx:v1.7.9
imagePullPolicy: IfNotPresent
name: nginx
resources: {}
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
volumeMounts:
- mountPath: /var/run/secrets/kubernetes.io/serviceaccount
name: default-token-nt4w9
readOnly: true
dnsPolicy: ClusterFirst
enableServiceLinks: true
nodeName: test-nodes1.cedarhd.com
priority: 0
restartPolicy: Always
schedulerName: default-scheduler
securityContext: {}
serviceAccount: default
serviceAccountName: default
terminationGracePeriodSeconds: 30
tolerations:
- effect: NoExecute
key: node.kubernetes.io/not-ready
operator: Exists
tolerationSeconds: 300
- effect: NoExecute
key: node.kubernetes.io/unreachable
operator: Exists
tolerationSeconds: 300
volumes:
- name: default-token-nt4w9
secret:
defaultMode: 420
secretName: default-token-nt4w9
status:
conditions:
- lastProbeTime: null
lastTransitionTime: "2020-02-03T07:50:11Z"
status: "True"
type: Initialized
- lastProbeTime: null
lastTransitionTime: "2020-02-03T07:50:14Z"
status: "True"
type: Ready
- lastProbeTime: null
lastTransitionTime: "2020-02-03T07:50:14Z"
status: "True"
type: ContainersReady
- lastProbeTime: null
lastTransitionTime: "2020-02-03T07:50:11Z"
status: "True"
type: PodScheduled
containerStatuses:
- containerID: docker://745d5ad3412e5bccf2fb27dacce57e76987e8f6881cdb3aec79912888ba37ad6
image: test-harbor.cedarhd.com/public/nginx:v1.7.9
imageID: docker-pullable://test-harbor.cedarhd.com/public/nginx@sha256:b1f5935eb2e9e2ae89c0b3e2e148c19068d91ca502e857052f14db230443e4c2
lastState: {}
name: nginx
ready: true
restartCount: 0
state:
running:
startedAt: "2020-02-03T07:50:13Z"
hostIP: 10.3.153.221
phase: Running
podIP: 172.7.21.4
qosClass: BestEffort
startTime: "2020-02-03T07:50:11Z"
------------------------------------------------------------------------------------------
2、獲取service資源的配置清單
[root@test-nodes1 ~]# kubectl get service -n kube-public
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
nginx-dp ClusterIP 192.168.224.56 <none> 80/TCP 5h21m
[root@test-nodes1 ~]# kubectl get service nginx-dp -o yaml -n kube-public
apiVersion: v1
kind: Service #類型爲service
metadata:
creationTimestamp: "2020-02-03T07:54:13Z"
labels:
app: nginx-dp
name: nginx-dp
namespace: kube-public
resourceVersion: "222606"
selfLink: /api/v1/namespaces/kube-public/services/nginx-dp
uid: 1b2310b5-6016-4692-b632-5c43d6dc4de5
spec:
clusterIP: 192.168.224.56
ports:
- port: 80
protocol: TCP
targetPort: 80
selector:
app: nginx-dp
sessionAffinity: None
type: ClusterIP
status:
loadBalancer: {}
------------------------------------------------------------------------------------------
3、explain查看字段幫助說明
kubectl explain service.metadata
------------------------------------------------------------------------------------------
4、新建一個service的資源配置清單
[root@test-nodes1 ~]# vi nginx-ds-svc.yaml
apiVersion: v1
kind: Service
metadata:
labels:
app: nginx-ds
name: nginx-ds
namespace: kube-public
spec:
ports:
- port: 80
protocol: TCP
targetPort: 80
selector:
app: nginx-ds
sessionAffinity: None
type: ClusterIP
------------------------------------------------------------------------------------------
5、通過聲明式資源配置清單創建一個service資源
[root@test-nodes1 ~]# kubectl create -f nginx-ds-svc.yaml
service/nginx-ds created
[root@test-nodes1 ~]# kubectl get service -n kube-public
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
nginx-dp ClusterIP 192.168.224.56 <none> 80/TCP 5h29m
nginx-ds ClusterIP 192.168.66.3 <none> 80/TCP 16s
------------------------------------------------------------------------------------------
6、在線修改nginx-ds的 service 資源端口爲81
[root@test-nodes1 ~]# kubectl get svc -n kube-public
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
nginx-dp ClusterIP 192.168.224.56 <none> 80/TCP 5h39m
nginx-ds ClusterIP 192.168.66.3 <none> 80/TCP 10m
[root@test-nodes1 ~]# kubectl edit svc nginx-ds -n kube-public
# Please edit the object below. Lines beginning with a '#' will be ignored,
# and an empty file will abort the edit. If an error occurs while saving this file will be
# reopened with the relevant failures.
#
apiVersion: v1
kind: Service
metadata:
creationTimestamp: "2020-02-03T13:23:41Z"
labels:
app: nginx-ds
name: nginx-ds
namespace: kube-public
resourceVersion: "250724"
selfLink: /api/v1/namespaces/kube-public/services/nginx-ds
uid: 5840630d-e00d-4e98-91a1-2b65a1eb22f4
spec:
clusterIP: 192.168.66.3
ports:
- port: 81 #修改對外端口81
protocol: TCP
targetPort: 80
selector:
app: nginx-ds
sessionAffinity: None
type: ClusterIP
status:
loadBalancer: {}
"/tmp/kubectl-edit-wp634.yaml" 27L, 684C written
service/nginx-ds edited
[root@test-nodes1 ~]# kubectl get svc -n kube-public
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
nginx-dp ClusterIP 192.168.224.56 <none> 80/TCP 5h40m
nginx-ds ClusterIP 192.168.66.3 <none> 81/TCP 10m
------------------------------------------------------------------------------------------
7、刪除一個service資源
[root@test-nodes1 ~]# kubectl delete svc nginx-ds -n kube-public
service "nginx-ds" deleted
三、關於kubectl的核心資源理解
[root@test-nodes1 ~]# kubectl get all -n kube-public
NAME READY STATUS RESTARTS AGE
pod/nginx-dp-5b9b697bcc-jtrlp 1/1 Running 0 6h1m
#pod資源,承載容器應用所在
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/nginx-dp ClusterIP 192.168.224.56 <none> 80/TCP 5h57m
#service資源,Service是Kubernetes裏最核心的資源對象之一,Service定義了一個服務的訪問入口地址,前端的應用(Pod)通過這個入口地址訪問其背後的一組由Pod副本組成的集羣實力
NAME READY UP-TO-DATE AVAILABLE AGE
deployment.apps/nginx-dp 1/1 1 1 6h1m
#deployment資源,Deployment同樣也是Kubernetes系統的一個核心概念,
主要職責和RC一樣的都是保證Pod的數量和健康,可理解爲pod控制器,
當我們刪除pod時,會再啓動,不是真正刪除,如需刪除該pod,必須刪除
該控制器
NAME DESIRED CURRENT READY AGE
replicaset.apps/nginx-dp-5b9b697bcc 1 1 1 6h1m
四、通過kubectl單獨創建一個pod\deployment\service
1、創建一個nginx pod
[root@test-nodes1 ~]# vi nginx-pod.yaml
apiVersion: v1
kind: Pod
metadata:
name: nginx
labels:
app: web
spec:
containers:
- name: nginx
image: test-harbor.cedarhd.com/public/nginx:v1.7.9
ports:
- containerPort: 80
[root@test-nodes1 ~]# kubectl create -f nginx-pod.yaml #創建一個POD
pod/nginx created
[root@test-nodes1 ~]# kubectl get all
NAME READY STATUS RESTARTS AGE
pod/nginx 1/1 Running 0 10m #剛剛創建的POD
pod/nginx-ds1-qg45q 1/1 Running 0 47h
pod/nginx-ds1-whnmv 1/1 Running 0 47h
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/kubernetes ClusterIP 192.168.0.1 <none> 443/TCP 2d2h
NAME DESIRED CURRENT READY UP-TO-DATE AVAILABLE NODE SELECTOR AGE
daemonset.apps/nginx-ds1 2 2 2 2 2 <none> 47h
------------------------------------------------------------------------------------------
2、爲該pod創建一個service
[root@test-nodes1 ~]# kubectl expose pod nginx --port=80 -n default
service/nginx exposed
[root@test-nodes2 ~]# kubectl get all
NAME READY STATUS RESTARTS AGE
pod/nginx 1/1 Running 0 14m
pod/nginx-ds1-qg45q 1/1 Running 0 47h
pod/nginx-ds1-whnmv 1/1 Running 0 47h
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/kubernetes ClusterIP 192.168.0.1 <none> 443/TCP 2d2h
service/nginx ClusterIP 192.168.123.163 <none> 80/TCP 107s
NAME DESIRED CURRENT READY UP-TO-DATE AVAILABLE NODE SELECTOR AGE
daemonset.apps/nginx-ds1 2 2 2 2 2 <none> 47h
[root@test-nodes2 ~]# curl 192.168.123.163 獲取nginx頁面
------------------------------------------------------------------------------------------
3、創建一個deployment
[root@test-nodes2 ~]# kubectl create deployment nginx-test --image=test-harbor.cedarhd.com/public/nginx:v1.7.9
deployment.apps/nginx-test created
[root@test-nodes2 ~]# kubectl get all
NAME READY STATUS RESTARTS AGE
pod/nginx 1/1 Running 0 27m
pod/nginx-ds1-qg45q 1/1 Running 0 47h
pod/nginx-ds1-whnmv 1/1 Running 0 47h
pod/nginx-test-5674474869-5nr7j 1/1 Running 0 4s
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/kubernetes ClusterIP 192.168.0.1 <none> 443/TCP 2d2h
service/nginx ClusterIP 192.168.123.163 <none> 80/TCP 15m
NAME DESIRED CURRENT READY UP-TO-DATE AVAILABLE NODE SELECTOR AGE
daemonset.apps/nginx-ds1 2 2 2 2 2 <none> 47h
NAME READY UP-TO-DATE AVAILABLE AGE
deployment.apps/nginx-test 1/1 1 1 4s
NAME DESIRED CURRENT READY AGE
replicaset.apps/nginx-test-5674474869 1 1 1 4s
