在kubernetes里,pod,service,rs,rc,deploy,resource等對象都需要使用yaml文件來創建,很多時候我們都是參照照官方示例或者一些第三方示例來編寫yaml文件以創建對象.雖然這些示例很有典型性和代表性,能夠滿足我們大部分時候的需求,然而這往往還是不夠的,根據項目不同,實際配置可能遠比官方提供的demo配置復雜的多,這就要求我們除了掌握常用的配置外,還需要對其它配置有所了解.如果有一個文檔能夠速查某一對象的所有配置,不但方便我們學習不同的配置,也可以做為一個小手冊以便我們記不起來某些配置時可以速查.
下面我們介紹一些小技巧來快速查看kubernetes api
查看所有api資源
可以通過命令kubectl api-resources來查看所有api資源
[centos@k8s-master ~]$ kubectl api-resources
NAME SHORTNAMES APIGROUP NAMESPACED KIND
bindings true Binding
componentstatuses cs false ComponentStatus
configmaps cm true ConfigMap
endpoints ep true Endpoints
events ev true Event
limitranges limits true LimitRange
namespaces ns false Namespace
nodes no false Node
persistentvolumeclaims pvc true PersistentVolumeClaim
persistentvolumes pv false PersistentVolume
pods po true Pod
podtemplates true PodTemplate
replicationcontrollers rc true ReplicationController
resourcequotas quota true ResourceQuota
secrets true Secret
serviceaccounts sa true ServiceAccount
services svc true Service
mutatingwebhookconfigurations admissionregistration.k8s.io false MutatingWebhookConfiguration
validatingwebhookconfigurations admissionregistration.k8s.io false ValidatingWebhookConfiguration
customresourcedefinitions crd,crds apiextensions.k8s.io false CustomResourceDefinition
apiservices apiregistration.k8s.io false APIService
controllerrevisions apps true ControllerRevision
daemonsets ds apps true DaemonSet
deployments deploy apps true Deployment
replicasets rs apps true ReplicaSet
statefulsets sts apps true StatefulSet
tokenreviews authentication.k8s.io false TokenReview
localsubjectaccessreviews authorization.k8s.io true LocalSubjectAccessReview
selfsubjectaccessreviews authorization.k8s.io false SelfSubjectAccessReview
selfsubjectrulesreviews authorization.k8s.io false SelfSubjectRulesReview
subjectaccessreviews authorization.k8s.io false SubjectAccessReview
horizontalpodautoscalers hpa autoscaling true HorizontalPodAutoscaler
cronjobs cj batch true CronJob
jobs batch true Job
certificatesigningrequests csr certificates.k8s.io false CertificateSigningRequest
leases coordination.k8s.io true Lease
events ev events.k8s.io true Event
daemonsets ds extensions true DaemonSet
deployments deploy extensions true Deployment
ingresses ing extensions true Ingress
networkpolicies netpol extensions true NetworkPolicy
podsecuritypolicies psp extensions false PodSecurityPolicy
replicasets rs extensions true ReplicaSet
networkpolicies netpol networking.k8s.io true NetworkPolicy
poddisruptionbudgets pdb policy true PodDisruptionBudget
podsecuritypolicies psp policy false PodSecurityPolicy
clusterrolebindings rbac.authorization.k8s.io false ClusterRoleBinding
clusterroles rbac.authorization.k8s.io false ClusterRole
rolebindings rbac.authorization.k8s.io true RoleBinding
roles rbac.authorization.k8s.io true Role
priorityclasses pc scheduling.k8s.io false PriorityClass
storageclasses sc storage.k8s.io false StorageClass
volumeattachments storage.k8s.io false VolumeAttachment
除了可以看到資源的對象名稱外,還可以看到對象的別名,這時候我們再看到別人的命令如kubectl get no這樣費解的命令時就可以知道它實際上代表的是kubectl get nodes命令
查看api的版本,很多yaml配置里都需要指定配置的資源版本,我們經常看到v1,beta1,beta2這樣的配置,到底某個資源的最新版本是什么呢?
其實,可以通過kubectl api-versions來查看api的版本
[centos@k8s-master ~]$ kubectl api-versions
admissionregistration.k8s.io/v1beta1
apiextensions.k8s.io/v1beta1
apiregistration.k8s.io/v1
apiregistration.k8s.io/v1beta1
apps/v1
apps/v1beta1
apps/v1beta2
authentication.k8s.io/v1
authentication.k8s.io/v1beta1
authorization.k8s.io/v1
authorization.k8s.io/v1beta1
autoscaling/v1
autoscaling/v2beta1
autoscaling/v2beta2
batch/v1
batch/v1beta1
certificates.k8s.io/v1beta1
coordination.k8s.io/v1beta1
events.k8s.io/v1beta1
extensions/v1beta1
networking.k8s.io/v1
policy/v1beta1
rbac.authorization.k8s.io/v1
rbac.authorization.k8s.io/v1beta1
scheduling.k8s.io/v1beta1
storage.k8s.io/v1
storage.k8s.io/v1beta1
v1
以上只是整體概況,很多時候我們還想要看到某個api下面都有哪些配置,某一薦配置的含義等,下面羅列一些常用的api范例和一些查看api的技巧
常見范例
通過kubectl explain查看api字段
- 通過
kubectl explain <資源名對象名>查看資源對象擁有的字段
前面說過,可以通過kubectl api-resources來查看資源名稱,如果想要查看某個資源的字段,可以通過kubectl explain <資源名對象名>來查點它都有哪些字段
[centos@k8s-master ~]$ kubectl explain pod
KIND: Pod
VERSION: v1
DESCRIPTION:
Pod is a collection of containers that can run on a host. This resource is
created by clients and scheduled onto hosts.
FIELDS:
apiVersion <string>
APIVersion defines the versioned schema of this representation of an
object. Servers should convert recognized schemas to the latest internal
value, and may reject unrecognized values. More info:
https://git.k8s.io/community/contributors/devel/api-conventions.md#resources
kind <string>
Kind is a string value representing the REST resource this object
represents. Servers may infer this from the endpoint the client submits
requests to. Cannot be updated. In CamelCase. More info:
https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds
metadata <Object>
Standard object's metadata. More info:
https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
spec <Object>
Specification of the desired behavior of the pod. More info:
https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status
status <Object>
Most recently observed status of the pod. This data may not be up to date.
Populated by the system. Read-only. More info:
https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status
[centos@k8s-master ~]$
以上Description是對資源對象的簡要描述,Fields則是對所有字段的描述
- 列出所有api字段
通過以上我們能感覺到,以上好像並沒有羅列出所有的api字段,實際上以上列出的僅是一級字段,一級字段可能還包含二級的,三級的字段,想要羅列出所有的字段,可以加上
--recursive來列出所有可能的字段
[centos@k8s-master ~]$ kubectl explain svc --recursive
KIND: Service
VERSION: v1
DESCRIPTION:
Service is a named abstraction of software service (for example, mysql)
consisting of local port (for example 3306) that the proxy listens on, and
the selector that determines which pods will answer requests sent through
the proxy.
FIELDS:
apiVersion <string>
kind <string>
metadata <Object>
annotations <map[string]string>
clusterName <string>
creationTimestamp <string>
deletionGracePeriodSeconds <integer>
deletionTimestamp <string>
finalizers <[]string>
generateName <string>
generation <integer>
initializers <Object>
pending <[]Object>
name <string>
result <Object>
apiVersion <string>
code <integer>
details <Object>
causes <[]Object>
field <string>
message <string>
reason <string>
group <string>
kind <string>
name <string>
retryAfterSeconds <integer>
uid <string>
kind <string>
message <string>
metadata <Object>
continue <string>
resourceVersion <string>
selfLink <string>
reason <string>
status <string>
labels <map[string]string>
name <string>
namespace <string>
ownerReferences <[]Object>
apiVersion <string>
blockOwnerDeletion <boolean>
controller <boolean>
kind <string>
name <string>
uid <string>
resourceVersion <string>
selfLink <string>
uid <string>
spec <Object>
clusterIP <string>
externalIPs <[]string>
externalName <string>
externalTrafficPolicy <string>
healthCheckNodePort <integer>
loadBalancerIP <string>
loadBalancerSourceRanges <[]string>
ports <[]Object>
name <string>
nodePort <integer>
port <integer>
protocol <string>
targetPort <string>
publishNotReadyAddresses <boolean>
selector <map[string]string>
sessionAffinity <string>
sessionAffinityConfig <Object>
clientIP <Object>
timeoutSeconds <integer>
type <string>
status <Object>
loadBalancer <Object>
ingress <[]Object>
hostname <string>
ip <string>
[centos@k8s-master ~]$
以上輸出的內容是經過格式化了的,我們可以根據縮進很容易看到某一個字段從屬於關系
查看具體字段
通過上面kubectl explain service --recursive可以看到所有的api名稱,但是以上僅僅是羅列了所有的api名稱,如果想要知道某一個api名稱的詳細信息,則可以通過kubectl explain <資源對象名稱.api名稱>的方式來查看,比如以下示例可以查看到service下的spec下的ports字段的信息
[centos@k8s-master ~]$ kubectl explain svc.spec.ports
KIND: Service
VERSION: v1
RESOURCE: ports <[]Object>
DESCRIPTION:
The list of ports that are exposed by this service. More info:
https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies
ServicePort contains information on service's port.
FIELDS:
name <string>
The name of this port within the service. This must be a DNS_LABEL. All
ports within a ServiceSpec must have unique names. This maps to the 'Name'
field in EndpointPort objects. Optional if only one ServicePort is defined
on this service.
nodePort <integer>
The port on each node on which this service is exposed when type=NodePort
or LoadBalancer. Usually assigned by the system. If specified, it will be
allocated to the service if unused or else creation of the service will
fail. Default is to auto-allocate a port if the ServiceType of this Service
requires one. More info:
https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport
port <integer> -required-
The port that will be exposed by this service.
protocol <string>
The IP protocol for this port. Supports "TCP", "UDP", and "SCTP". Default
is TCP.
targetPort <string>
Number or name of the port to access on the pods targeted by the service.
Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. If
this is a string, it will be looked up as a named port in the target Pod's
container ports. If this is not specified, the value of the 'port' field is
used (an identity map). This field is ignored for services with
clusterIP=None, and should be omitted or set equal to the 'port' field.
More info:
https://kubernetes.io/docs/concepts/services-networking/service/#defining-a-service