kubectl是目前管理k8s集群的最强利器.所有对集群的控制和管理都可以通个kubectl进行.

通过kubectl –help查看帮助信息。 

更多信息请访问: https://kubernetes.io/docs/reference/kubectl/overview/

基本命令(初级):
  create         创建一个新的资源从一个文件或者stdin
  expose         获取replication controller,service,deployment和pod,并将其作为一个新的服务.
  
  run            在集群内运行特定镜像.
  set            在对象上设置特定功能
  run-container  在集群上运行特定镜像,已被run替代

基本命令(中级):
  get            现实一个或多个资源
  explain        资源文档
  edit           编辑服务器上的资源
  delete         按照文件名称,标准输入,资源和名称来刪除资源,还可以通过资源和标签选择器

部署命令:
  rollout        管理资源的部署
  rolling-update 执行给定的ReplicationController的滚动更新
  scale          为Deployment,ReplicaSet,Replication等控制器设置一个新的大小或者任务
  autoscale      自动扩展 Deployment, ReplicaSet, 或 ReplicationController

集群管理命令:
  certificate    修改证书资源
  cluster-info   显示集群信息
  top            显示资源 (CPU/Memory/Storage)使用情况
  cordon         将节点标记为不可调度
  uncordon       将节点标记为可调度
  drain          节点准备维护
  taint          更新一个或多个节点上的错误

故障排除与调试命令:
  describe       显示特定资源或资源组的详细信息
  logs           打印pod中容器的日志
  attach         进入正在运行的容器
  exec           在容器中执行命令
  port-forward   将一个或多个本地端口转发到pod
  proxy          运行代理到kubernetes的API Server
  cp             从容器中复制一个文件或者目录
  auth           检查授权
  
高级命令:
  apply          通过filename或stdin将配置应用到资源
  patch          更新资源的字段,通过策略合并
  replace        用filename或stdin替换资源
  convert        在不同的API版本之间转换配置文件

配置命令:
  label          为资源更新标签
  annotate       为资源更新注释
  completion     输出指定shell的shell代码(bash or zsh)

其它命令:
  api-versions   输出服务器支持的API版本
  config         修改kubeconfig配置文件
  help           查看帮助信息
  plugin         运行命令行插件
  version        打印客户端和服务端的版本信息

当然也可以通过   kubectl config –help类似命令查看子命令:

修改kubeconfig文件中的数据.

The loading order follows these rules: 

  1. If the --kubeconfig flag is set, then only that file is loaded.  The flag
may only be set once and no merging takes place.  
  2. If $KUBECONFIG environment variable is set, then it is used a list of paths
(normal path delimitting rules for your system).  These paths are merged.  When
a value is modified, it is modified in the file that defines the stanza.  When a
value is created, it is created in the first file that exists.  If no files in
the chain exist, then it creates the last file in the list.  
  3. Otherwise, ${HOME}/.kube/config is used and no merging takes place.

可用命令:
  current-context 显示当前contexts
  delete-cluster  从kubeconfig中刪除指定的集群
  delete-context  从kubeconfig中刪除指定的上下文
  get-clusters    显示kubeconfig中定义的集群
  get-contexts    描述一个或多个contexts
  rename-context  在kubeconfig中给一个context改名
  set             在kubeconfig中设置单个值
  set-cluster     在kubeconfig中设置一个集群
  set-context     在kubeconfig中设置一个context
  set-credentials 在kubeconfig中设置一个用户
  unset           取消设置
  use-context     在kubeconfig中设置current-context
  view            显示合并后的kubeconfig设置或指定kubeconfig文件

kubectl的命令可以分为三类:

1.集群访问配置:kubectl config

配置kubectl管理的kubernetes集群的配置信息,与Linux中的命令行不同的是,命令行的设置直接操控文件.

(1)kubectl config view:查看当前节点的kubeconfig配置信息.

kubernetes可以有多个集群,一个集群又可以配置无数过service,多层级有利于梳理计算机资源。

打印文件的内容,密钥数据省略.

root@VM-16-6-ubuntu:~# cat /etc/kubernetes/admin.conf 
apiVersion: v1
clusters:
- cluster:
    certificate-authority-data: ...
    server: https://148.70.251.10:6443
  name: kubernetes
contexts:
- context:
    cluster: kubernetes
    user: kubernetes-admin
  name: kubernetes-admin@kubernetes
current-context: kubernetes-admin@kubernetes
kind: Config
preferences: {}
users:
- name: kubernetes-admin
  user:
    client-certificate-data: ...
    client-key-data: ...

通过kubectl config view可以查看的相同的信息.

root@VM-16-6-ubuntu:~# kubectl config view
apiVersion: v1
clusters:
- cluster:
    certificate-authority-data: REDACTED
    server: https://148.70.251.10:6443
  name: kubernetes
contexts:
- context:
    cluster: kubernetes
    user: kubernetes-admin
  name: kubernetes-admin@kubernetes
current-context: kubernetes-admin@kubernetes
kind: Config
preferences: {}
users:
- name: kubernetes-admin
  user:
    client-certificate-data: REDACTED
    client-key-data: REDACTED

(2)kubectl config set-cluster:添加集群

root@VM-16-6-ubuntu:~# kubectl config set-cluster k8s1 --server=https://1.2.3.4
Cluster "k8s1" set.

 查看配置文件:

root@VM-16-6-ubuntu:~# head -5 /etc/kubernetes/admin.conf 
apiVersion: v1
clusters:
- cluster:
    server: https://1.2.3.4
  name: k8s1

确认已经写入了配置文件.

root@VM-16-6-ubuntu:~# kubectl config view
apiVersion: v1
clusters:
- cluster:
    server: https://1.2.3.4
  name: k8s1
- cluster:
    certificate-authority-data: REDACTED
    server: https://148.70.251.10:6443
  name: kubernetes
contexts:
- context:
    cluster: kubernetes
    user: kubernetes-admin
  name: kubernetes-admin@kubernetes
current-context: kubernetes-admin@kubernetes
kind: Config
preferences: {}
users:
- name: kubernetes-admin
  user:
    client-certificate-data: REDACTED
    client-key-data: REDACTED

(3)kubectl config get-clusters:查看kubeconfig中所有的cluster

root@VM-16-6-ubuntu:~# kubectl config get-clusters
NAME
k8s1
kubernetes

(4)kubectl config delete-cluster:刪除某个cluster

root@VM-16-6-ubuntu:~# kubectl config delete-cluster k8s1
deleted cluster k8s1 from /etc/kubernetes/admin.conf
root@VM-16-6-ubuntu:~# kubectl config get-clusters
NAME
kubernetes

(5)kubectl config get-context:获取所有的context

kubernetes中context类似“用户”的意思,这是多租户使用的的前提。

root@VM-16-6-ubuntu:~# kubectl config current-context
kubernetes-admin@kubernetes

(6)kubectl config set-context:添加一个context

root@VM-16-6-ubuntu:~# kubectl config set-context admin1@k8s1 --user=admin1
Context "admin1@k8s1" created.
root@VM-16-6-ubuntu:~# kubectl config get-contexts
CURRENT   NAME                          CLUSTER      AUTHINFO           NAMESPACE
          admin1@k8s1                                admin1             
*         kubernetes-admin@kubernetes   kubernetes   kubernetes-admin 

(7)kubectl config delete-context:刪除一个context

root@VM-16-6-ubuntu:~# kubectl config delete-context admin1@k8s1
deleted context admin1@k8s1 from /etc/kubernetes/admin.conf
root@VM-16-6-ubuntu:~# kubectl config get-contexts
CURRENT   NAME                          CLUSTER      AUTHINFO           NAMESPACE
*         kubernetes-admin@kubernetes   kubernetes   kubernetes-admin 

(8)kubectl config current-context:查看当前所使用的context

root@VM-16-6-ubuntu:~# kubectl config current-context
kubernetes-admin@kubernetes

(9)kubectl config use-context:切换context

root@VM-16-6-ubuntu:~# kubectl config set-context admin1@k8s1 --user=admin1
Context "admin1@k8s1" created.
root@VM-16-6-ubuntu:~# kubectl config use-context admin1@k8s1
Switched to context "admin1@k8s1".
root@VM-16-6-ubuntu:~# kubectl config current-context
admin1@k8s1

(10)kubectl config set-credentials:添加一个用户

root@VM-16-6-ubuntu:~# kubectl config set-credentials admin1 --username=admin1 --password=abcd
User "admin1" set.

在kubeconfig中可以看到如下信息:

users:
- name: admin1
  user:
    password: abcd
    username: admin1

2.集群控制:kubectl create/apply/delete/label/edit/expose/scale

(1)kubectl create:创建pod

编写配置文件:

apiVersion: apps/v1
kind: Deployment
metadata:
  name: deployment-example
spec:
  replicas: 2
  selector:
    matchLabels:
      app: nginx
  template:
    metadata:
      labels:
        app: nginx
    spec:
      containers:
      - name: nginx
        image: nginx:1.10

集群创建以及查看:

root@VM-16-6-ubuntu:~/test# kubectl create -f nginx-deployment.yaml 
deployment.apps "deployment-example" created
root@VM-16-6-ubuntu:~/test# kubectl get pods
NAME                                 READY     STATUS              RESTARTS   AGE
deployment-example-9956dd665-prkn9   0/1       ContainerCreating   0          44s
deployment-example-9956dd665-wwbvr   0/1       ContainerCreating   0          44s
root@VM-16-6-ubuntu:~/test# kubectl get pods
NAME                                 READY     STATUS    RESTARTS   AGE
deployment-example-9956dd665-prkn9   1/1       Running   0          4m
deployment-example-9956dd665-wwbvr   1/1       Running   0          4m
#显示标签信息:
root@VM-16-6-ubuntu:~/test# kubectl get pods --show-labels
NAME                                 READY     STATUS    RESTARTS   AGE       LABELS
deployment-example-9956dd665-prkn9   1/1       Running   0          13m       app=nginx,pod-template-hash=551288221
deployment-example-9956dd665-wwbvr   1/1       Running   0          13m       app=nginx,pod-template-hash=551288221

(2)给pod打标签

root@VM-16-6-ubuntu:~/test# kubectl label pods/deployment-example-9956dd665-wwbvr status=healthy
pod "deployment-example-9956dd665-wwbvr" labeled
root@VM-16-6-ubuntu:~/test# kubectl get pods --show-labels
NAME                                 READY     STATUS    RESTARTS   AGE       LABELS
deployment-example-9956dd665-prkn9   1/1       Running   0          14m       app=nginx,pod-template-hash=551288221
deployment-example-9956dd665-wwbvr   1/1       Running   0          14m       app=nginx,pod-template-hash=551288221,status=healthy

(3)编辑pod的配置文件

root@VM-16-6-ubuntu:~/test# kubectl edit deployment/deployment-example
deployment.extensions "deployment-example" edited

这个文件属于临时文件,现在将pod中的容器数量replicas变更为4。
查看pods信息:

root@VM-16-6-ubuntu:~/test# kubectl get pods --show-labels
NAME                                 READY     STATUS    RESTARTS   AGE       LABELS
deployment-example-9956dd665-jpbvw   1/1       Running   0          10s       app=nginx,pod-template-hash=551288221
deployment-example-9956dd665-pmng2   1/1       Running   0          10s       app=nginx,pod-template-hash=551288221
deployment-example-9956dd665-prkn9   1/1       Running   0          17m       app=nginx,pod-template-hash=551288221
deployment-example-9956dd665-wwbvr   1/1       Running   0          17m       app=nginx,pod-template-hash=551288221,status=healthy

(4)使用kubectl scale也可以操作pod的yaml文件配置

直接修改配置文件的内容,而不需要打开文件。

root@VM-16-6-ubuntu:~/test# kubectl scale --replicas=10 deployment/deployment-example
deployment.extensions "deployment-example" scaled
root@VM-16-6-ubuntu:~/test# kubectl get pods --show-labels
NAME                                 READY     STATUS    RESTARTS   AGE       LABELS
deployment-example-9956dd665-246zt   1/1       Running   0          8s        app=nginx,pod-template-hash=551288221
deployment-example-9956dd665-424r4   1/1       Running   0          8s        app=nginx,pod-template-hash=551288221
deployment-example-9956dd665-jpbvw   1/1       Running   0          14m       app=nginx,pod-template-hash=551288221
deployment-example-9956dd665-pdcff   1/1       Running   0          8s        app=nginx,pod-template-hash=551288221
deployment-example-9956dd665-pmng2   1/1       Running   0          14m       app=nginx,pod-template-hash=551288221
deployment-example-9956dd665-prkn9   1/1       Running   0          32m       app=nginx,pod-template-hash=551288221
deployment-example-9956dd665-rwq8t   1/1       Running   0          8s        app=nginx,pod-template-hash=551288221
deployment-example-9956dd665-tnk99   1/1       Running   0          8s        app=nginx,pod-template-hash=551288221
deployment-example-9956dd665-vsbqk   1/1       Running   0          8s        app=nginx,pod-template-hash=551288221
deployment-example-9956dd665-wwbvr   1/1       Running   0          32m       app=nginx,pod-template-hash=551288221,status=healthy

(5)通过kubectl apply恢复原始配置

root@VM-16-6-ubuntu:~/test# kubectl apply -f nginx-deployment.yaml 
Warning: kubectl apply should be used on resource created by either kubectl create --save-config or kubectl apply
deployment.apps "deployment-example" configured
root@VM-16-6-ubuntu:~/test# kubectl get pods --show-labels
NAME                                 READY     STATUS        RESTARTS   AGE       LABELS
deployment-example-9956dd665-246zt   0/1       Terminating   0          3m        app=nginx,pod-template-hash=551288221
deployment-example-9956dd665-424r4   0/1       Terminating   0          3m        app=nginx,pod-template-hash=551288221
deployment-example-9956dd665-jpbvw   0/1       Terminating   0          17m       app=nginx,pod-template-hash=551288221
deployment-example-9956dd665-pdcff   0/1       Terminating   0          3m        app=nginx,pod-template-hash=551288221
deployment-example-9956dd665-pmng2   0/1       Terminating   0          17m       app=nginx,pod-template-hash=551288221
deployment-example-9956dd665-prkn9   1/1       Running       0          35m       app=nginx,pod-template-hash=551288221
deployment-example-9956dd665-rwq8t   1/1       Terminating   0          3m        app=nginx,pod-template-hash=551288221
deployment-example-9956dd665-vsbqk   0/1       Terminating   0          3m        app=nginx,pod-template-hash=551288221
deployment-example-9956dd665-wwbvr   1/1       Running       0          35m       app=nginx,pod-template-hash=551288221,status=healthy
root@VM-16-6-ubuntu:~/test# kubectl get pods --show-labels
NAME                                 READY     STATUS        RESTARTS   AGE       LABELS
deployment-example-9956dd665-246zt   0/1       Terminating   0          3m        app=nginx,pod-template-hash=551288221
deployment-example-9956dd665-jpbvw   0/1       Terminating   0          17m       app=nginx,pod-template-hash=551288221
deployment-example-9956dd665-pdcff   0/1       Terminating   0          3m        app=nginx,pod-template-hash=551288221
deployment-example-9956dd665-prkn9   1/1       Running       0          35m       app=nginx,pod-template-hash=551288221
deployment-example-9956dd665-rwq8t   0/1       Terminating   0          3m        app=nginx,pod-template-hash=551288221
deployment-example-9956dd665-wwbvr   1/1       Running       0          35m       app=nginx,pod-template-hash=551288221,status=healthy
root@VM-16-6-ubuntu:~/test# kubectl get pods --show-labels
NAME                                 READY     STATUS    RESTARTS   AGE       LABELS
deployment-example-9956dd665-prkn9   1/1       Running   0          35m       app=nginx,pod-template-hash=551288221
deployment-example-9956dd665-wwbvr   1/1       Running   0          35m       app=nginx,pod-template-hash=551288221,status=healthy

(6)通过kubectl delete删除pod

root@VM-16-6-ubuntu:~/test# kubectl delete -f nginx-deployment.yaml 
deployment.apps "deployment-example" deleted
root@VM-16-6-ubuntu:~/test# kubectl get pods --show-labels
NAME                                 READY     STATUS        RESTARTS   AGE       LABELS
deployment-example-9956dd665-prkn9   0/1       Terminating   0          37m       app=nginx,pod-template-hash=551288221
root@VM-16-6-ubuntu:~/test# kubectl get pods --show-labels
No resources found.

 

3.集群查看和问题调试:kubectl get/describe/logs/exec/attach

(1)kubectl get:获取对象的信息,可以是pod、node等

root@VM-16-6-ubuntu:~/test# kubectl get pods
NAME                                 READY     STATUS    RESTARTS   AGE
deployment-example-9956dd665-2ksc4   1/1       Running   0          10m
deployment-example-9956dd665-rdwwc   1/1       Running   0          10m
root@VM-16-6-ubuntu:~/test# kubectl get nodes
NAME             STATUS    ROLES     AGE       VERSION
vm-0-3-ubuntu    Ready     <none>    2d        v1.10.2
vm-16-6-ubuntu   Ready     master    2d        v1.10.2
vm-16-8-ubuntu   Ready     <none>    2d        v1.10.2

(2)kubeadm descrbe:查看特定资源或资源组的描述信息

root@VM-16-6-ubuntu:~/test# kubectl describe pods/deployment-example-9956dd665-rdwwc
Name:           deployment-example-9956dd665-rdwwc
Namespace:      default
Node:           vm-16-8-ubuntu/172.27.16.8
Start Time:     Fri, 21 Jun 2019 22:32:45 +0800
Labels:         app=nginx
                pod-template-hash=551288221
Annotations:    <none>
Status:         Running
IP:             192.168.20.1
Controlled By:  ReplicaSet/deployment-example-9956dd665
Containers:
  nginx:
    Container ID:   docker://dd4f3ca81bbc5e6dc56f33d3c3bdb1700212e65a6024956e2bf45fc81614ee42
    Image:          nginx:1.10
    Image ID:       docker-pullable://nginx@sha256:6202beb06ea61f44179e02ca965e8e13b961d12640101fca213efbfd145d7575
    Port:           <none>
    Host Port:      <none>
    State:          Running
      Started:      Fri, 21 Jun 2019 22:32:46 +0800
    Ready:          True
    Restart Count:  0
    Environment:    <none>
    Mounts:
      /var/run/secrets/kubernetes.io/serviceaccount from default-token-44qwv (ro)
Conditions:
  Type           Status
  Initialized    True 
  Ready          True 
  PodScheduled   True 
Volumes:
  default-token-44qwv:
    Type:        Secret (a volume populated by a Secret)
    SecretName:  default-token-44qwv
    Optional:    false
QoS Class:       BestEffort
Node-Selectors:  <none>
Tolerations:     node.kubernetes.io/not-ready:NoExecute for 300s
                 node.kubernetes.io/unreachable:NoExecute for 300s
Events:
  Type    Reason                 Age   From                     Message
  ----    ------                 ----  ----                     -------
  Normal  Scheduled              50s   default-scheduler        Successfully assigned deployment-example-9956dd665-rdwwc to vm-16-8-ubuntu
  Normal  SuccessfulMountVolume  50s   kubelet, vm-16-8-ubuntu  MountVolume.SetUp succeeded for volume "default-token-44qwv"
  Normal  Pulled                 49s   kubelet, vm-16-8-ubuntu  Container image "nginx:1.10" already present on machine
  Normal  Created                49s   kubelet, vm-16-8-ubuntu  Created container
  Normal  Started                49s   kubelet, vm-16-8-ubuntu  Started container

(3)kubeadm exec在容器内执行命令

root@VM-16-6-ubuntu:~/test# kubectl exec deployment-example-9956dd665-rdwwc -- cat /etc/nginx/nginx.conf

user  nginx;
worker_processes  1;

error_log  /var/log/nginx/error.log warn;
pid        /var/run/nginx.pid;


events {
    worker_connections  1024;
}


http {
    include       /etc/nginx/mime.types;
    default_type  application/octet-stream;

    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  /var/log/nginx/access.log  main;

    sendfile        on;
    #tcp_nopush     on;

    keepalive_timeout  65;

    #gzip  on;

    include /etc/nginx/conf.d/*.conf;
}

(4)kubectl logs查看容器的日志输出

root@VM-16-6-ubuntu:~/test# kubectl logs pods/deployment-example-9956dd665-rdwwc

使用-f参数可以查看实时日志输出。

(5)kubectl attach进入到容器内部

root@VM-16-6-ubuntu:~/test# kubectl attach deployment-example-9956dd665-rdwwc