常见api
资源对象: pod, replicaset , replicationcontroller, deployment , statefulset , daemonset,
job, cronjob ,horizontalpodautoscaling, node ,namespace, service ,ingress , label , customresourcedefinition
存储对象: vaume, persistentvoleme, secret ,configmap
策略对象: securitycontext , resourcequota,limitrange
身份对象: serviceaccount ,role, clusterrole
服务发现与负载均衡: service ingress
查看pod详细信息
[root@kubeadm-master1 namespaces]# kubectl describe pod nginx-deployment-67dfd6c8f9-5s6nz
Name: nginx-deployment-67dfd6c8f9-5s6nz
Namespace: default
Priority: 0
Node: ha2.example.local/192.168.1.214
Start Time: Thu, 21 Dec 2023 14:11:30 +0800
Labels: app=nginx
pod-template-hash=67dfd6c8f9
Annotations: <none>
Status: Running
IP: 10.100.4.9
IPs:
IP: 10.100.4.9
Controlled By: ReplicaSet/nginx-deployment-67dfd6c8f9
Containers:
nginx:
Container ID: docker://60e1219c96fd4a8a86dcd8fa92197e37607cf416393adf5ed77e79feef7d71ee
Image: nginx:1.18.0
Image ID: docker-pullable://nginx@sha256:e90ac5331fe095cea01b121a3627174b2e33e06e83720e9a934c7b8ccc9c55a0
Port: 80/TCP
Host Port: 0/TCP
State: Running
Started: Fri, 22 Dec 2023 10:56:04 +0800
Last State: Terminated
Reason: Completed
Exit Code: 0
Started: Thu, 21 Dec 2023 14:11:37 +0800
Finished: Fri, 22 Dec 2023 10:55:19 +0800
Ready: True
Restart Count: 1
Environment: <none>
Mounts:
/var/run/secrets/kubernetes.io/serviceaccount from default-token-75cq9 (ro)
Conditions:
Type Status
Initialized True
Ready True
ContainersReady True
PodScheduled True
Volumes:
default-token-75cq9:
Type: Secret (a volume populated by a Secret)
SecretName: default-token-75cq9
Optional: false
QoS Class: BestEffort
Node-Selectors: <none>
Tolerations: node.kubernetes.io/not-ready:NoExecute op=Exists for 300s
node.kubernetes.io/unreachable:NoExecute op=Exists for 300s
Events: <none>
k8s 基础命令,配置命令,集群管理命令
create/delete/edit/get/describe/logs/exec/scale 增删改查
explain 命令说明
Label:给node标记label,实现亲pod与node亲和性 标签管理
apply 动态管理
cluster-info/top 集群状态
node节点管理
cordon:警戒线,标记node不被调度
uncordon:取消警戒标记为cordon的node
drain:驱逐node上的pod,用于node下线等场景
taint:给node标记污点,实现反亲pod与node反亲和性
api-resources/api-versions/version api资源
config 客户端kube-config配置
yaml 文件必备内容
对象 用k8s是和什么打交道? K8s 声明式API
yaml文件 怎么打交道? 调用声明
必需字段 怎么声明?
1. apiVersion - 创建该对象所使用的 Kubernetes API 的版本
2. kind - 想要创建的对象的类型
3. metadata - 帮助识别对象唯一性的数据,包括一个 name 名称 、
可选的 namespace
4. spec
5. status(Pod创建完成后k8s自动生成status状态
yaml文件及必需字段
每个API对象都有3大类属性:元数据metadata、规范spec和状态status。
spec和status的区别:
spec是期望状态
status是实际状态
查看node详细信息
[root@kubeadm-master1 namespaces]# kubectl describe node kubeadm-master2.example.local
Name: kubeadm-master2.example.local
Roles: control-plane,master
Labels: beta.kubernetes.io/arch=amd64
beta.kubernetes.io/os=linux
kubernetes.io/arch=amd64
kubernetes.io/hostname=kubeadm-master2.example.local
kubernetes.io/os=linux
node-role.kubernetes.io/control-plane=
node-role.kubernetes.io/master=
Annotations: flannel.alpha.coreos.com/backend-data: {"VNI":1,"VtepMAC":"fe:7f:bf:96:44:99"}
flannel.alpha.coreos.com/backend-type: vxlan
flannel.alpha.coreos.com/kube-subnet-manager: true
flannel.alpha.coreos.com/public-ip: 108.181.252.210
kubeadm.alpha.kubernetes.io/cri-socket: /var/run/dockershim.sock
node.alpha.kubernetes.io/ttl: 0
volumes.kubernetes.io/controller-managed-attach-detach: true
CreationTimestamp: Wed, 20 Dec 2023 22:18:14 +0800
Taints: node-role.kubernetes.io/master:NoSchedule
Unschedulable: false
Lease:
HolderIdentity: kubeadm-master2.example.local
AcquireTime: <unset>
RenewTime: Thu, 28 Dec 2023 23:12:53 +0800
Conditions:
Type Status LastHeartbeatTime LastTransitionTime Reason Message
---- ------ ----------------- ------------------ ------ -------
NetworkUnavailable False Fri, 22 Dec 2023 00:35:46 +0800 Fri, 22 Dec 2023 00:35:46 +0800 FlannelIsUp Flannel is running on this node
MemoryPressure False Thu, 28 Dec 2023 23:08:31 +0800 Thu, 21 Dec 2023 12:37:00 +0800 KubeletHasSufficientMemory kubelet has sufficient memory available
DiskPressure False Thu, 28 Dec 2023 23:08:31 +0800 Thu, 21 Dec 2023 12:37:00 +0800 KubeletHasNoDiskPressure kubelet has no disk pressure
PIDPressure False Thu, 28 Dec 2023 23:08:31 +0800 Thu, 21 Dec 2023 12:37:00 +0800 KubeletHasSufficientPID kubelet has sufficient PID available
Ready True Thu, 28 Dec 2023 23:08:31 +0800 Thu, 21 Dec 2023 12:37:00 +0800 KubeletReady kubelet is posting ready status
Addresses:
InternalIP: 192.168.1.210
Hostname: kubeadm-master2.example.local
Capacity:
cpu: 3
ephemeral-storage: 62450Mi
hugepages-1Gi: 0
hugepages-2Mi: 0
memory: 3879812Ki
pods: 110
Allocatable:
cpu: 3
ephemeral-storage: 58935213983
hugepages-1Gi: 0
hugepages-2Mi: 0
memory: 3777412Ki
pods: 110
System Info:
Machine ID: 718c8cab91d1432b95df7fe5720bc472
System UUID: 33BAD449-002B-4F38-83B2-6DE6EC2710AD
Boot ID: 9d3b25e6-14fd-454f-88a6-beac627dca20
Kernel Version: 3.10.0-1160.90.1.el7.x86_64
OS Image: CentOS Linux 7 (Core)
Operating System: linux
Architecture: amd64
Container Runtime Version: docker://19.3.15
Kubelet Version: v1.20.6
Kube-Proxy Version: v1.20.6
PodCIDR: 10.100.2.0/24
PodCIDRs: 10.100.2.0/24
Non-terminated Pods: (6 in total)
Namespace Name CPU Requests CPU Limits Memory Requests Memory Limits AGE
--------- ---- ------------ ---------- --------------- ------------- ---
kube-flannel kube-flannel-ds-rbsnd 100m (3%) 0 (0%) 50Mi (1%) 0 (0%) 8d
kube-system etcd-kubeadm-master2.example.local 100m (3%) 0 (0%) 100Mi (2%) 0 (0%) 6d22h
kube-system kube-apiserver-kubeadm-master2.example.local 250m (8%) 0 (0%) 0 (0%) 0 (0%) 6d22h
kube-system kube-controller-manager-kubeadm-master2.example.local 200m (6%) 0 (0%) 0 (0%) 0 (0%) 6d22h
kube-system kube-proxy-89zwn 0 (0%) 0 (0%) 0 (0%) 0 (0%) 6d23h
kube-system kube-scheduler-kubeadm-master2.example.local 100m (3%) 0 (0%) 0 (0%) 0 (0%) 6d22h
Allocated resources:
(Total limits may be over 100 percent, i.e., overcommitted.)
Resource Requests Limits
-------- -------- ------
cpu 750m (25%) 0 (0%)
memory 150Mi (4%) 0 (0%)
ephemeral-storage 100Mi (0%) 0 (0%)
hugepages-1Gi 0 (0%) 0 (0%)
hugepages-2Mi 0 (0%) 0 (0%)
Events: <none>
给node打标签
[root@kubeadm-master1 namespaces]# kubectl label node ha1.example.local group=m43
node/ha1.example.local labeled
[root@kubeadm-master1 namespaces]# kubectl describe node ha1.example.local
Name: ha1.example.local
Roles: <none>
Labels: beta.kubernetes.io/arch=amd64
beta.kubernetes.io/os=linux
group=m43
可以利用yaml 文件对这些进行分组指定
kubectl top
[root@kubeadm-master1 namespaces]# kubectl top node
error: Metrics API not available
暂时没有安装插件,自行谷歌
cordon
cordon:警戒线,标记node不被调度
uncordon:取消警戒标记为cordon的node
[root@kubeadm-master1 namespaces]# kubectl get node
NAME STATUS ROLES AGE VERSION
ha1.example.local Ready <none> 8d v1.20.6
ha2.example.local Ready <none> 8d v1.20.6
kubeadm-master1.example.local Ready control-plane,master 8d v1.20.6
kubeadm-master2.example.local Ready control-plane,master 8d v1.20.6
kubeadm-master3.example.local Ready control-plane,master 8d v1.20.6
[root@kubeadm-master1 namespaces]# kubectl cordon ha1.example.local
node/ha1.example.local cordoned
[root@kubeadm-master1 namespaces]# kubectl get node
NAME STATUS ROLES AGE VERSION
ha1.example.local Ready,SchedulingDisabled <none> 8d v1.20.6
ha2.example.local Ready <none> 8d v1.20.6
kubeadm-master1.example.local Ready control-plane,master 8d v1.20.6
kubeadm-master2.example.local Ready control-plane,master 8d v1.20.6
kubeadm-master3.example.local Ready control-plane,master 8d v1.20.6
[root@kubeadm-master1 namespaces]# kubectl get node
NAME STATUS ROLES AGE VERSION
ha1.example.local Ready <none> 8d v1.20.6
ha2.example.local Ready <none> 8d v1.20.6
kubeadm-master1.example.local Ready control-plane,master 8d v1.20.6
kubeadm-master2.example.local Ready control-plane,master 8d v1.20.6
kubeadm-master3.example.local Ready control-plane,master 8d v1.20.6
一个服务器下线之前正常操作
先打上cordon 警戒线
然后驱逐pod
kubectl drain ha1.example.local --force --ignore-daemonsets
最后这个服务器可以进行下线