04、Kubernetes 集群功能演示(kubectl管理命令的使用)

通过一段学习,我们的Kubernetes已经部署起来,现在就开始功能的演示。
Kubectl是管理k8s集群的命令行工具,通过生成的json格式传递给apiserver进行创建、查看、管理的操作。

一、kubectl帮助信息

kubectl run --help
[root@master01 ~]# kubectl --help
kubectl controls the Kubernetes cluster manager.(kubectl控制Kubernetes集群管理器)

 Find more information at(更多信息请访问): https://kubernetes.io/docs/reference/kubectl/overview/

Basic Commands (Beginner):基本命令(初级)

create        Create a resource from a file or from stdin.(从文件或stdin创建资源)
  expose        使用 replication controller, service, deployment 或者 pod 并暴露它作为一个 新的 Kubernetes Service
  run           在集群中运行一个指定的镜像
  set           为 objects 设置一个指定的特征

Basic Commands (Intermediate):基本命令(中级)

explain 查看资源的文档
get 显示一个或更多 resources
edit 在服务器上编辑一个资源
delete Delete resources by filenames, stdin,resources and names, or by resources and label selector(按文件名、stdin、资源和名称删除资源,或按资源和标签选择器删除资源)

Deploy Commands:部署命令

rollout Manage the rollout of a resource
scale Set a new size for a Deployment, ReplicaSet or Replication Controller
autoscale 自动调整一个 Deployment, ReplicaSet, 或者 ReplicationController 的副本数量

Cluster Management Commands:集群管理命令

certificate 修改 certificate 资源.
cluster-info 显示集群信息
top Display Resource (CPU/Memory/Storage) usage.(显示资源(CPU/内存/存储)使用情况)
cordon 标记 node 为 unschedulable
uncordon 标记 node 为 schedulable
drain Drain node in preparation for maintenance(排水节点,准备维护)
taint 更新一个或者多个 node 上的 taints

Troubleshooting and Debugging Commands:故障排除和调试命令

describe 显示一个指定 resource 或者 group 的 resources 详情
logs 输出容器在 pod 中的日志
attach Attach 到一个运行中的 container
exec 在一个 container 中执行一个命令
port-forward Forward one or more local ports to a pod(将一个或多个本地端口转发到一个pod)
proxy 运行一个 proxy 到 Kubernetes API server
cp 复制 files 和 directories 到 containers 和从容器中复制 files 和 directories.
auth Inspect authorization(检查授权)

Advanced Commands:先进的命令

diff Diff live version against would-be applied version
apply 通过文件名或标准输入流(stdin)对资源进行配置
patch 使用 strategic merge patch 更新一个资源的 field(s)
replace 通过 filename 或者 stdin替换一个资源
wait Experimental: Wait for a specific condition on one or many resources.
convert 在不同的 API versions 转换配置文件
kustomize Build a kustomization target from a directory or a remote url.

Settings Commands:设置命令

label 更新在这个资源上的 labels
annotate 更新一个资源的注解
completion Output shell completion code for the specified shell (bash or zsh)

Other Commands:其他命令

alpha Commands for features in alpha
api-resources Print the supported API resources on the server
api-versions Print the supported API versions on the server, in the form of “group/version”
config 修改 kubeconfig 文件
plugin Provides utilities for interacting with plugins.
version 输出 client 和 server 的版本信息

二、项目的生命周期

创建–》发布–》更新–》回滚–》删除

1、创建kubectl run

kubectl run 命令

语法:

kubectl run NAME --image=image(镜像) [–env=“key=value”] [–port=port(端口)] [–replicas=replicas(副本)] [–dry-run=bool(测试状态)] [–overrides=inline-json(重写)] [–command(命令)] --[COMMAND] [args…] [options]

创建nginx

(1)创建nginx镜像,副本集数量为3个

[root@master01 ~]# kubectl run nginx --image=nginx:latest --port=80 --replicas=3
Flag --replicas has been deprecated, has no effect and will be removed in the future.
pod/nginx created

报错:Flag --replicas has been deprecated, has no effect and will be removed in the future.
经查询说是–replicas已弃用 ,推荐用 deployment 创建 pods

但是,这里已经提示pod/nginx created(pod/nginx已创建)应该先删除,再用yml创建。

#找到原先安装的pod的name
kubectl get pods
#删除上面语句产生的nginx
kubectl delete pods nginx

[root@master01 ~]# kubectl get pods        #找到原先安装的pod的name
NAME    READY   STATUS    RESTARTS   AGE
nginx   1/1     Running   0          34m
[root@master01 ~]# kubectl delete pods nginx    #删除上面语句产生的nginx-deploy
pod "nginx" deleted

现在已经删除了。
接下来我们把下面的yml代码复制,粘贴到vim nginx-deployment.yaml里面去。
粘贴过程中可能会代码错位,进入vim 编辑模式前输入:set paste解决缩进错乱的问题。

# API 版本号
apiVersion: apps/v1
# 类型,如:Pod/ReplicationController/Deployment/Service/Ingress
kind: Deployment
metadata:
  # Kind 的名称
  name: nginx-app
spec:
  selector:
    matchLabels:
      # 容器标签的名字,发布 Service 时,selector 需要和这里对应
      app: nginx
  # 部署的实例数量
  replicas: 2
  template:
    metadata:
      labels:
        app: nginx
    spec:
      # 配置容器,数组类型,说明可以配置多个容器
      containers:
      # 容器名称
      - name: nginx
        # 容器镜像
        image: nginx:1.17
        # 只有镜像不存在时,才会进行镜像拉取
        imagePullPolicy: IfNotPresent
        ports:
        # Pod 端口
        - containerPort: 80

然后通过kubectl apply -f nginx-deployment.yaml来创建。

[root@master01 ~]# vim nginx-deployment.yaml
[root@master01 ~]# kubectl apply -f nginx-deployment.yaml
deployment.apps/nginx-deployment created
[root@master01 ~]# kubectl get deployment
NAME               READY   UP-TO-DATE   AVAILABLE   AGE
nginx-deployment   2/2     2            2           34s

(2)查看创建的镜像,控制器,副本集

[root@master01 ~]# kubectl get pods,deployment,replicaset
NAME                                    READY   STATUS    RESTARTS   AGE
pod/nginx-deployment-6b474476c4-mgb8l   1/1     Running   0          7m23s
pod/nginx-deployment-6b474476c4-x2m4r   1/1     Running   0          7m23s

NAME                               READY   UP-TO-DATE   AVAILABLE   AGE
deployment.apps/nginx-deployment   2/2     2            2           7m23s

NAME                                          DESIRED   CURRENT   READY   AGE
replicaset.apps/nginx-deployment-6b474476c4   2         2         2       7m23s
[root@master01 ~]#

2、发布kubectl expose

kubectl expose命令

语法:

kubectl expose (-f FILENAME | TYPE NAME) [–port=port(端口:群集之间内部通讯的端口)] [–protocol=TCP|UDP|SCTP] [–target-port=number-or-name(端口:暴露在外部的端口)] [–name=name(名称)] [–external-ip=external-ip-of-service] [–type=type(类型)] [options(选项)]

发布nginx:

(1)发布nginx,类型为deployment,对内的端口号为80,对外暴露的端口也是80,并且deployment的名称为nginx-service,其类型为NodePort

[root@master01 ~]# kubectl expose deployment nginx-deployment --port=80 --type=LoadBalancer
service/nginx-deployment exposed
[root@master01 ~]#

(2)查看资源对象,查看所有Pod列表,以及查看services服务

[root@master01 ~]# kubectl get pods,svc
NAME                                    READY   STATUS    RESTARTS   AGE
pod/nginx-deployment-6b474476c4-mgb8l   1/1     Running   0          11m
pod/nginx-deployment-6b474476c4-x2m4r   1/1     Running   0          11m

NAME                       TYPE           CLUSTER-IP      EXTERNAL-IP   PORT(S)        AGE
service/kubernetes         ClusterIP      10.96.0.1       <none>        443/TCP        2d8h
service/nginx-deployment   LoadBalancer   10.106.69.201   <pending>     80:32271/TCP   82s

(3)查看资源对象简写

[root@master01 ~]# kubectl api-resources
NAME                              SHORTNAMES   APIGROUP                       NAMESPACED   KIND
bindings                                                                      true         Binding
componentstatuses                 cs                                          false        ComponentStatus
configmaps                        cm                                          true         ConfigMap
endpoints                         ep                                          true         Endpoints
events                            ev                                          true         Event
limitranges                       limits                                      true         LimitRange
namespaces                        ns                                          false        Namespace
nodes                             no                                          false        Node
persistentvolumeclaims            pvc                                         true         PersistentVolumeClaim
persistentvolumes                 pv                                          false        PersistentVolume
pods                              po                                          true         Pod
podtemplates                                                                  true         PodTemplate
replicationcontrollers            rc                                          true         ReplicationController
resourcequotas                    quota                                       true         ResourceQuota
secrets                                                                       true         Secret
serviceaccounts                   sa                                          true         ServiceAccount
services                          svc                                         true         Service
mutatingwebhookconfigurations                  admissionregistration.k8s.io   false        MutatingWebhookConfiguration
validatingwebhookconfigurations                admissionregistration.k8s.io   false        ValidatingWebhookConfiguration
customresourcedefinitions         crd,crds     apiextensions.k8s.io           false        CustomResourceDefinition
apiservices                                    apiregistration.k8s.io         false        APIService
controllerrevisions                            apps                           true         ControllerRevision
daemonsets                        ds           apps                           true         DaemonSet
deployments                       deploy       apps                           true         Deployment
replicasets                       rs           apps                           true         ReplicaSet
statefulsets                      sts          apps                           true         StatefulSet
tokenreviews                                   authentication.k8s.io          false        TokenReview
localsubjectaccessreviews                      authorization.k8s.io           true         LocalSubjectAccessReview
selfsubjectaccessreviews                       authorization.k8s.io           false        SelfSubjectAccessReview
selfsubjectrulesreviews                        authorization.k8s.io           false        SelfSubjectRulesReview
subjectaccessreviews                           authorization.k8s.io           false        SubjectAccessReview
horizontalpodautoscalers          hpa          autoscaling                    true         HorizontalPodAutoscaler
cronjobs                          cj           batch                          true         CronJob
jobs                                           batch                          true         Job
certificatesigningrequests        csr          certificates.k8s.io            false        CertificateSigningRequest
leases                                         coordination.k8s.io            true         Lease
endpointslices                                 discovery.k8s.io               true         EndpointSlice
events                            ev           events.k8s.io                  true         Event
ingresses                         ing          extensions                     true         Ingress
ingressclasses                                 networking.k8s.io              false        IngressClass
ingresses                         ing          networking.k8s.io              true         Ingress
networkpolicies                   netpol       networking.k8s.io              true         NetworkPolicy
runtimeclasses                                 node.k8s.io                    false        RuntimeClass
poddisruptionbudgets              pdb          policy                         true         PodDisruptionBudget
podsecuritypolicies               psp          policy                         false        PodSecurityPolicy
clusterrolebindings                            rbac.authorization.k8s.io      false        ClusterRoleBinding
clusterroles                                   rbac.authorization.k8s.io      false        ClusterRole
rolebindings                                   rbac.authorization.k8s.io      true         RoleBinding
roles                                          rbac.authorization.k8s.io      true         Role
priorityclasses                   pc           scheduling.k8s.io              false        PriorityClass
csidrivers                                     storage.k8s.io                 false        CSIDriver
csinodes                                       storage.k8s.io                 false        CSINode
storageclasses                    sc           storage.k8s.io                 false        StorageClass
volumeattachments                              storage.k8s.io                 false        VolumeAttachment

(4)查看关联后端的节点

[root@master01 ~]# kubectl get endpoints
NAME               ENDPOINTS                     AGE
kubernetes         10.10.30.40:6443              2d8h
nginx-deployment   10.244.1.3:80,10.244.2.2:80   2m54s

(5)网络状态详细信息

[root@master01 ~]# kubectl get pods -o wide
NAME                                READY   STATUS    RESTARTS   AGE   IP           NODE     NOMINATED NODE   READINESS GATES
nginx-deployment-6b474476c4-mgb8l   1/1     Running   0          13m   10.244.1.3   work02   <none>           <none>
nginx-deployment-6b474476c4-x2m4r   1/1     Running   0          13m   10.244.2.2   work01   <none>           <none>

(6)查看服务暴露的端口

[root@master01 ~]# kubectl get svc
NAME               TYPE           CLUSTER-IP      EXTERNAL-IP   PORT(S)        AGE
kubernetes         ClusterIP      10.96.0.1       <none>        443/TCP        2d8h
nginx-deployment   LoadBalancer   10.106.69.201   <pending>     80:32271/TCP   3m43s

在node01操作,查看负载均衡端口32271

注意:kubernetes里kube-proxy支持三种模式,在v1.8之前我们使用的是iptables 以及 userspace两种模式,在kubernetes 1.8之后引入了ipvs模式,所以我们要实现安装一个 ipvsadm的软件包

[root@localhost ~]# yum install ipvsadm -y

IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
  -> RemoteAddress:Port           Forward Weight ActiveConn InActConn

在node02操作,同样安装ipvsadmin工具查看

[root@localhost ~]# yum install ipvsadm -y

[root@master01 ~]# ipvsadm -L -n
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
  -> RemoteAddress:Port           Forward Weight ActiveConn InActConn

在master1操作 查看访问日志(注意:如果访问其他node无法访问检查proxy组件

[root@master01 ~]# kubectl get pods
NAME                                READY   STATUS    RESTARTS   AGE
nginx-deployment-6b474476c4-mgb8l   1/1     Running   0          17m
nginx-deployment-6b474476c4-x2m4r   1/1     Running   0          17m

在没有访问的情况下,是没有日志的

[root@master01 ~]# kubectl logs nginx-deployment-6b474476c4-mgb8l
[root@master01 ~]# kubectl logs nginx-deployment-6b474476c4-x2m4r

去浏览器进行访问后,再去进行日志的查看

输入:http://10.10.30.40:32271/

[root@master01 ~]# kubectl logs nginx-deployment-6b474476c4-x2m4r
10.244.0.0 - - [04/Oct/2020:18:33:38 +0000] "GET / HTTP/1.1" 200 612 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4209.2 Safari/537.36" "-"
2020/10/04 18:33:39 [error] 6#6: *1 open() "/usr/share/nginx/html/favicon.ico" failed (2: No such file or directory), client: 10.244.0.0, server: localhost, request: "GET /favicon.ico HTTP/1.1", host: "10.10.30.40:32271", referrer: "http://10.10.30.40:32271/"
10.244.0.0 - - [04/Oct/2020:18:33:39 +0000] "GET /favicon.ico HTTP/1.1" 404 571 "http://10.10.30.40:32271/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4209.2 Safari/537.36" "-"

3、更新kubecl set

kubecl set命令

更新nginx 为1.14版本

(1)谷歌浏览器重新加载刷新页面查看nginx版本信息

k8s 监控集群组件 k8s 集群管理_Deployment

kubecl set命令

[root@localhost ~]# kubectl set --help
Configure application resources 

These commands help you make changes to existing application resources.

Available Commands:
  env            Update environment variables on a pod template
  image          更新一个 pod template 的镜像
  resources      在对象的 pod templates 上更新资源的 requests/limits
  selector       设置 resource 的 selector
  serviceaccount Update ServiceAccount of a resource
  subject        Update User, Group or ServiceAccount in a
RoleBinding/ClusterRoleBinding

Usage:
  kubectl set SUBCOMMAND [options]

Use "kubectl <command> --help" for more information about a given command.
Use "kubectl options" for a list of global command-line options (applies to all
commands).

(2)获取修改模板

[root@localhost ~]# kubectl set image --help

Examples:
  # Set a deployment's nginx container image to 'nginx:1.9.1', and its busybox
container image to 'busybox'.
  kubectl set image deployment/nginx busybox=busybox nginx=nginx:1.9.1

(3)更新

[root@localhost bin]# kubectl set image deployment/nginx nginx=nginx:1.14

deployment.extensions/nginx image updated

[root@localhost ~]# kubectl get pods -w
NAME                     READY   STATUS              RESTARTS   AGE
nginx-6ff7c89c7c-cbrth   0/1     ContainerCreating   0          14s
nginx-7697996758-d6l5w   1/1     Running             0          179m
nginx-7697996758-rtl66   1/1     Running             0          179m
nginx-7697996758-zghwr   1/1     Running             0          179m
nginx-6ff7c89c7c-cbrth   1/1   Running   0     39s
nginx-7697996758-d6l5w   1/1   Terminating   0     179m
nginx-6ff7c89c7c-fdfdv   0/1   Pending   0     0s
nginx-6ff7c89c7c-fdfdv   0/1   Pending   0     0s
nginx-6ff7c89c7c-fdfdv   0/1   ContainerCreating   0     0s
nginx-7697996758-d6l5w   0/1   Terminating   0     179m
nginx-7697996758-d6l5w   0/1   Terminating   0     179m
nginx-7697996758-d6l5w   0/1   Terminating   0     179m
nginx-6ff7c89c7c-fdfdv   1/1   Running   0     27s
nginx-7697996758-rtl66   1/1   Terminating   0     179m
nginx-6ff7c89c7c-2bfhh   0/1   Pending   0     0s
nginx-6ff7c89c7c-2bfhh   0/1   Pending   0     0s
nginx-6ff7c89c7c-2bfhh   0/1   ContainerCreating   0     0s
nginx-7697996758-rtl66   0/1   Terminating   0     179m
nginx-7697996758-rtl66   0/1   Terminating   0     3h
nginx-7697996758-rtl66   0/1   Terminating   0     3h
nginx-6ff7c89c7c-2bfhh   1/1   Running   0     17s
nginx-7697996758-zghwr   1/1   Terminating   0     3h
nginx-7697996758-zghwr   0/1   Terminating   0     3h
nginx-7697996758-zghwr   0/1   Terminating   0     3h
nginx-7697996758-zghwr   0/1   Terminating   0     3h

(4)Ctrl+c中断监听,更新速度快

[root@localhost ~]# kubectl get pods
NAME                     READY   STATUS    RESTARTS   AGE
nginx-6ff7c89c7c-2bfhh   1/1     Running   0          117s
nginx-6ff7c89c7c-cbrth   1/1     Running   0          3m3s
nginx-6ff7c89c7c-fdfdv   1/1     Running   0          2m24s

(5)再回到浏览器界面,重新加载,查看版本号

k8s 监控集群组件 k8s 集群管理_nginx_02

4、回滚kubectl rollout

kubectl rollout命令

[root@localhost ~]#  kubectl rollout --help
Manage the rollout of a resource.
  
Valid resource types include: 

  * deployments  
  * daemonsets  
  * statefulsets

Examples:
  # Rollback to the previous deployment
  kubectl rollout undo deployment/abc
  
  # Check the rollout status of a daemonset
  kubectl rollout status daemonset/foo

Available Commands:
  history     显示 rollout 历史
  pause       标记提供的 resource 为中止状态
  resume      继续一个停止的 resource
  status      显示 rollout 的状态
  undo        撤销上一次的 rollout

Usage:
  kubectl rollout SUBCOMMAND [options]

Use "kubectl <command> --help" for more information about a given command.
Use "kubectl options" for a list of global command-line options (applies to all commands).

(1)查看历史版本

[root@localhost ~]# kubectl rollout history deployment/nginx
deployment.extensions/nginx 
REVISION  CHANGE-CAUSE
1     <none>
2     <none>

(2)执行回滚

[root@localhost ~]# kubectl rollout undo deployment/nginx
deployment.extensions/nginx

(3)检查回滚状态

[root@localhost ~]# kubectl rollout status deployment/nginx
Waiting for deployment "nginx" rollout to finish: 1 old replicas are pending termination...
Waiting for deployment "nginx" rollout to finish: 1 old replicas are pending termination...
deployment "nginx" successfully rolled out

(4)回到浏览器界面,重新加载,查看版本号

k8s 监控集群组件 k8s 集群管理_nginx_03

5、删除kubectl delete

kubectl delete命令

(1)删除nginx

[root@localhost ~]# kubectl get deploy     #查看deployment   
NAME   DESIRED  CURRENT  UP-TO-DATE  AVAILABLE  AGE
nginx  3     3     3       3      3h18m

[root@localhost ~]# **kubectl delete deployment/nginx**
deployment.extensions "nginx" deleted

[root@localhost ~]# **kubectl get deploy**       **#**再查看,删除成功
No resources found.

(2)删除服务svc

[root@localhost ~]# kubectl get svc
NAME       TYPE     CLUSTER-IP  EXTERNAL-IP  PORT(S)     AGE
kubernetes    ClusterIP  10.0.0.1   <none>     443/TCP     3d10h
nginx-service  NodePort   10.0.0.121  <none>     80:37434/TCP  177m
[root@localhost ~]# kubectl delete svc/nginx-service
service "nginx-service" deleted
[root@localhost ~]# kubectl get svc
NAME     TYPE     CLUSTER-IP  EXTERNAL-IP  PORT(S)  AGE
kubernetes  ClusterIP  10.0.0.1   <none>     443/TCP  3d10h