一、簡介
1、什么是kubectl
kubectl前面其實已經用到了一些,它其實就是用於操作kubernetes集群的命令行接口,通過kubectl的各種命令實現各種功能
2、環境還是用上一偏文章
3、架構圖
二、kubectl-創建/刪除一個pod得相關操作
run 運行-在集群上運行一個pod
create 創建-使用文件或標准輸入的方式創建一個pod
delete 刪除 -使用文件或者標准輸入以及資源名稱或者標簽選擇器來刪除某個pod
1、先導入鏡像
可以提前下載好鏡像解決時間
1)、上傳到node1/node2
docker.io-nginx.tar
pod-ingrastucture.tar
2)、導入
[root@node1 ~]# docker load -i docker.io-nginx.tar cec7521cdf36: Loading layer [==================================================>] 58.44 MB/58.44 MB 350d50e58b6c: Loading layer [==================================================>] 53.76 MB/53.76 MB 63c39cd4a775: Loading layer [==================================================>] 3.584 kB/3.584 kB Loaded image: docker.io/nginx:latest [root@node1 ~]#
2、run命令
1)語法:
kubectl run NAME --image=[--env="key=value"][--port=port][--replicas=replicas]
如果使用自己的私庫使用--image=192.168.216.52:5000/nginx:1.12
2)開始啟動
kubectl run nginx --image=docker.io/nginx --replicas=1 --port=9000
[root@master ~]# kubectl run nginx --image=docker.io/nginx --replicas=1 --port=9000 deployment "nginx" created [root@master ~]# kubectl get pod NAME READY STATUS RESTARTS AGE nginx-2187705812-gmktb 0/1 ContainerCreating 0 6s
3)問題1、pod狀態一直處於ContainerCreating
狀態一直是containercreating,可能鏡像有問題
[root@node4 ~]# docker pull registry.access.redhat.com/rhel7/pod-infrastructure Using default tag: latest Trying to pull repository registry.access.redhat.com/rhel7/pod-infrastructure ... open /etc/docker/certs.d/registry.access.redhat.com/redhat-ca.crt: no such file or directory
#---找不到這個文件
[root@node4 ~]# ll /etc/docker/certs.d/ total 0 drwxr-xr-x 2 root root 27 Oct 30 11:23 redhat.com drwxr-xr-x 2 root root 27 Oct 30 11:23 redhat.io drwxr-xr-x 2 root root 27 Oct 30 11:23 registry.access.redhat.com [root@node4 ~]# ll /etc/docker/certs.d/re redhat.com/ redhat.io/ registry.access.redhat.com/ [root@node4 ~]# ll /etc/docker/certs.d/re redhat.com/ redhat.io/ registry.access.redhat.com/ [root@node4 ~]# ll /etc/docker/certs.d/registry.access.redhat.com/ total 0 lrwxrwxrwx 1 root root 27 Oct 30 11:23 redhat-ca.crt -> /etc/rhsm/ca/redhat-uep.pem
#---軟鏈接的是/etc/rhsm/ca/redhat-uep.pem,但實際沒有這個文件
4)解決辦法1
[root@node1 ~]# wget http://mirror.centos.org/centos/7/os/x86_64/Packages/python-rhsm-certificates-1.19.10-1.el7_4.x86_64.rpm --2019-11-01 12:03:47-- http://mirror.centos.org/centos/7/os/x86_64/Packages/python-rhsm-certificates-1.19.10-1.el7_4.x86_64.rpm Resolving mirror.centos.org (mirror.centos.org)... 160.116.15.22, 103.232.121.196, 2401:78c0::e00e Connecting to mirror.centos.org (mirror.centos.org)|160.116.15.22|:80... connected. HTTP request sent, awaiting response... 200 OK Length: 42188 (41K) [application/x-rpm] Saving to: ‘python-rhsm-certificates-1.19.10-1.el7_4.x86_64.rpm’ 100%[==========================================================================>] 42,188 70.7KB/s in 0.6s 2019-11-01 12:03:48 (70.7 KB/s) - ‘python-rhsm-certificates-1.19.10-1.el7_4.x86_64.rpm’ saved [42188/42188] [root@node1 ~]# rpm2cpio python-rhsm-certificates-1.19.10-1.el7_4.x86_64.rpm | cpio -iv --to-stdout ./etc/rhsm/ca/redhat-uep.pem | tee /etc/rhsm/ca/redhat-uep.pem ./etc/rhsm/ca/redhat-uep.pem 17 blocks
[root@node1 ~]# docker pull registry.access.redhat.com/rhel7/pod-infrastructure:latest Trying to pull repository registry.access.redhat.com/rhel7/pod-infrastructure ... latest: Pulling from registry.access.redhat.com/rhel7/pod-infrastructure 26e5ed6899db: Pull complete 66dbe984a319: Pull complete 9138e7863e08: Pull complete Digest: sha256:92d43c37297da3ab187fc2b9e9ebfb243c1110d446c783ae1b989088495db931 Status: Downloaded newer image for registry.access.redhat.com/rhel7/pod-infrastructure:late
5)解決辦法2
運行 yum update ,這里測試上面一個方法不行,運行update恢復正常
6)在查詢pod狀態
[root@master ~]# kubectl get pod NAME READY STATUS RESTARTS AGE nginx-2187705812-f9rs1 1/1 Running 0 1m [root@master ~]#
3、刪除操作
kubectl delete pod 名稱
kubectl delete deployment 運行指定的鏡像名稱
1)刪除pod並不能切底刪除,因為運行run命令使用了--replicas=1
[root@master ~]# kubectl delete pod nginx-2187705812-t7q3t
#只是刪除了這個鏡像,但是觸發了replicas的保護機制,所以需要刪除deployment pod "nginx-2187705812-t7q3t" deleted [root@master ~]# kubectl get pod NAME READY STATUS RESTARTS AGE nginx-2187705812-0vkvm 0/1 ContainerCreating 0 8s
2)刪除deployment
[root@master ~]# kubectl delete deployment nginx deployment "nginx" deleted
[root@master ~]# kubectl get pod
No resources found.
三、了解yaml語法
1、YAML的設計目標就是方便人類讀寫,它其實是一種通用的數據串行化格式
2、yaml配置文件常見單詞:
3、基本語法規則
- 大小寫敏感
- 使用縮進表示層級關系
- 縮進時不允許使用tab鍵,只允許使用空格
- 縮進的空格數目不重要,只要相同級的元素左側對齊即可
- #表示注釋,從這個字符一直到行尾,都會被解析器忽略
- 在yaml里面,連續的項目(如:數組元素、集合元素)通過減號“-”來表示,map結構里面的鍵值對(key/value)用冒號“:”來分割。
4、YAML支持三種數據結構
對象:鍵值對的集合,又稱為映射(mapping)/哈希(hashes)/字典(dictionary)
數組:一組按次序排列的值,又稱序列(sequence)/列表(list)
純量(scalars):單個的、不可再分的值
5、數據結構--對象
對象的一組鍵值對,使用冒號結構表示
1:a
yaml也允許另一種寫法,將所有鍵值對寫成一個行內對象
hash:
name:1
foo:bar
或hash:{name:1,foo:bar}
6、數組
一組連詞線開頭的行,構成一個數組
-Cat
-Dog
-Goldfish
轉為JavaScript如下
[['Cat','Dog','Goldfish']]
數組也可以采用行內表示法
animal:[Cat,Dog]
轉為javaScript如下
{animal:['Cat','Dog']}
7、復合結構
對象和數組可以結合使用,形成復合結構
格式如下:
對象 :
對象:
對象:鍵值
對象:
- 數組
- 數組
例:BAT
vim bat.yaml bat: website: baidu: http://www.baidu.com qq: http://www.qq.com ali: - http://www.taobao.com - http://www.tmall.com ceo: yanhongli: 李彥宏 huatengma: 馬化騰 yunma: 馬雲
8、純量
純量是最基本的、不可拆分的值。如:字符串、布爾值、整數、浮點數、Null、時間、日期等
例子
number:12.30
四、kuberctl create 加載yaml文件生產deployment
使用kubectl run在設定復雜需求時,需要非常長的一條語句,比較容易出錯,無法保存等缺點,所以在更多場景下都會使用yaml或者json文件
1、生成mysql-deployment.yaml文件:
這里已經自行下載mysql鏡像,沒有鏡像的小伙伴可以自行下載
docker導入鏡像
[root@node1 ~]# docker load -i docker.io-mysql-mysql-server.tar [root@node2 ~]# docker load -i docker.io-mysql-mysql-server.tar
vim mysql-deployment.yaml
這個文件可以自行創建
[root@master ~]# vim mysql-deployment.yaml kind: Deployment
#---使用Deploment創建一個pod,舊版本k8s可使用kind:ReplicationController apiVersion: extensions/v1beta1
#---api版本 metadata: name: mysql
#---deployment名稱,全局唯一 spec: replicas: 1
#---pod副本數量為1
template: metadata: labels:
#---符合目標的pod擁有此標簽,默認和name值一樣 name: mysql
#定義pod的名稱時mysql spec: containers:
#pod中容器的定義部分 - name: mysql #容器的名稱時mysql
image: docker.io/mysql/mysql-server
#容器對應的docker image鏡像 imagePullPolicy: IfNotPresent
#默認值為:imagePullPolicy:Always一直從外網,IfNotPresent如果本地又鏡像優先本地鏡像,加快啟動速度
ports:
- containerPort: 3306
protocol: TCP
#---暴露的端口和協議
env:
#---注入到容器的環境變量,這里設置root密碼
- name: MYSQL_ROOT_PASSWORD
value: "111111"
2、xxx-deployment.yaml的文件結構
通過上面配置文件可知:
Deployment 的定義
pod的定義
容器的定義
3、創建mysql資源
kubectl create -f mysql-deployment.yaml
[root@master ~]# kubectl create -f mysql-deployment.yaml deployment "mysql" created [root@master ~]# [root@master ~]# [root@master ~]# [root@master ~]# kubectl get pod NAME READY STATUS RESTARTS AGE mysql-1971774246-2f905 1/1 Running 0 14s nginx-2187705812-f9rs1 1/1 Running 0 1d [root@master ~]#
另外可以多個yaml文件同時創建,只需要放在同一目錄創建的時候使用目錄即可
kubectl create -f yamls/
五、使用get參數查看pod/deployment詳情
1、kubectl get pod #---查看pod狀態等信息
2、kubectl get deployment #---查看deployment狀態
3、kubectl get pod -o wide #--查看在哪台節點及此pod集群ip是多少
4、例子
[root@master ~]# kubectl get pod NAME READY STATUS RESTARTS AGE mysql-1971774246-2f905 1/1 Running 0 14s nginx-2187705812-f9rs1 1/1 Running 0 1d [root@master ~]# kubectl get deployment NAME DESIRED CURRENT UP-TO-DATE AVAILABLE AGE mysql 1 1 1 1 3m nginx 1 1 1 1 1d [root@master ~]# kubectl get pod -o wide NAME READY STATUS RESTARTS AGE IP NODE mysql-1971774246-2f905 1/1 Running 0 3m 10.255.36.2 node2 nginx-2187705812-f9rs1 1/1 Running 0 1d 10.255.41.2 node1 [root@master ~]# ping 10.255.36.2 PING 10.255.36.2 (10.255.36.2) 56(84) bytes of data. 64 bytes from 10.255.36.2: icmp_seq=1 ttl=61 time=1.81 ms 64 bytes from 10.255.36.2: icmp_seq=2 ttl=61 time=1.88 ms ^C --- 10.255.36.2 ping statistics --- 2 packets transmitted, 2 received, 0% packet loss, time 1001ms rtt min/avg/max/mdev = 1.812/1.848/1.884/0.036 ms [root@master ~]# ping 10.255.41.2 PING 10.255.41.2 (10.255.41.2) 56(84) bytes of data. 64 bytes from 10.255.41.2: icmp_seq=1 ttl=61 time=2.76 ms 64 bytes from 10.255.41.2: icmp_seq=2 ttl=61 time=0.899 ms ^C --- 10.255.41.2 ping statistics --- 2 packets transmitted, 2 received, 0% packet loss, time 1001ms rtt min/avg/max/mdev = 0.899/1.832/2.765/0.933 ms [root@master ~]#
注意:master可以ping通pod的ip地址,因為此地址是flannel定義的網段,master、node、pod、docker、container它們之間都是使用flannel分配的地址,flannel隧道把物理上分開的主機和容器,鏈接在一個局域網中
5、get命令能夠確認的信息類別:
deployments(縮寫deploy)
events(縮寫 ev)
namespaces(縮寫 ns)
nodes(縮寫 no)
pods(縮寫 po)
replicasets(縮寫 rs)
replicationcontrollers(縮寫 rc)
services(縮寫 svc)
詳細可以查看:Find more information at ⟨https://github.com/kubernetes/kubernetes⟩.
六、describe查看k8s中詳細信息
這個命令上一章節也使用過,主要是排錯的時候
1、kubectl describe pod pod 名字
pod詳情
2、kubectl describe node node 名字
node詳情
3、kubectl describe deployment deployment 名字
deployment詳情
4、例子
[root@master ~]# kubectl get deployment NAME DESIRED CURRENT UP-TO-DATE AVAILABLE AGE mysql 1 1 1 1 16m nginx 1 1 1 1 1d [root@master ~]# kubectl describe deployment mysql Name: mysql Namespace: default CreationTimestamp: Mon, 04 Nov 2019 03:10:28 +0800 Labels: name=mysql Selector: name=mysql Replicas: 1 updated | 1 total | 1 available | 0 unavailable StrategyType: RollingUpdate MinReadySeconds: 0 RollingUpdateStrategy: 1 max unavailable, 1 max surge Conditions: Type Status Reason ---- ------ ------ Available True MinimumReplicasAvailable OldReplicaSets: <none> NewReplicaSet: mysql-1971774246 (1/1 replicas created) Events: FirstSeen LastSeen Count From SubObjectPath Type Reason Message --------- -------- ----- ---- ------------- -------- ------ ------- 17m 17m 1 {deployment-controller } Normal ScalingReplicaSet Scaled up replica set mysql-1971774246 to 1 [root@master ~]# kubectl get pod NAME READY STATUS RESTARTS AGE mysql-1971774246-2f905 1/1 Running 0 17m nginx-2187705812-f9rs1 1/1 Running 0 1d [root@master ~]# kubectl describe pod mysql-1971774246-2f905 Name: mysql-1971774246-2f905 Namespace: default Node: node2/192.168.216.54 Start Time: Wed, 06 Nov 2019 17:11:41 +0800 Labels: name=mysql pod-template-hash=1971774246 Status: Running IP: 10.255.36.2 Controllers: ReplicaSet/mysql-1971774246 Containers: mysql: Container ID: docker://3f8834c600388a131ac91d54171e124454eace58f1d30a999c30ac42b1726767 Image: docker.io/mysql/mysql-server Image ID: docker://sha256:a3ee341faefb76c6c4c6f2a4c37c513466f5aae891ca2f3cb70fd305b822f8de Port: 3306/TCP State: Running Started: Wed, 06 Nov 2019 17:11:43 +0800 Ready: True Restart Count: 0 Volume Mounts: <none> Environment Variables: MYSQL_ROOT_PASSWORD: 111111 Conditions: Type Status Initialized True Ready True PodScheduled True No volumes. QoS Class: BestEffort Tolerations: <none> Events: FirstSeen LastSeen Count From SubObjectPath Type Reason Message --------- -------- ----- ---- ------------- -------- ------ ------- 17m 17m 1 {default-scheduler } Normal Scheduled Successfully assigned mysql-1971774246-2f905 to node2 <invalid> <invalid> 2 {kubelet node2} Warning MissingClusterDNS kubelet does not have ClusterDNS IP configured and cannot create Pod using "ClusterFirst" policy. Falling back to DNSDefault policy. <invalid> <invalid> 1 {kubelet node2} spec.containers{mysql} Normal Pulled Container image "docker.io/mysql/mysql-server" already present on machine <invalid> <invalid> 1 {kubelet node2} spec.containers{mysql} Normal Created Created container with docker id 3f8834c60038; Security:[seccomp=unconfined] <invalid> <invalid> 1 {kubelet node2} spec.containers{mysql} Normal Started Started container with docker id 3f8834c60038 [root@master ~]#
七、其他常用命令及參數
1、命令說明
logs:取得pod中容器的log信息
exec:在pod中執行一條命令
cp:從容器考出或向容器考入文件
attach:到一個運行中的容器上,實時查看容器消息
2、kubectl logs
使用此條命令取出pod中鏡像的log,也可以用於故障排錯的重要信息
[root@master ~]# kubectl get pod NAME READY STATUS RESTARTS AGE mysql-1971774246-2f905 1/1 Running 0 35m nginx-2187705812-f9rs1 1/1 Running 0 1d [root@master ~]# kubectl logs mysql-1971774246-2f905 [Entrypoint] MySQL Docker Image 5.7.20-1.1.2 [Entrypoint] Initializing database [Entrypoint] Database initialized Warning: Unable to load '/usr/share/zoneinfo/iso3166.tab' as time zone. Skipping it. Warning: Unable to load '/usr/share/zoneinfo/zone.tab' as time zone. Skipping it. Warning: Unable to load '/usr/share/zoneinfo/zone1970.tab' as time zone. Skipping it. [Entrypoint] ignoring /docker-entrypoint-initdb.d/* [Entrypoint] Server shut down [Entrypoint] MySQL init process done. Ready for start up. [Entrypoint] Starting MySQL 5.7.20-1.1.2 [root@master ~]#
3、kubectl exec
exec主要用於pod中執行命令,比如到mysql的鏡像中執行 ls
kubectl exec mysql-1971774246-2f905 ls
[root@master ~]# kubectl exec mysql-1971774246-2f905 ls bin boot dev docker-entrypoint-initdb.d entrypoint.sh etc healthcheck.cnf healthcheck.sh home lib lib64 media mnt mysql-init-complete opt proc root run sbin srv sys tmp usr var
直接登陸到pod里面的鏡像
kubectl exec -it mysql-1971774246-2f905 bash
[root@master ~]# kubectl exec -it mysql-1971774246-2f905 bash bash-4.2# ls bin docker-entrypoint-initdb.d healthcheck.cnf lib mnt proc sbin tmp boot entrypoint.sh healthcheck.sh lib64 mysql-init-complete root srv usr dev etc home media opt run sys var bash-4.2#
4、kubectl cp
比如從容器中考出hosts文件到物理機/tmp下
kubectl cp mysql-1971774246-2f905:/etc/hosts /tmp/hosts
error: unexpected EOF
報錯通過幫助命令查看,原來需要在pod中先安裝tar庫如下:
kubectl cp --help
[root@master tmp]# kubectl cp --help Copy files and directories to and from containers. Examples: # !!!Important Note!!! # Requires that the 'tar' binary is present in your container # image. If 'tar' is not present, 'kubectl cp' will fail. # Copy /tmp/foo_dir local directory to /tmp/bar_dir in a remote pod in the default namespace kubectl cp /tmp/foo_dir <some-pod>:/tmp/bar_dir # Copy /tmp/foo local file to /tmp/bar in a remote pod in a specific container kubectl cp /tmp/foo <some-pod>:/tmp/bar -c <specific-container> # Copy /tmp/foo local file to /tmp/bar in a remote pod in namespace <some-namespace> kubectl cp /tmp/foo <some-namespace>/<some-pod>:/tmp/bar # Copy /tmp/foo from a remote pod to /tmp/bar locally kubectl cp <some-namespace>/<some-pod>:/tmp/foo /tmp/bar Options: -c, --container='': Container name. If omitted, the first container in the pod will be chosen Usage: kubectl cp <file-spec-src> <file-spec-dest> [options] Use "kubectl options" for a list of global command-line options (applies to all commands). [root@master tmp]#
看到# Requires that the 'tar' binary is present in your container
進入pod安裝tar
kubectl exec -it mysql-1971774246-2f905 bash
yum install tar -y
exit
執行cp命令
kubectl cp mysql-1971774246-2f905:/etc/hosts /tmp/hosts
[root@master ~]# kubectl cp mysql-1971774246-2f905:/etc/hosts /tmp/hosts error: unexpected EOF [root@master ~]# kubectl exec -it mysql-1971774246-2f905 bash bash-4.2# yum install tar -y Loaded plugins: ovl ol7_UEKR4 | 2.5 kB 00:00 ol7_latest | 2.7 kB 00:00 (1/5): ol7_UEKR4/x86_64/updateinfo | 79 kB 00:04 (2/5): ol7_latest/x86_64/group | 810 kB 00:04 (3/5): ol7_UEKR4/x86_64/primary_db | 4.0 MB 00:06 (4/5): ol7_latest/x86_64/updateinfo | 2.6 MB 00:05 (5/5): ol7_latest/x86_64/primary_db | 22 MB 00:09 Resolving Dependencies --> Running transaction check ---> Package tar.x86_64 2:1.26-35.el7 will be installed --> Finished Dependency Resolution Dependencies Resolved ================================================================================ Package Arch Version Repository Size ================================================================================ Installing: tar x86_64 2:1.26-35.el7 ol7_latest 845 k Transaction Summary ================================================================================ Install 1 Package Total download size: 845 k Installed size: 2.7 M Downloading packages: tar-1.26-35.el7.x86_64.rpm | 845 kB 00:02 Running transaction check Running transaction test Transaction test succeeded Running transaction Installing : 2:tar-1.26-35.el7.x86_64 1/1 Verifying : 2:tar-1.26-35.el7.x86_64 1/1 Installed: tar.x86_64 2:1.26-35.el7 Complete! bash-4.2# exit exit [root@master ~]# kubectl cp mysql-1971774246-2f905:/etc/hosts /tmp/hosts tar: Removing leading `/' from member names [root@master ~]# kubectl cp mysql-1971774246-2f905:/etc/hosts /tmp/hosts tar: Removing leading `/' from member names [root@master ~]# cd /tmp [root@master tmp]# ll total 1168 -rw-r--r-- 1 root root 218 Nov 4 03:58 hosts srwx------ 1 mongod mongod 0 Oct 29 15:57 mongodb-27017.sock
5、kubectl attach
主要用於取得pod中容器的實時信息,可以持續不斷實時取出消息,類似tail -f /var/log/messages動態查看日志的作用
kubectl attach mysql-1971774246-2f905
[root@master tmp]# kubectl attach mysql-1971774246-2f905 If you don't see a command prompt, try pressing enter. [Entrypoint] MySQL Docker Image 5.7.20-1.1.2 [Entrypoint] Initializing database [Entrypoint] Database initialized Warning: Unable to load '/usr/share/zoneinfo/iso3166.tab' as time zone. Skipping it. Warning: Unable to load '/usr/share/zoneinfo/zone.tab' as time zone. Skipping it. Warning: Unable to load '/usr/share/zoneinfo/zone1970.tab' as time zone. Skipping it. [Entrypoint] ignoring /docker-entrypoint-initdb.d/* [Entrypoint] Server shut down [Entrypoint] MySQL init process done. Ready for start up. [Entrypoint] Starting MySQL 5.7.20-1.1.2
參考:mk老師講的kubernetes內容
轉載請注明出處:https://www.cnblogs.com/zhangxingeng/p/11764655.html
kuberneste系列文章: