kubernetes(k8s)kubectl使⽤详解
⼀、kubectl概述
kubectl是⼀个⽤于操作kubernetes集的命令⾏接⼝,通过利⽤kubectl的各种命令可以实现各种功能。
⼆、通过kubect命令⼯具创建容器:
在minion运⾏容器(nginx):
⾓⾊IP
master/etcd192.168.10.5
node-1192.168.10.8
node-2192.168.10.9
1、检查集节点,及服务健康状态:
[root@master ~]# kubectl get node
NAME STATUS AGE
192.168.10.8 Ready 22h
192.168.10.9 Ready 21h
[root@master ~]# kubectl get cs
NAME STATUS MESSAGE ERROR
scheduler Healthy ok
controller-manager Healthy ok
etcd-0 Healthy {"health": "true"}
2、在node-1和node-2节点服务器上下载docker镜像:
[root@node-1 ~]# docker pull docker.io/nginx
[root@node-1 ~]# docker pull docker.io/tianyebj/pod-infrastructure
#这⾥需要打⼀个dhat/rhel7/pod-infrastructure:latest 的tag
[root@node-1 ~]# docker tag docker.io/tianyebj/pod-infrastructure dhat/rhel7/pod-infrastructure:latest
# 这⾥⾸先会去检查本地⽬录镜像名称,如果没有会去拉去这个镜像,所以在本地把下载好的镜像指向这个名称
[root@node-1 ~]# cat /etc/kubernetes/kubelet |grep "KUBELET_POD_INFRA_CONTAINER"
KUBELET_POD_INFRA_CONTAINER="--pod-infra-container-image=dhat/rhel7/pod-infrastructure:latest"
查看下载镜像:
[root@node-1 ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
docker.io/nginx latest 7042885a156a 12 days ago 109 MB
docker.io/ubuntu latest 1d9c17228a9e 12 days ago 86.7 MB
docker.io/tianyebj/pod-infrastructure latest 34d3450d733b 23 months ago 205 MB
dhat/rhel7/pod-infrastructure latest 34d3450d733b 23 months ago 205 MB
3、创建⼀个容器:
语法: kubectl run NAME --image=image [--env="key=value"] [--port=port] [--replicas=replicas]
kubectl run 和docker run 都是来启动运⾏容器:
参数说明:
--image :指定docker运⾏的容器镜像
--env : docker环境变量
--port : 映射端⼝
--replicas :副本数
启动pod:
[root@master cgroup]# kubectl run nginx --image=docker.io/nginx --replicas=1 --port=900
deployment "nginx" created
#查看⽣成的pod,kubernetes将容器运⾏在pod中以⽅便实施卷和⽹络共享等管理
[root@master cgroup]# kubectl get deployment
NAME DESIRED CURRENT UP-TO-DATE AVAILABLE AGE
nginx 1110 1m
注:使⽤docker.io/nginx镜像,--port=暴露容器端⼝ 9000 ,设置副本数1
注:如果docker.io/nginx镜像没有,那么node1和node2会⾃动在dockerhub上下载。也可以改成⾃⼰的私有仓库地址:--image= 192.168.10.5:5000/nginx:1.13
查看运⾏状态:
[root@master ~]# kubectl get pods
NAME READY STATUS RESTARTS AGE
nginx-2187705812-7btdb 1/1 Running 0 50m
同时在node-1节点服务器查看容器是否运⾏:
通过describe命令查看描述信息
[root@master ~]# kubectl describe pod nginx|grep Node
Node: 192.168.10.8/192.168.10.8
[root@node-1 ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
ce019e387cae docker.io/nginx "nginx -g 'daemon ..."43 minutes ago Up 43 minutes k8s_nginx.92d20176_nginx-2187705812-7btdb_default_e24bf824-14c
3-11e9-88ba-000c2953a750_3f14 a68ee7e56e7d dhat/rhel7/pod-infrastructure:latest "/pod"44 minutes ago Up 44 minutes k8s_POD.17af0ba2_nginx-2187705812-7btdb_default_e24bf824-14c3-11e9-88ba-000c2953a75 pods常见的状态:
I、 ContainerCreating #容器创建
注:如果这⾥pod是ContainerCreating ,检查要运⾏的容器镜像是否存在,或其他问题,通过 kubectl describe pod nginx 命令查看详细信息
II、ImagePullBackOff #从后端把镜像拉取到本地
注:如果这⾥pod没有正常运⾏,都是因为docker hub没有连接上,导致镜像没有下载成功,这时,可以在node节点上把相关镜像⼿动上传⼀下或把docker源换成阿⾥云
的。
III、terminating ['tɜ:mɪneɪtɪŋ] #终⽌。当删除pod时的状态
V、Running : 容器正在运⾏中
4、使⽤kubectl delete删除创建的对象
4.1、删除POD:
[root@master ~]# kubectl get pods
NAME READY STATUS RESTARTS AGE
nginx-2187705812-7btdb 1/1 Running 0 1h
[root@master ~]# kubectl delete pod nginx-2187705812-7btdb
pod "nginx-2187705812-7btdb" deleted
[root@master ~]# kubectl get pods
NAME READY STATUS RESTARTS AGE
nginx-2187705812-qjp31 0/1 ContainerCreating 0 3s
[root@master ~]# kubectl describe pod nginx|grep Node
Node: 192.168.10.9/192.168.10.9
当我们使⽤delete删除pod时,可以看到kubectl⼜重新创建启动⼀个POD ,⽽且我们通过describe指令看到pod已经运⾏在node-2服务器上了,这是正是replicas为1的作⽤,平
台会⼀直保证有⼀个副本在运⾏
4.2、删除deployment
直接删除pod触发了replicas的确保机制,所以需要我们直接删除deployment
[root@master ~]# kubectl delete deployment nginx
deployment "nginx" deleted
[root@master ~]# kubectl get pods
No resources found.
三、使⽤yaml⽂件⽣成deployment
kubectl 常⽤命令和参数说明:
命令说明
kubectl run 运⾏⼀个pod
kubectl delete 删除⼀个POD
kubectl get 查看pod相关信息
kubectl create 创建deployment
kubectl logs 取得pod中容器的log信息
kubectl exec 在pod中执⾏⼀条命令
kubectl cp 从容器拷出或向容器拷⼊⽂件
kubectl attach Attach到⼀个运⾏中的容器上,实时查看容器消息
使⽤kubectl run在设定很复杂的需求时,需要⾮常长的⼀条语句,也很容易出错,也没法保存。所以更多场景下会使⽤yaml或者json⽂件。
1、两个node-1和node-2下载docker镜像:
[root@node-2 kubernetes]# docker pull docker.io/mysql/mysql-server
2、编写MySQL启动的yaml⽂件:
kind: Deployment #使⽤deployment创建⼀个pod资源
apiVersion: extensions/v1beta1 #api版本
metadata:
name: mysql #deployment的名称,全局唯⼀
spec:
replicas: 1 # Pod副本期待数量,1表⽰只运⾏⼀个pod,⾥⾯⼀个容器
template: #根据此模板创建Pod的副本(实例)
metadata:
labels: #符合⽬标的Pod拥有此标签。默认和name的值⼀样
name: mysql
spec:
containers: # Pod中容器的定义部分
- name: mysql #容器的名称
image: docker.io/mysql/mysql-server #获取的docker镜像
imagePullPolicy: IfNotPresent
#⽀持三种ImagePullPolicy:
# Always:不管镜像是否存在都会进⾏⼀次拉取。
# Never:不管镜像是否存在都不会进⾏拉取
# IfNotPresent:只有镜像不存在时,才会进⾏镜像拉取。
ports:
-
containerPort: 3306 #容器暴露的端⼝号
protocol: TCP
env: #注⼊到容器的环境变量
- name: MYSQL_ROOT_PASSWORD
value: "123456"
kind: Deployment
apiVersion: extensions/v1beta1
metadata:
name: mysql
spec:
replicas: 1
template:
metadata:
labels:
name: mysql
spec:
containers:
- name: mysql
image: docker.io/mysql/mysql-server
imagePullPolicy: IfNotPresent
ports:
- containerPort: 3306
protocol: TCP
env:
- name: MYSQL_ROOT_PASSWORD
value: "123456"
mysql-deployment
3、kubectl create 创建
[root@master ~]# kubectl create -f mysql-deployment.yaml
deployment "mysql" created
#使⽤get参数查看pod详细信息
[root@master ~]# kubectl get pods
NAME READY STATUS RESTARTS AGE
mysql-3013141301-2000x 1/1 Running 0 12s
[root@master ~]# kubectl get deployment
NAME DESIRED CURRENT UP-TO-DATE AVAILABLE AGE
mysql 1111 1m
注:当⼀个⽬录下,有多个yaml⽂件的时候,使⽤kubectl create -f ⽬录的⽅式⼀下全部创建
4、 kubectl get pod -o wide 命令
[root@master ~]# kubectl get pod -o wide
NAME READY STATUS RESTARTS AGE IP NODE
mysql-3013141301-2000x 1/1 Running 0 5m 10.255.18.3192.168.10.8
该参数可以查看更详细的信息,⽐如看到pod运⾏的节点服务器、IP;
在node-1上查看运⾏的容器MySQL
[root@node-1 ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
4cde1e00cb85 docker.io/mysql/mysql-server "/entrypoint."10 minutes ago Up 10 minutes (healthy) k8s_mysql.87212679_mysql-3013141301-2000x_default_84289d45-14dc-11e9-88ba-
10fff4f9ba9f dhat/rhel7/pod-infrastructure:latest "/pod"10 minutes ago Up 10 minutes k8s_POD.1d520ba5_mysql-3013141301-2000x_default_84289d45-14dc-11e9-88ba-000c2953 5、kubectl logs 查看pod中容器⽇志信息:
[root@master ~]# kubectl get pods
NAME READY STATUS RESTARTS AGE
mysql-3013141301-2000x 1/1 Running 0 19m
[root@master ~]# kubectl logs mysql-3013141301-2000x
[Entrypoint] MySQL Docker Image 8.0.13-1.1.8
[Entrypoint] Initializing database
2019-01-10T13:32:27.838555Z 0 [System] [MY-013169] [Server] /usr/sbin/mysqld (mysqld 8.0.13) initializing of server in progress as process 20
2019-01-10T13:32:32.491456Z 5 [Warning] [MY-010453] [Server] root@localhost is created with an empty password ! Please consider switching off the --initialize-insecure option.
6、kubectl exec 在pod中执⾏⼀条命令
[root@master ~]# kubectl exec -it mysql-3013141301-2000x ls /
bin etc lib64 proc sys
boot healthcheckf media root tmp
dev healthcheck.sh mnt run usr
docker-entrypoint-initdb.d home mysql-init-complete sbin var
entrypoint.sh lib opt srv
#进⼊容器环境
[root@master ~]# kubectl exec -it mysql-3013141301-2000x /bin/bash
bash-4.2# ls
bin dev entrypoint.sh healthcheckf home lib64 mnt opt root sbin sys usr
boot docker-entrypoint-initdb.d etc healthcheck.sh lib media mysql-init-complete proc run srv tmp var
7、kubectl cp ⽤于从容器与物理机⽂件的拷贝
#容器需要安装tar⼆进制⽂件⽅能执⾏kuberctl cp
[root@master ~]# kubectl cp --help
Copy files and directories to and from containers.
Examples:
# Important Note
# Requires that the 'tar' binary is present in your container
# image. If 'tar'is not present, 'kubectl cp' will fail.
语法:
# Copy /tmp/foo_dir local directory to /tmp/bar_dir in a remote pod in the default namespace
kubectl cp /tmp/foo_dir <some-pod>:/tmp/bar_dir
# Copy /tmp/foo local file to /tmp/bar in a remote pod in a specific container
kubectl cp /tmp/foo <some-pod>:/tmp/bar -c <specific-container>
在容器⾥安装tar命令:
[root@master ~]# kubectl exec -it mysql-3013141301-2000x /bin/bash
bash-4.2# yum -y install tar
从容器拷贝⽂件到物理机
[root@master ~]# kubectl cp mysql-3013141301-2000x:/etc/hosts ./hosts
从物理机拷贝⽂件到容器
[root@master ~]# kubectl cp hosts mysql-3013141301-2000x:/tmp/hosts
8、kubectl attath ⽤于动态查看pod中容器⽇志信息
[root@master ~]# kubectl attach mysql-3013141301-2000x
四、使⽤kubectl管理集中deployment资源和service服务
kubectl相关命令参数如下:
kubectl edit 编辑服务器侧资源
kubectl replace 使⽤⽂件名或者标准输⼊资源
kubectl patch 部分更新资源相关信息
kubectl apply 使⽤⽂件或者标准输⼊更改配置信息
kubectl scale 重新设定Deployment/ReplicaSet/RC/Job的size
kubectl autoscale Deployment/ReplicaSet/RC的⾃动扩展设定
kubectl cordon 设定node不可使⽤
kubectl uncordon 设定node可以使⽤
kubectl drain 设定node进⼊维护模式
1、下载测试镜像:
在node-1和node-2 下载测试镜像
[root@node-2 ~]# docker pull nginx
[root@node-2 ~]# docker pull docker.io/richarvey/nginx-php-fpm
2、编写部署nginx.yaml⽂件
#部署nginx服务
[root@master ~]# cat nginx-deployment.yaml
kind: Deployment
apiVersion: extensions/v1beta1
metadata:
name: nginx
spec:
replicas: 1
template:
metadata:
labels:
name: nginx
spec:
containers:
- name: nginx
image: docker.io/nginx:latest
imagePullPolicy: IfNotPresent
ports:
container容器用法- containerPort: 80
protocol: TCP
#服务端⼝映射
[root@master ~]# cat nginx-server.yaml
kind: Service
apiVersion: v1
metadata:
name: nginx
labels:
name: nginx
spec:
type: NodePort
ports:
- protocol: TCP
nodePort: 31001
targetPort: 80
port: 80
selector:
name: nginx
3、创建pod:
[root@master ~]# kubectl create -f nginx-deployment.yaml
[root@master ~]# kubectl create -f nginx-server.yaml
查看创建的server、pod
[root@master ~]# kubectl get deploy
NAME DESIRED CURRENT UP-TO-DATE AVAILABLE AGE
mysql 1111 1h
nginx 1111 10m
[root@master ~]# kubectl get pods
NAME READY STATUS RESTARTS AGE
mysql-3013141301-2000x 1/1 Running 0 1h
nginx-1011335894-4ngml 1/1 Running 0 10m
[root@master ~]# kubectl get service
NAME CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes 10.254.0.1 <none> 443/TCP 1d
nginx 10.254.49.161 <nodes> 80:31001/TCP 8m
[root@master ~]# kubectl get pod -o wide
NAME READY STATUS RESTARTS AGE IP NODE
mysql-3013141301-2000x 1/1 Running 0 1h 10.255.18.3192.168.10.8
nginx-1011335894-4ngml 1/1 Running 0 11m 10.255.94.2192.168.10.9
通过查看以上信息,我们可以看到nginx服务在node-2上运⾏并把80端⼝映射到主机31001端⼝[root@node-2 kubernetes]# netstat -tunlp|grep 31001
tcp6 00 :::31001 :::* LISTEN 21843/kube-proxy
访问服务:
[root@master ~]# kubectl get pod -o wide
NAME READY STATUS RESTARTS AGE IP NODE
mysql-3013141301-2000x 1/1 Running 0 1h 10.255.18.3192.168.10.8
nginx-1011335894-4ngml 1/1 Running 0 11m 10.255.94.2192.168.10.9
修改默认主页
[root@master ~]# kubectl exec -it nginx-1011335894-4ngml bash
root@nginx-1011335894-4ngml:/# echo "kubernetes test 2018" > /usr/share/nginx/html/index.html
root@nginx-1011335894-4ngml:/#
4、kubectl edit ⽤于编辑服务器上的资源
例1:查看service值。 -o参数指定输出的消息为yaml类型
[root@master ~]# kubectl get service nginx -o yaml
apiVersion: v1
kind: Service
metadata:
creationTimestamp: 2019-01-10T14:41:21Z
labels:
name: nginx
name: nginx
namespace: default
resourceVersion: "116573"
selfLink: /api/v1/namespaces/default/services/nginx
uid: cc4cf987-14e5-11e9-88ba-000c2953a750
spec:
clusterIP: 10.254.49.161
ports:
- nodePort: 31001
port: 80
protocol: TCP
targetPort: 80
selector:
name: nginx
sessionAffinity: None
type: NodePort
status:
loadBalancer: {}
类似vim 打开服务配置⽂件进项修改,然后保存
[root@master ~]# kubectl edit service nginx
service "nginx" edited
改:19 - nodePort: 31001
为:19 - nodePort: 31002
查看POD端⼝映射信息已经改变
[root@master ~]# kubectl get service
NAME CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes 10.254.0.1 <none> 443/TCP 1d
nginx 10.254.49.161 <nodes> 80:31002/TCP 23m
通过31002端⼝访问服务:
注:edit编辑的是运⾏环境的设定⽽不需要停⽌服务。
5、kubctl replace ⽤于替换,我们使⽤上个例⼦中的service的port,把它改为31003
[root@master ~]# kubectl get service nginx -o yaml > nginx_replace.yaml
查看导出⽂件并修改:
[root@master ~]# cat nginx_replace.yaml
apiVersion: v1
kind: Service
metadata:
creationTimestamp: 2019-01-10T14:41:21Z
labels:
name: nginx
name: nginx
namespace: default
resourceVersion: "118277"
selfLink: /api/v1/namespaces/default/services/nginx
uid: cc4cf987-14e5-11e9-88ba-000c2953a750
spec:
clusterIP: 10.254.49.161
ports:
- nodePort: 31003
port: 80
protocol: TCP
targetPort: 80
selector:
name: nginx
sessionAffinity: None
type: NodePort
status:
loadBalancer: {}
我们把映射端⼝改为31003,然后保存退出;使⽤replace 命令
[root@master ~]# kubectl replace -f nginx_replace.yaml
service "nginx" replaced
[root@master ~]# kubectl get service
NAME CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes 10.254.0.1 <none> 443/TCP 1d
nginx 10.254.49.161 <nodes> 80:31003/TCP 2h
6、kuberctl patch 当修改⼀部分设定时,使⽤patch很⽅便。⽐如:给pod换个image镜像。
给nginx容器替换⼀个⽀持php的docker镜像
[root@master ~]# kubectl patch pod nginx-1011335894-4ngml -p '{"spec":{"containers":[{"name":"nginx","image":"docker.io/richarvey/nginx-php-fpm"}]}}' "nginx-1011335894-4ngml" patched
[root@master ~]# kubectl get service
NAME CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes 10.254.0.1 <none> 443/TCP 1d
nginx 10.254.49.161 <nodes> 80:31003/TCP 2h
通过浏览器访问31003端⼝:
7、kubectl apply ⽤于使⽤⽂件或者标准输⼊来更改配置信息
[root@master ~]# vim nginx-server.yaml
把 nodePort: 31001
改为 nodePort: 31004
⽤apply命令加载修改的配置:
可以见到端⼝修改的范围30000-32767
[root@master ~]# kubectl apply -f nginx-server.yaml
The Service "nginx"is invalid: spec.ports[0].nodePort: Invalid value: 8080: provided port is not in the valid range. The range of valid ports is30000-32767 [root@master ~]# vim nginx-server.yaml
[root@master ~]# kubectl apply -f nginx-server.yaml
service "nginx" configured
版权声明:本站内容均来自互联网,仅供演示用,请勿用于商业和其他非法用途。如果侵犯了您的权益请与我们联系QQ:729038198,我们将在24小时内删除。
发表评论