K8s之kubectl命令行工具經常使用命令

kubectl管理

Kubectl是管理k8s集羣的命令行工具，經過生成的json格式傳遞給apiserver進行建立、查看、管理的操做

注意：此處須要用到咱們以前部署的K8s多節點的部署環境，若是還未部署的能夠參考個人上篇文章：https://blog.csdn.net/JarryZho/article/details/104212822

經常使用命令行：

`查看幫助命令`
[root@master1 ~]# kubectl --help
kubectl controls the Kubernetes cluster manager.
Find more information at: https://kubernetes.io/docs/reference/kubectl/overview/

Basic Commands (Beginner):
  create         Create a resource from a file or from stdin.
  expose         使用 replication controller, service, deployment 或者 pod 並暴露它做爲一個 新的
Kubernetes Service
  run            在集羣中運行一個指定的鏡像
  set            爲 objects 設置一個指定的特徵

Basic Commands (Intermediate):
  explain        查看資源的文檔
  get            顯示一個或更多 resources
  edit           在服務器上編輯一個資源
  delete         Delete resources by filenames, stdin, resources and names, or by resources and label selector

Deploy Commands:
  rollout        Manage the rollout of a resource
  scale          爲 Deployment, ReplicaSet, Replication Controller 或者 Job 設置一個新的副本數量
  autoscale      自動調整一個 Deployment, ReplicaSet, 或者 ReplicationController 的副本數量

Cluster Management Commands:
  certificate    修改 certificate 資源.
  cluster-info   顯示集羣信息
  top            Display Resource (CPU/Memory/Storage) usage.
  cordon         標記 node 爲 unschedulable
  uncordon       標記 node 爲 schedulable
  drain          Drain node in preparation for maintenance
  taint          更新一個或者多個 node 上的 taints

Troubleshooting and Debugging Commands:
  describe       顯示一個指定 resource 或者 group 的 resources 詳情
  logs           輸出容器在 pod 中的日誌
  attach         Attach 到一個運行中的 container
  exec           在一個 container 中執行一個命令
  port-forward   Forward one or more local ports to a pod
  proxy          運行一個 proxy 到 Kubernetes API server
  cp             複製 files 和 directories 到 containers 和從容器中複製 files 和 directories.
  auth           Inspect authorization

Advanced Commands:
  apply          經過文件名或標準輸入流(stdin)對資源進行配置
  patch          使用 strategic merge patch 更新一個資源的 field(s)
  replace        經過 filename 或者 stdin替換一個資源
  wait           Experimental: Wait for a specific condition on one or many resources.
  convert        在不一樣的 API versions 轉換配置文件

Settings Commands:
  label          更新在這個資源上的 labels
  annotate       更新一個資源的註解
  completion     Output shell completion code for the specified shell (bash or zsh)

Other Commands:
  alpha          Commands for features in alpha
  api-resources  Print the supported API resources on the server
  api-versions   Print the supported API versions on the server, in the form of "group/version"
  config         修改 kubeconfig 文件
  plugin         Provides utilities for interacting with plugins.
  version        輸出 client 和 server 的版本信息

接下來咱們以項目的形式講其中的命令

其步驟以下：建立一>發佈一>更新一>回滾一>刪除

1.建立nginx

#語法：kubectl run NAME --image=image [--env="key=value"參數] [--port=port端口] [--replicas=replicas副本集] [--dry-run=bool狀態] [--overrides=inline-json] [--command命令] -- [COMMAND] [args...] [options]`

`示例：`
[root@master1 k8s]# kubectl run nginx-deployment --image=nginx --port=80 --replicas=3
kubectl run --generator=deployment/apps.v1beta1 is DEPRECATED and will be removed in a future version. Use kubectl create instead.
deployment.apps/nginx-deployment created
[root@master1 k8s]# kubectl get pods
NAME                                READY   STATUS    RESTARTS   AGE
nginx-dbddb74b8-7hdfj               1/1     Running   0          4d18h
`nginx-deployment-5477945587-2dljt   1/1     Running   0          68s`
`nginx-deployment-5477945587-tt8vx   1/1     Running   0          68s`
`nginx-deployment-5477945587-wsb69   1/1     Running   0          68s`
#最後三個就是咱們新建立的副本集

---

2.發佈nginx service提供負載均衡的功能

#語法：kubectl expose (-f FILENAME | TYPE NAME) [--port=port羣集之間內部通訊的端口] [--protocol=TCP|UDP|SCTP] [--target-port對外暴露的端口=number-or-name] [--name=name指定名稱] [--external-ip=external-ip-of-service] [--type=type指定類型] [options]

`示例：`
[root@master1 k8s]# kubectl expose deployment nginx-deployment --port=80 --target-port=80 --name=nginx-deployment-service --type=NodePort
service/nginx-deployment-service exposed

`查看發佈`
[root@master1 k8s]# kubectl get pods,svc        #此處svc位service服務組件的縮寫
NAME                                    READY   STATUS    RESTARTS   AGE
pod/nginx-dbddb74b8-7hdfj               1/1     Running   0          4d19h
pod/nginx-deployment-5477945587-2dljt   1/1     Running   0          13m
pod/nginx-deployment-5477945587-tt8vx   1/1     Running   0          13m
pod/nginx-deployment-5477945587-wsb69   1/1     Running   0          13m

NAME                    TYPE        CLUSTER-IP   EXTERNAL-IP   PORT(S)        AGE
service/kubernetes      ClusterIP   10.0.0.1     <none>        443/TCP        6d19h
service/nginx-service   NodePort    10.0.0.242   <none>        80:40422/TCP   111s
#此時對外暴露的端口爲40422

`查看資源對象簡寫`
[root@master1 k8s]# kubectl api-resources
NAME                              SHORTNAMES   APIGROUP                       NAMESPACED 
componentstatuses                 cs                                          false       
configmaps                        cm                                          true       
endpoints                         ep                                          true       
events                            ev                                          true       
limitranges                       limits                                      true       
namespaces                        ns                                          false       
nodes                             no                                          false       
persistentvolumeclaims            pvc                                         true       
persistentvolumes                 pv                                          false       
pods                              po                                          true      
replicationcontrollers            rc                                          true       
resourcequotas                    quota                                       true       
serviceaccounts                   sa                                          true       
services                          svc                                         true       
customresourcedefinitions         crd,crds     apiextensions.k8s.io           false       
daemonsets                        ds           apps                           true       
deployments                       deploy       apps                           true       
replicasets                       rs           apps                           true       
statefulsets                      sts          apps                           true       
horizontalpodautoscalers          hpa          autoscaling                    true       
cronjobs                          cj           batch                          true       
certificatesigningrequests        csr          certificates.k8s.io            false       
events                            ev           events.k8s.io                  true       
daemonsets                        ds           extensions                     true       
deployments                       deploy       extensions                     true       
ingresses                         ing          extensions                     true       
networkpolicies                   netpol       extensions                     true       
podsecuritypolicies               psp          extensions                     false       
replicasets                       rs           extensions                     true       
networkpolicies                   netpol       networking.k8s.io              true       
poddisruptionbudgets              pdb          policy                         true       
podsecuritypolicies               psp          policy                         false       
priorityclasses                   pc           scheduling.k8s.io              false       
storageclasses                    sc           storage.k8s.io                 false       

`查看關聯後端的節點`
[root@master1 k8s]# kubectl get endpoints
NAME                       ENDPOINTS                                      AGE
kubernetes                 192.168.18.128:6443,192.168.18.132:6443        7d4h
nginx-deployment-service   172.17.32.4:80,172.17.40.2:80,172.17.40.3:80   17s

`網絡狀態詳細信息`
[root@master1 ~]# kubectl get pods -o wide
NAME                                READY   STATUS    RESTARTS   AGE    IP            NODE             NOMINATED NODE
nginx-dbddb74b8-7hdfj               1/1     Running   0          5d5h   172.17.32.2   192.168.18.148   <none>
nginx-deployment-5477945587-2dljt   1/1     Running   0          10h    172.17.40.3   192.168.18.145   <none>
nginx-deployment-5477945587-tt8vx   1/1     Running   0          10h    172.17.40.2   192.168.18.145   <none>
nginx-deployment-5477945587-wsb69   1/1     Running   0          10h    172.17.32.4   192.168.18.148   <none>

`服務暴露的端口`
[root@master1 ~]# kubectl get svc
NAME                       TYPE        CLUSTER-IP   EXTERNAL-IP   PORT(S)        AGE
kubernetes                 ClusterIP   10.0.0.1     <none>        443/TCP        7d5h
nginx-deployment-service   NodePort    10.0.0.50    <none>        80:48330/TCP   70m

`在node1操做，查看負載均衡端口48330`
`k8s裏kube-proxy支持三種模式，在v1.8以前咱們使用的是iptables以及userspace兩種模式，在k8s1.8以後引入了ipvs模式`
[root@node1 ~]# yum install ipvsadm -y
[root@node1 ~]# ipvsadm -L -n
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
  -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
TCP  192.168.18.148:48330 rr
  -> 172.17.32.4:80               Masq    1      0          0
  -> 172.17.40.2:80               Masq    1      0          0
  -> 172.17.40.3:80               Masq    1      0          0
#對外提供端口48330，調度算法爲rr輪詢

`在node2操做 一樣安裝ipvsadmin工具查看`
[root@node2 ~]# yum install ipvsadm -y
[root@node2 ~]# ipvsadm -L -n
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
  -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
TCP  192.168.18.145:48330 rr
  -> 172.17.32.4:80               Masq    1      0          0
  -> 172.17.40.2:80               Masq    1      0          0
  -> 172.17.40.3:80               Masq    1      0          0

咱們如今宿主機中使用瀏覽器訪問192.168.18.148:48330和192.168.18.145:48330均可以訪問到nginx的主頁，而後再查看日誌

`在master1操做查看訪問日誌（注意：若是訪問其餘node沒法訪問檢查proxy組件）`
[root@master1 ~]# kubectl get pods      #此時會有三個副本集
NAME                                READY   STATUS    RESTARTS   AGE
nginx-dbddb74b8-7hdfj               1/1     Running   0          5d5h
nginx-deployment-5477945587-2dljt   1/1     Running   0          10h
nginx-deployment-5477945587-tt8vx   1/1     Running   0          10h
nginx-deployment-5477945587-wsb69   1/1     Running   0          10h

`此時回頭查看訪問日誌：`
[root@master1 ~]# kubectl logs nginx-deployment-5477945587-2dljt
172.17.40.1 - - [12/Feb/2020:11:44:46 +0000] "GET / HTTP/1.1" 200 612 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.131 Safari/537.36" "-"
172.17.40.1 - - [12/Feb/2020:11:44:46 +0000] "GET /favicon.ico HTTP/1.1" 404 555 "http://192.168.18.145:48330/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.131 Safari/537.36" "-"

[root@master1 ~]# kubectl logs nginx-deployment-5477945587-tt8vx

[root@master1 ~]# kubectl logs nginx-deployment-5477945587-wsb69
172.17.32.1 - - [12/Feb/2020:11:47:07 +0000] "GET / HTTP/1.1" 200 612 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.131 Safari/537.36" "-"
172.17.32.1 - - [12/Feb/2020:11:47:07 +0000] "GET /favicon.ico HTTP/1.1" 404 555 "http://192.168.18.148:48330/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.131 Safari/537.36" "-"

#此時nginx-deployment-5477945587-wsb69和nginx-deployment-5477945587-2dljt分別被訪問了nginx的主頁，說明業務已經成功發佈，並且對方用的是輪詢的方式訪問多個Pod資源

---

3.更新nginx 爲1.14版本

查看nginx版本步驟：F12打開開發者選項--》F5刷新訪問---》找到network---》點擊name---》找到headers頭部信息

[root@master1 ~]# kubectl set image deployment/nginx-deployment nginx-deployment=nginx:1.14
deployment.extensions/nginx-deployment image updated

`處於動態監聽狀態，此時能夠查看監控狀態`
[root@master1 ~]# kubectl get pods -w
NAME                                READY   STATUS              RESTARTS   AGE
nginx-6c94d899fd-8pf48              1/1     Running             0          3m54s
nginx-deployment-5477945587-2dljt   1/1     Running             0          10h
nginx-deployment-5477945587-tt8vx   1/1     Running             0          10h
nginx-deployment-5477945587-wsb69   1/1     Running             0          10h
nginx-deployment-8f66bcd89-jncdr    0/1     ContainerCreating   0          7s
#此時哦咱們能夠按Ctrl+c中斷監聽，這樣更新速度快

驗證：咱們再次重載宿主機中的nginx主頁，此時在開發者選項中看到的頭部信息裏nginx的版本更新爲了1.14.2

---

4.回滾nginx

`查看歷史版本`
[root@master1 ~]# kubectl rollout history deployment/nginx-deployment
deployment.extensions/nginx-deployment
REVISION  CHANGE-CAUSE
1         <none>    #1.17版本
2         <none>    #1.14版本

`執行回滾到上一次`
[root@master1 ~]#  kubectl rollout undo deployment/nginx-deployment
deployment.extensions/nginx-deployment

`檢查回滾狀態`
[root@master1 ~]# kubectl rollout status deployment/nginx-deployment
Waiting for deployment "nginx-deployment" rollout to finish: 1 out of 3 new replicas have been updated...
Waiting for deployment "nginx-deployment" rollout to finish: 1 out of 3 new replicas have been updated...
Waiting for deployment "nginx-deployment" rollout to finish: 2 out of 3 new replicas have been updated...
Waiting for deployment "nginx-deployment" rollout to finish: 2 out of 3 new replicas have been updated...
Waiting for deployment "nginx-deployment" rollout to finish: 2 out of 3 new replicas have been updated...
Waiting for deployment "nginx-deployment" rollout to finish: 1 old replicas are pending termination...
Waiting for deployment "nginx-deployment" rollout to finish: 1 old replicas are pending termination...
deployment "nginx-deployment" successfully rolled out
#最終顯示成功回滾

驗證：再回到宿主機的瀏覽器刷新nginx主頁，此時在頁面開發者選擇的頭部信息中看到的nginx版本就恢復到了以前的1.17.8

---

5.刪除nginx

`查看deployment`
[root@master1 ~]# kubectl get deploy
NAME               DESIRED   CURRENT   UP-TO-DATE   AVAILABLE   AGE
nginx-deployment   3         3         3            3           11h
[root@master1 ~]# kubectl delete deployment/nginx-deployment
deployment.extensions "nginx-deployment" deleted

[root@master1 ~]# kubectl get deploy
No resources found.
[root@master1 ~]# kubectl get pods
No resources found.

`刪除服務SVC`
[root@master1 ~]# kubectl get svc
NAME                       TYPE        CLUSTER-IP   EXTERNAL-IP   PORT(S)        AGE
kubernetes                 ClusterIP   10.0.0.1     <none>        443/TCP        7d6h
nginx-deployment-service   NodePort    10.0.0.50    <none>        80:48330/TCP   142m
[root@master1 ~]# kubectl delete svc/nginx-deployment-service
service "nginx-deployment-service" deleted  #此步驟爲刪除步驟
[root@master1 ~]# kubectl get svc
NAME            TYPE        CLUSTER-IP   EXTERNAL-IP   PORT(S)        AGE
kubernetes      ClusterIP   10.0.0.1     <none>        443/TCP        7d7h

---

6.其它

`查看具體資源的詳細信息`
[root@master1 ~]# kubectl run nginx-deployment --image=nginx --port=80 --replicas=3
kubectl run --generator=deployment/apps.v1beta1 is DEPRECATED and will be removed in a future version. Use kubectl create instead.
deployment.apps/nginx-deployment created

[root@master1 ~]# kubectl get pods
NAME                                READY   STATUS    RESTARTS   AGE
nginx-6c94d899fd-8pf48              1/1     Running   0          54m
nginx-deployment-5477945587-f5dsm   1/1     Running   0          15s
nginx-deployment-5477945587-hmgd2   1/1     Running   0          15s
nginx-deployment-5477945587-pl2hn   1/1     Running   0          15s

[root@master1 ~]# kubectl describe pod nginx-deployment-5477945587-f5dsm
Name:               nginx-deployment-5477945587-f5dsm
Namespace:          default
Priority:           0
PriorityClassName:  <none>
Node:               192.168.18.145/192.168.18.145
Start Time:         Wed, 12 Feb 2020 21:04:40 +0800
Labels:             pod-template-hash=5477945587
                    run=nginx-deployment
Annotations:        <none>
Status:             Running
IP:                 172.17.40.2
Controlled By:      ReplicaSet/nginx-deployment-5477945587
Containers:
  nginx-deployment:
    Container ID:   docker://670cb7230f200279b2accb344766e621ab97d279c8585cc27bd4e519dac9e677
    Image:          nginx
    Image ID:       docker-pullable://nginx@sha256:ad5552c786f128e389a0263104ae39f3d3c7895579d45ae716f528185b36bc6f
    Port:           80/TCP
    Host Port:      0/TCP
    State:          Running
      Started:      Wed, 12 Feb 2020 21:04:44 +0800
    Ready:          True
    Restart Count:  0
    Environment:    <none>
    Mounts:
      /var/run/secrets/kubernetes.io/serviceaccount from default-token-pbr9p (ro)
Conditions:
  Type              Status
  Initialized       True
  Ready             True
  ContainersReady   True
  PodScheduled      True
Volumes:
  default-token-pbr9p:
    Type:        Secret (a volume populated by a Secret)
    SecretName:  default-token-pbr9p
    Optional:    false
QoS Class:       BestEffort
Node-Selectors:  <none>
Tolerations:     node.kubernetes.io/not-ready:NoExecute for 300s
                 node.kubernetes.io/unreachable:NoExecute for 300s
Events:
  Type    Reason     Age   From                     Message
  ----    ------     ----  ----                     -------
  Normal  Scheduled  19m   default-scheduler        Successfully assigned default/nginx-deployment-5477945587-f5dsm to 192.168.18.145
  Normal  Pulling    19m   kubelet, 192.168.18.145  pulling image "nginx"
  Normal  Pulled     19m   kubelet, 192.168.18.145  Successfully pulled image "nginx"
  Normal  Created    19m   kubelet, 192.168.18.145  Created container
  Normal  Started    19m   kubelet, 192.168.18.145  Started container

`查看deployment資源`
[root@master1 ~]# kubectl describe deployment/nginx-deployment
Name:                   nginx-deployment
Namespace:              default
CreationTimestamp:      Wed, 12 Feb 2020 21:04:40 +0800
Labels:                 run=nginx-deployment
Annotations:            deployment.kubernetes.io/revision: 1
Selector:               run=nginx-deployment
Replicas:               3 desired | 3 updated | 3 total | 3 available | 0 unavailable
StrategyType:           RollingUpdate
MinReadySeconds:        0
RollingUpdateStrategy:  25% max unavailable, 25% max surge
Pod Template:
  Labels:  run=nginx-deployment
  Containers:
   nginx-deployment:
    Image:        nginx
    Port:         80/TCP
    Host Port:    0/TCP
    Environment:  <none>
    Mounts:       <none>
  Volumes:        <none>
Conditions:
  Type           Status  Reason
  ----           ------  ------
  Available      True    MinimumReplicasAvailable
  Progressing    True    NewReplicaSetAvailable
OldReplicaSets:  <none>
NewReplicaSet:   nginx-deployment-5477945587 (3/3 replicas created)
Events:
  Type    Reason             Age   From                   Message
  ----    ------             ----  ----                   -------
  Normal  ScalingReplicaSet  21m   deployment-controller  Scaled up replica set nginx-deployment-5477945587 to 3

`進入pod`
[root@master1 ~]# kubectl exec -it nginx-deployment-5477945587-f5dsm bash
root@nginx-deployment-5477945587-f5dsm:/#

問題集錦及緣由：

`1:狀態爲NotReady`
[root@localhost bin]# kubectl get node
NAME              STATUS     ROLES    AGE     VERSION
192.168.195.150   NotReady   <none>   6d19h   v1.12.3
192.168.195.151   NotReady   <none>   6d18h   v1.12.3
#緣由: node 節點沒法鏈接apiserver
1)單節點：master節點  apiserver服務是否正常運行
systemctl restart kube-apiserver    失敗
cat /var/log/messages   日誌（第一次部署：檢查證書）
2）多節點：若是api-server運行正常
檢查：負載均衡中的VIP，檢查nginx調度 四層轉發模塊配置

`2：kubectl get pods 查詢podes資源狀態`
NAME                     READY   STATUS        RESTARTS   AGE
nginx-7697996758-jg47q   0/1     Pending       0          93s
nginx-7697996758-k967k   0/1     Pending       0          93s
nginx-7697996758-p5n8m   0/1     Pending       0          93s
沒法配置資源到node節點中進行建立（處於pending狀態）
檢查node節點中kubelet服務組件，kubeconfig配置

`3：客戶沒法訪問pods發佈的服務`
ipvsadm -L -n   負載均衡    對外提供的端口44888
#正常狀況每一個node應該是如下狀態：
TCP  192.168.195.151:44888 rr
  -> 172.17.68.2:80               Masq    1      0          0    
  -> 172.17.68.3:80               Masq    1      0          0     
  -> 172.17.86.2:80               Masq    1      0          0 
#緣由：kube-proxy組件服務