Kubectl 語法整理

  • Exp. kubeconf 檔案存放在 /iiidevops/kube-config/config
  • kubectl --kubeconfig /iiidevops/kube-config/config get pod

  • 方法1

    kubectl config current-context

    結果:

    rkeuser@devops2:~$ kubectl config current-context
    iiidevops-k8s

  • 方法2

    kubectl config view

    結果:

    rkeuser@devops2:~$ kubectl config view
    apiVersion: v1
    clusters:
    - cluster:
        certificate-authority-data: DATA+OMITTED
        server: https://172.16.0.172:6443
      name: iiidevops-k8s
    contexts:
    - context:
        cluster: iiidevops-k8s
        user: kube-admin-iiidevops-k8s
      name: iiidevops-k8s
    current-context: iiidevops-k8s
    kind: Config
    preferences: {}
    users:
    - name: kube-admin-iiidevops-k8s
      user:
        client-certificate-data: REDACTED
        client-key-data: REDACTED

  • kubectl get pod

    Exp.

    localadmin@iiidevops-73:~$ kubectl get pod
    NAME                                  READY   STATUS    RESTARTS   AGE
    devopsapi-dbbcf7fd4-j5nv2             1/1     Running   0          36m
    devopsdb-5555449b8d-rd2z9             1/1     Running   0          37m
    devopsui-84496c7fcc-bd99r             1/1     Running   0          126m
    redmine-547cbdbbbb-wk9s6              1/1     Running   1          17h
    redmine-postgresql-6fb9475c6c-gs9gh   1/1     Running   0          17h
    sonarqube-server-6ccbf4c54f-vksmp     1/1     Running   0          17h

  • 加上 -n 參數 指定所要查詢的 namespace 內 pod 清單

    kubectl get pod -n kube-system

    Exp.

    $ kubectl get pod -n kube-system
    NAME                                      READY   STATUS      RESTARTS   AGE
    calico-kube-controllers-c955d588c-kcm7r   1/1     Running     2          36h
    calico-node-sghsm                         1/1     Running     2          36h
    :
    rke-metrics-addon-deploy-job-dhjbl        0/1     Completed   0          36h
    rke-network-plugin-deploy-job-6vzqh       0/1     Completed   0          36h

  • 加上 -A 參數可呈現所有 namespace 的 pod 清單

    kubectl get pod -A

    Exp.

    localadmin@iiidevops-hv-2:~$ kubectl get pod -A
    NAMESPACE          NAME                                       READY   STATUS      RESTARTS   AGE
    cattle-pipeline    registry-proxy-96bbj                       1/1     Running     0          40m
    cattle-system      cattle-cluster-agent-7d569b986c-57485      1/1     Running     0          145m
    :
    kube-system        rke-metrics-addon-deploy-job-tb2sn         0/1     Completed   0          146m
    kube-system        rke-network-plugin-deploy-job-pcgss        0/1     Completed   0          146m
    p-8kvwh-pipeline   docker-registry-57fbddc6cc-ch9cw           1/1     Running     0          40m
    p-8kvwh-pipeline   jenkins-f4d6b89cb-h8554                    1/1     Running     0          40m
    p-8kvwh-pipeline   minio-5ccb99b5c7-kp9lc                     1/1     Running     0          40m

  • kubectl logs [pod NAME]

    Exp.

    localadmin@iiidevops-73:~$ kubectl logs redmine-547cbdbbbb-wk9s6 | tail -20
    I, [2020-12-21T10:47:03.089762 #1]  INFO -- :   Rendered enumerations/_form.html.erb (2.8ms)
    I, [2020-12-21T10:47:03.090267 #1]  INFO -- :   Rendered enumerations/new.html.erb within layouts/admin (4.2ms)
    I, [2020-12-21T10:47:03.095432 #1]  INFO -- :   Rendered admin/_menu.html.erb (4.9ms)
    I, [2020-12-21T10:47:03.095745 #1]  INFO -- :   Rendering layouts/base.html.erb
    I, [2020-12-21T10:47:03.107140 #1]  INFO -- :   Rendered layouts/base.html.erb (11.3ms)
    I, [2020-12-21T10:47:03.107464 #1]  INFO -- : Completed 200 OK in 32ms (Views: 19.9ms | ActiveRecord: 5.8ms)
    I, [2020-12-21T10:47:05.101236 #1]  INFO -- : Started POST "/enumerations" for 10.20.0.74 at 2020-12-21 10:47:05 +0000
    I, [2020-12-21T10:47:05.102407 #1]  INFO -- : Processing by EnumerationsController#create as HTML
    I, [2020-12-21T10:47:05.102487 #1]  INFO -- :   Parameters: {"utf8"=>"✓", "authenticity_token"=>"wRaItdciacpkIjcxxxxxxxxxxrdQWdKf66WuZPq6AGAIQyK9BLeuyOlyKODKQedaCNdAoADOadTy+3UH4mTeg==", "enumeration"=>{"type"=>"IssuePriority", "name"=>"Low", "active"=>"1", "is_default"=>"0"}, "commit"=>"Create"}
    I, [2020-12-21T10:47:05.112128 #1]  INFO -- :   Current user: admin (id=1)
    I, [2020-12-21T10:47:05.192218 #1]  INFO -- : Redirected to http://10.20.0.74:32748/enumerations
    I, [2020-12-21T10:47:05.192469 #1]  INFO -- : Completed 302 Found in 90ms (ActiveRecord: 17.5ms)
    10.20.0.74 - - [21/Dec/2020:10:47:05 UTC] "POST /enumerations HTTP/1.1" 302 102
    http://10.20.0.74:32748/enumerations/new?type=IssuePriority -> /enumerations
    10.20.0.74 - - [21/Dec/2020:10:47:05 UTC] "GET /enumerations HTTP/1.1" 200 8526
    http://10.20.0.74:32748/enumerations/new?type=IssuePriority -> /enumerations
    10.20.0.74 - - [22/Dec/2020:02:21:47 UTC] "GET /users/current.json HTTP/1.1" 200 253
    - -> /users/current.json
    10.20.0.74 - - [22/Dec/2020:02:21:47 UTC] "GET /users.json?offset=0&limit=25&key=d64c31axxxxxxxxxxd085fc5825ec257b31a3ec7 HTTP/1.1" 200 230
    - -> /users.json?offset=0&limit=25&key=d64c31aff3xxxxxxxxxx5fc5825ec257b31a3ec7

  • kubectl describe pod [pod NAME]

    Exp.

    localadmin@iiidevops-71:~/deploy-devops$ kubectl describe pod devopsapi-cdccbcb48-qv4n9
    Name:         devopsapi-cdccbcb48-qv4n9
    Namespace:    default
    Priority:     0
    Node:         iiidevops-72/10.20.0.72
    Start Time:   Thu, 24 Dec 2020 06:27:37 +0000
    Labels:       app=devopsapi
                  pod-template-hash=cdccbcb48
    :
    :
      Normal   Pulling         15s (x2 over 38s)  kubelet            Pulling image "iiiorg/devops-api:develop"
      Warning  Failed          11s (x2 over 34s)  kubelet            Failed to pull image "iiiorg/devops-api:develop": rpc error: code = Unknown desc = Error response from daemon: toomanyrequests: You have reached your pull rate limit. You may increase the limit by authenticating and upgrading: https://www.docker.com/increase-rate-limit
      Warning  Failed          11s (x2 over 34s)  kubelet            Error: ErrImagePull

  • kubectl exec -it [POD Name] -- bash

    Exp.

    localadmin@iiidevops-hv-2:~$ kubectl exec -it devopsapi-74c78bb4c8-77phj -- bash
    root@devopsapi-74c78bb4c8-77phj:/usr/src/app# ls -lt
    total 76
    drwxr-xr-x 1 root root  4096 Jan 23 08:18 apis
    drwxrwxrwx 2 root root  4096 Jan 23 08:18 logs
    -rw-r--r-- 1 root root    41 Jan 22 22:15 git_commit
    -rwxr-xr-x 1 root root   435 Jan 22 22:15 Dockerfile
    -rwxr-xr-x 1 root root 11357 Jan 22 22:15 LICENSE
    -rwxr-xr-x 1 root root   878 Jan 22 22:15 README.md
    -rwxr-xr-x 1 root root  1994 Jan 22 22:15 _alembic.ini
    :
    :
    -rwxr-xr-x 1 root root  3133 Jan 22 22:15 k8s_config
    root@devopsapi-c9ddc8cdf-mrb9f:/usr/src/app#

  • 如果要進入不同 namespace 的 pod 操作就需要加上 –namespace=“xxx” 的參數 Exp.

    localadmin@iiidevops-hv-2:~$ kubectl exec -it --namespace="p-8kvwh-pipeline" minio-5ccb99b5c7-kp9lc  -- traceroute 172.17.13.183
    traceroute to 172.17.13.183 (172.17.13.183), 30 hops max, 46 byte packets
     1  172-17-13-183.kubernetes.default.svc.cluster.local (172.17.13.183)  0.007 ms  0.009 ms  0.007 ms

  • kubctl get deploy

    Exp.

    localadmin@iiidevops-73:~$ kubectl get deploy
    NAME                 READY   UP-TO-DATE   AVAILABLE   AGE
    devopsapi            1/1     1            1           17h
    devopsdb             1/1     1            1           37m
    devopsui             1/1     1            1           17h
    redmine              1/1     1            1           17h
    redmine-postgresql   1/1     1            1           17h
    sonarqube-server     1/1     1            1           17h

  • kubctl delete deploy [deploy NAME]

    Exp.

    localadmin@iiidevops-73:~$ kubectl delete deploy devopsui devopsdb devopsapi
    deployment.apps "devopsui" deleted
    deployment.apps "devopsdb" deleted
    deployment.apps "devopsapi" deleted

  • kubctl get namespace 

    Exp.

    iiidevops@iiidevops1:~$ kubectl get namespace
    NAME                   STATUS   AGE
    account                Active   49d
    cattle-pipeline        Active   6d22h
    cattle-system          Active   50d
    default                Active   50d
    iii-devops-toolchain   Active   6d22h
    ingress-nginx          Active   50d
    kube-node-lease        Active   50d
    kube-public            Active   50d
    kube-system            Active   50d
    p-pdx2d-pipeline       Active   6d22h
    security-scan          Active   50d

  • kubctl delete namespace [namespace NAME]

    Exp.

    iiidevops@iiidevops1:~$ kubectl delete namespace iii-devops-toolchain
    namespace "iii-devops-toolchain" deleted

  • kubectl get secret [secret_name]

    Exp.

    rkeuser@dev4-86:~$ kubectl get secret
    NAME                                    TYPE                                  DATA   AGE
    default-token-pssx6                     kubernetes.io/service-account-token   3      21d
    gitlab                                  Opaque                                1      21d
    harbor                                  Opaque                                1      21d
    harbor-harbor-clair                     Opaque                                3      21d
    harbor-harbor-clair-internal-tls        kubernetes.io/tls                     3      21d
    harbor-harbor-core                      Opaque                                8      21d
    :

  • 顯示 secret 的內容, 有定義那些 key

    kubectl describe secret [secret_name]

    Exp.

    rkeuser@dev4-86:~$ kubectl describe secret harbor
    Name:         harbor
    Namespace:    default
    Labels:       <none>
    Annotations:  field.cattle.io/creatorId: user-jwvbx
                  field.cattle.io/projectId: local:p-rhflt
                  lifecycle.cattle.io/create.secretsController_local: true
                  secret.user.cattle.io/secret: true
    
    Type:  Opaque
    
    Data
    ====
    harbor-local:  25 bytes

  • 顯示 secret key 的 value 編碼內容

    kubectl get secrets/<secret_name> --template={{.data.<key>}}

    Exp.

    kubectl get secrets/harbor --template={{.data.harbor-local}}

如果要直接解碼可使用 base64 -d 的方式處理 Exp.

kubectl get secrets/harbor --template={{.data.harbor-local}} | base64 -d
  • 實際 pod 的檔案存在 node 內的 /var/lib/kubelet/pods 內, 可透過以下語法獲知 pod 的目錄編號

    kubectl get pods -A -o custom-columns=NodeName:.spec.nodeName,PodName:.metadata.name,PodUID:.metadata.uid

    • 看實際範例
  • tech/kubectl.txt
  • 上一次變更: 2023/02/04 16:47
  • jonathan