Shulou(Shulou.com)05/31 Report--

This article introduces you what are the skills of kubectl, the content is very detailed, interested friends can refer to, hope to be helpful to you.

Kubectl is the most important command line tool for Kubernetes. At Flant, we share the magic of Kubectl with each other on Wiki and Slack (we actually have a search engine, but that's another matter). Over the years, we have accumulated a lot of skills in kubectl, and now we want to share some of them with the community.

Let's start now.

Get Pod and nodes

I guess you know how to get Pod-- usage-- all-namepsaces-- for all the Namespace in the Kubernetes cluster. However, many friends do not know that now this switch still has the abbreviation of-A.

How do I find a Pod in a non-running state?

Kubectl get pods-A-- fieldlect selectorstatus.phasestarting running | grep-v Complete

By the way,-- field-selector is a parameter worth going a little deeper.

How to get a list of nodes and their memory capacity:

Kubectl get no-o json |\

Jq-r '.items | sort_by (.status.statity.memory) [] | [.metadata.name, .status.accounity.memory] | @ tsv'

Get a list of nodes containing the number of Pod running on each node:

Kubectl get po-o json-- all-namespaces |\

Jq '.items | group_by (.spec.nodeName) | map ({"nodeName": .[ 0] .spec.nodeName, "count": length}) | sort_by (.count)'

Sometimes DaemonSet fails to start on a node for some reason. Manual search can be a bit troublesome:

$ns=my-namespace

$pod_template=my-pod

$kubectl get node | grep-v\ "$(kubectl-n ${ns} get pod-- all-namespaces-o wide | fgrep ${pod_template} | awk'{print $8}'| xargs-n 1 echo-n"\ | "| sed's / [[: space:]] * / / g')\"

Use kubectl top to get the Pod list and sort it by the CPU or memory it consumes:

# cpu

$kubectl top pods-A | sort-- reverse-- key 3-- numeric

# memory

$kubectl top pods-A | sort-- reverse-- key 4-- numeric

Get the Pod list and sort it according to the number of restarts:

Kubectl get pods-sort-by=.status.containerStatuses [0] .restartCount

Of course, you can also sort using PodStatus and other fields of ContainerStatus.

Get other data

When you run Ingress, you often want to get the selector field of the Service object, which is used to find Pod. In the past, you had to open the Service list to accomplish this task, but now you can also use the-o wide parameter:

$kubectl-n jaeger get svc-o wide

NAME TYPE CLUSTER-IP EXTERNAL-IP PORT (S) AGE SELECTOR

Jaeger-cassandra ClusterIP None 9042/TCP 77d app=cassandracluster,cassandracluster=jaeger-cassandra,cluster=jaeger-cassandra

How to output requests and limits of Pod:

$kubectl get pods-A-o=custom-columns='NAME:spec.containers [*] .name, MEMREQ:spec.containers [*] .resources.requests.memory, MEMLIM:spec.containers [*] .resources.requests.memory, CPUREQ:spec.containers [*] .resources.requests.cpu, CPULIM:spec.containers [*] .resources.requests. CPU'

NAME MEMREQ MEMLIM CPUREQ CPULIM

Coredns 70Mi 170Mi 100m

Coredns 70Mi 170Mi 100m

...

The kubectl run (and create, apply, patch) command has a powerful parameter-dry-run, which allows users to observe the behavior of the cluster without actually operating the cluster. If combined with-o yaml, the YAML corresponding to the command can be output:

$kubectl run test-image=grafana/grafana-dry-run-o yaml

ApiVersion: apps/v1

Kind: Deployment

Metadata:

CreationTimestamp: null

Labels:

Run: test

Name: test

Spec:

Replicas: 1

Selector:

MatchLabels:

Run: test

Simply save the output to a file and delete the useless fields.

1.18 at the beginning, kubectl run generates Pod instead of Deployment.

Gets the description list of the specified resource:

Kubectl explain hpa

KIND: HorizontalPodAutoscaler

VERSION: autoscaling/v1

DESCRIPTION:

Configuration of a horizontal pod autoscaler.

FIELDS:

ApiVersion

... The network

Get the internal IP of the cluster node:

$kubectl get nodes-o json | jq-r '.items [] .status.status []? | select (.type = = "InternalIP") | .address' |\

Paste-sd "\ n"-

9.134.14.252

Get all the Service objects and their nodePort:

$kubectl get-A svc-o json | jq-r '.items [] | [.metadata.name, ([.spec.ports [] .nodePort | tostring] | join ("|")] | @ tsv'

Kubernetes null

...

When troubleshooting CNI (such as Flannel), it is often necessary to check routes to identify the faulty Pod. Pod subnets are very useful here:

$kubectl get nodes-o jsonpath=' {.items [*] .spec.podCIDR}'| tr "\ n" fix-doc-azure-container-registry-config ✭

10.120.0.0/24

10.120.1.0/24

10.120.2.0Compact 24 Log

Output logs in a readable time format:

$kubectl logs-f fluentbit-gke-qq9w9-c fluentbit--timestamps

2020-09-10T13:10:49.822321364Z Fluent Bit v1.3.11

2020-09-10T13:10:49.822373900Z Copyright (C) Treasure Data

2020-09-10T13:10:49.822379743Z

2020-09-10T13:10:49.822383264Z [13:10:49 on 2020-09-10] [info] Configuration:

Only the tail log is output:

Kubectl logs-f fluentbit-gke-qq9w9-c fluentbit--tail=10

[2020-09-10 13:10:49] [info] _

[2020-09-10 13:10:49] [info] filters:

[2020-09-10 13:10:49] [info] parser.0

...

Output a log of all containers in a Pod:

Kubectl-n my-namespace logs-f my-pod-all-containers

Use the tag selector to output logs for multiple Pod:

Kubectl-n my-namespace logs-f-l app=nginx

Get the log of the previous container (for example, in the case of a crash):

Kubectl-n my-namespace logs my-pod-previous

Other

Copy Secret to another namespace:

Kubectl get secrets-o json-- namespace namespace-old |\

Jq '.items [] .metadata.namespace = "namespace-new"' |\

Kubectl create-f-

The following two commands generate a self-issued certificate for testing:

Openssl req-x509-nodes-days 365-newkey rsa:2048-keyout tls.key-out tls.crt-subj "/ CN=grafana.mysite.ru/O=MyOrganization"

Kubectl-n myapp create secret tls selfsecret-- key tls.key-- cert tls.crt 's skills about kubectl are shared here. I hope the above content can be of some help to you and learn more knowledge. If you think the article is good, you can share it for more people to see.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.