kubelet常用命令
管理k8s核心资源的三种基本方法
陈述式管理:依赖命令行(CLI)工具管理
声明式管理:依赖统一资源配置清单(manifest)
GUI式管理 :依赖图形化操作界面(WEB界面)
- 安装docker,containerd
curl -fsSL https://mirrors.aliyun.com/docker-ce/linux/ubuntu/gpg | sudo apt-key add -
add-apt-repository "deb [arch=amd64] https://mirrors.aliyun.com/docker-ce/linux/ubuntu $(lsb_release -cs) stable"
apt update -y
apt-get -y install docker-ce containerd.io
2
3
4
5
- 安装kubeadm,kubectl
curl -fsSL https://mirrors.aliyun.com/kubernetes/apt/doc/apt-key.gpg | apt-key add -
curl -fsSL https://mirrors.aliyun.com/kubernetes-new/core/stable/v1.28/deb/Release.key | gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg
echo "deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://mirrors.aliyun.com/kubernetes-new/core/stable/v1.28/deb/ /" | tee /etc/apt/sources.list.d/kubernetes.list
apt update -y
apt install -y kubectl=1.28.15-1.1 kubelet=1.28.15-1.1 kubeadm=1.28.15-1.1 ipvsadm ipset conntrack
2
3
4
5
# kubelet命令自动补全
yum install -y bash-completion
source /usr/share/bash-completion/bash_completion
source <(kubectl completion bash)
echo "source <(kubectl completion bash)" >> ~/.bashrc
2
3
4
5
ubuntu系统添加:echo 'source /usr/share/bash-completion/bash_completion' >> ~/.bashrc
# 陈述式资源管理kubectl
- 排错常用命令
kubeadm certs check-expiration
kubectl get -A
kubectl get pod -n default
kubectl get all -n traefik -owide
kubectl logs -n kube-system coredns-5775bf54c8-d4q6k
kubectl describe -n kube-system pod coredns-5775bf54c8-d4q6k
kubectl get pod -n traefik -o yaml
kubectl explain ingresses
kubectl exec -it -n traefik traefik-7l8qm /bin/sh
kubectl exec -it -n traefik traefik-7l8qm -c redis /bin/sh #进入到指定redis容器
kubectl describe secrets -n kube-system coredns-token-44fzk
kubectl get endpoints
kubectl edit -n traefik middlewares.traefik.containo.us compress
kubectl edit -n traefik middlewares.traefik.containo.us stripprefix
- 标签labels。与roles
kubectl get nodes --show-labels
kubectl label node hdss14-21.host.com node-role.kubernetes.io/master=
kubectl label node hdss14-21.host.com node-role.kubernetes.io/worker=
kubectl label node hdss14-21.host.com jenkins-slave=true #选择指定node节点运行,nodeSelector: jenkins-slave=true
kubectl get nodes --show-labels -l node-role.kubernetes.io/worker=
kubectl get pod --show-labels -n kube-system -L k8s-app #新增列,显示的时候新增k8s-app列
2
3
4
5
6
7
8
9
10
11
jenkins-slave=true 记录
spec:
containers:
........省略
affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: jenkins-slave
operator: In
values:
- true
2
3
4
5
6
7
8
9
10
11
12
13
- 污点
kubectl describe nodes hdss14-21.host.com
kubectl describe nodes hdss14-21.host.com |grep -i Taints
kubectl taint nodes hdss14-21.host.com node-role.kubernetes.io/master=master:NoSchedule #添加, key=value:动作(查看帮助:kubectl taint -)
kubectl taint node hdss14-21.host.com node-role.kubernetes.io/master- #删除
2
3
4
# node节点下线
备份集群状态,备份持久化存储数据
- 查看集群节点
kubectl get nodes
- 修改节点agent-05不可调度
kubectl cordon node agent-05 ,恢复调度 uncordon
- 驱逐agent-05上的pod,正常生产业务大流量不建议直接驱逐,应该是单个pod清理部分,再驱逐
kubectl drain node agent-05,忽略错误:kubectl drain agent-05 --force --ignore-errors --ignore-daemonsets
- 删除节点,你确定删除了吗?
驱逐node上的pod,其他节点重新创建,然后从manage上删除该node,失去控制,且不可恢复
kubectl delete nodes agent-05
- 如果是rke
修改cluster.yml,然后更新配置
rke up --update-only
# helm
- helm命令补全
helm completion bash
helm completion fish
helm completion zsh
2
3
# 安装kubesphere
export KKZONE=cn
curl -sfL https://get-kk.kubesphere.io | sh -
apt install socat conntrack -y
wget https://charts.kubesphere.io/main/ks-core-1.1.4.tgz
tar xf ks-core-1.1.4.tgz
cd ks-core/
helm upgrade --install -n kubesphere-system --create-namespace ks-core ./ --debug --wait --set extension.imageRegistry=swr.cn-southwest-2.myhuaweicloud.com/ks --set global.imageRegistry=swr.cn-southwest-2.myhuaweicloud.com/ks
2
3
4
5
6
7
8
9