k8s常用命令

節(jié)點(diǎn)加入集群生成新的token:

kubeadm token create --print-join-command

查詢資源的描述信息，也就是yaml的字段意思(這里以deployment為例子)：
kubectl explain deployment
kubectl explain deployment.spc

1.命名空間 namespace /ns

方式：1

創(chuàng)建：kubectl create ns hello-ns
刪除：kubectl delete ns hello-ns
查詢：kubectl get ns

方式2：萬能通用方式：通過yaml模板創(chuàng)建 : 創(chuàng)建ns-ceate.yaml

apiVersion: v1
kind: Namespace
metadata:
  name: hello

創(chuàng)建： kubectl apply -f ns-create.yaml
刪除：kubectl delete -f ns-create.yaml

2.pod相關(guān)命令

方式1：命令行創(chuàng)建

創(chuàng)建：kubectl run nginx --image=nginx
查看：kubectl get pods -A -o wide
查詢詳情：kubectl describe pod pod名稱
刪除： kubectl delete pod nginx
查詢?nèi)萜魅罩荆?kubectl logs -c 容器名稱 pod名稱 
進(jìn)入pod的某個(gè)容器：kubectl exec -it pod名稱 -c 容器名稱 -- 命令：如  kubectl exec -it nginx -c nginx -- /bin/bash

方式2：萬能方式：創(chuàng)建：kubectl apply -f xxx.yaml 刪除 kubectl delete -f xxx.yaml

apiVersion: v1
kind: Pod
metadata:
  name: nignx_tomcat
  labels:
    app: nignx_tomcat
  namespace: hello
spec:
  containers:
    - name: nginx
      image: nginx
      imagePullPolicy: IfNotPresent
    - name: tomcat
      image: tomcat:8.5.68
      imagePullPolicy: IfNotPresent
  restartPolicy: Always

3.deployment部署相關(guān)

方式1.：

創(chuàng)建部署 kubectl -n hello create deploy my-first-deploy --image=nginx --replicas=3
刪除部署：kubectl delete deploy my-first-deploy -n hello
擴(kuò)容和縮容：kubectl scale deploy --current-replicas=3 --replicas=4 my-first-deploy -n hello
滾動(dòng)更新：kubectl set image deploy mydeployment ngnix-deplyment=nginx:1.9.1 -n hello
查詢滾動(dòng)更新的狀態(tài)： kubectl rollout status deploy mydeployment -n hello
查詢滾動(dòng)更新的歷史記錄： kubectl rollout history deploy mydeployment -n hello
回滾到某一個(gè)版本： kubectl rollout undo deployment mydeployment --to-revision=1 -n hello

方式2：萬能方式：創(chuàng)建：kubectl apply -f xxx.yaml 刪除 kubectl delete -f xxx.yaml 擴(kuò)容縮容 kubectl edit deployment xxx -n hello

apiVersion: apps/v1
kind: Deployment
metadata:
  name: mydeployment
  namespace: hello
  labels:
    app: mydeployment
spec:
  replicas: 3
  template:
    metadata:
      name: mydeply
      labels:
        app: mydeply
    spec:
      containers:
        - name: ngnix-deplyment
          image: nginx
          imagePullPolicy: IfNotPresent
        - name: tomcat-deplayment
          image: tomcat:8.5.68
          imagePullPolicy: IfNotPresent
      restartPolicy: Always
  selector:
    matchLabels:
      app: mydeply

　3.服務(wù)service的創(chuàng)建

方式1.通過命令行方式創(chuàng)建：

創(chuàng)建service: 將一個(gè)deployment暴露成一組服務(wù)
1.默認(rèn)模式基于clusterIp
   先查詢deployment的標(biāo)簽
   kubectl get deploy --show-labels -A
   找到對應(yīng)的標(biāo)簽名稱開始創(chuàng)建(-n hello表示命名空間為hello)：
   kubectl expose deployment my-nginx --port=8088 --target-port=80 --type=ClusterIp -n hello
   集群內(nèi)才能訪問(查詢服務(wù)的IP) 
   kubectl get svc -n hello
   最后訪問：http://服務(wù)的ip:8088
   其他pod內(nèi)部訪問：服務(wù)名稱.命名空間:8088 如這里的是 http://my-nginx.hello:8088
2. 基于NodePort (比clusterIp方式多了一種訪問方式節(jié)點(diǎn)Ip:端口)
   創(chuàng)建方式：kubectl expose deployment my-nginx --port=8088 --target-port=80 --type=NodePort -n hello

方式2.萬能公式，通過yaml模式創(chuàng)建 kubectl apply -f xxx.yaml 刪除 kubectl delete -f xxx.yaml

apiVersion: v1
kind: Service
metadata:
  name: hello-service
  namespace: hello
spec:
  selector:
    app: mydeply     #這里的標(biāo)簽要跟deployment中的pod標(biāo)簽對應(yīng)而不是跟deployment的標(biāo)簽對應(yīng)，可以過kubectl get pod --show-labels -A 查詢pod的標(biāo)簽
  ports:
    - port: 8089
      targetPort: 80
      nodePort: 30033
  type: NodePort

4. ingress: 可以根據(jù)域名來對服務(wù)進(jìn)行轉(zhuǎn)發(fā) 下載進(jìn)行安裝： wget https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v0.47.0/deploy/static/provider/baremetal/deploy.yaml

ingress也是一個(gè)服務(wù)，通過NodePort方式暴露，我這里暴露的短點(diǎn)是32721

將服務(wù)暴露成ingress服務(wù)：

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: hello-ingress
  namespace: hello
  annotations:
    nginx.ingress.kubernetes.io/limit-rps: "1" #限流
spec:
  ingressClassName: nginx
  rules:
    - host: "hello.shop.com"
      http:
        paths:
          - path: "/"
            pathType: Prefix
            backend:
              service:
                name: hello-service
                port:
                  number: 8089
    - host: "hello.tom.com"
      http:
        paths:
          - path: "/kk"
            pathType: Prefix
            backend:
              service:
                name: tomcat-service
                port:
                  number: 8077  #如果service是使用NodePort方式，這里用的是集群內(nèi)部的那個(gè)端口

上面例子：在windows配置域名跟linux其中一臺(tái)服務(wù)器進(jìn)行映射：

之后在windows中訪問 http://hello.shop.com:32721 就可以訪問到hello-service對應(yīng)的pod了，訪問http://hello.tom.com:32721/kk就可以訪問到tomcat-service對應(yīng)的pod了

查詢ingress服務(wù)：

容易錯(cuò)的地方：service /deployment/pod/ingress要用相同的命名空間

4.存儲(chǔ)

a: nfs存儲(chǔ)：原理

#所有機(jī)器安裝
yum install -y nfs-utils

#nfs主節(jié)點(diǎn)
echo "/nfs/data/ *(insecure,rw,sync,no_root_squash)" > /etc/exports

mkdir -p /nfs/data
systemctl enable rpcbind --now
systemctl enable nfs-server --now
#配置生效
exportfs -r

#nfs從節(jié)點(diǎn)
showmount -e 172.31.0.4

#執(zhí)行以下命令掛載 nfs 服務(wù)器上的共享目錄到本機(jī)路徑 /root/nfsmount
mkdir -p /nfs/data
#將主節(jié)點(diǎn)的目錄跟從節(jié)點(diǎn)關(guān)聯(lián)
mount -t nfs 172.31.0.4:/nfs/data /nfs/data
# 寫入一個(gè)測試文件
echo "hello nfs server" > /nfs/data/test.txt

創(chuàng)建一個(gè)deployment測試：先在任意節(jié)點(diǎn)的 /nfs/data下創(chuàng)建一個(gè)nginx目錄，然后再創(chuàng)建一個(gè)index.html

apiVersion: apps/v1
kind: Deployment
metadata:
  labels:
    app: nginx-nsf
  name: nginx-nsf
spec:
  replicas: 2
  selector:
    matchLabels:
      app: nginx-nsf
  template:
    metadata:
      labels:
        app: nginx-nsf
    spec:
      containers:
        - image: nginx
          name: nginx
          volumeMounts:
            - mountPath: /usr/share/nginx/html
              name: index
      volumes:
        - name: index
          nfs:
            path: /nfs/data/nginx
            server: 192.168.233.10

運(yùn)行后，訪問nginx可以訪問到你自己寫的index.html.刪除delpoy再創(chuàng)建，依然可以訪問到

b: PV和PVC的使用：原理：

在/nfs/data/下創(chuàng)建三個(gè)文件夾：pv-01 pv-02 pv-03

#創(chuàng)建三個(gè)存儲(chǔ)卷 分別是pv-01 pv-02 pv-03并聲明大小
apiVersion: v1
kind: PersistentVolume
metadata:
  name: pv-01
spec:
  capacity:
    storage: 10M
  accessModes:
    - ReadWriteMany
  storageClassName: nfs
  nfs:
    path: /nfs/data/pv-01
    server: 192.168.233.10
---

apiVersion: v1
kind: PersistentVolume
metadata:
  name: pv-02
spec:
  capacity:
    storage: 1Gi
  accessModes:
    - ReadWriteMany
  storageClassName: nfs
  nfs:
    path: /nfs/data/pv-02
    server: 192.168.233.10
---
apiVersion: v1
kind: PersistentVolume
metadata:
  name: pv-03
spec:
  capacity:
    storage: 500M
  accessModes:
    - ReadWriteMany
  storageClassName: nfs
  nfs:
    path: /nfs/data/pv-03
    server: 192.168.233.10


---
#創(chuàng)建一個(gè)持久化請求，聲明需要的內(nèi)存大小
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: nginx-pvc
spec:
  accessModes:
    - ReadWriteMany
  resources:
    requests:
      storage: 200Mi
  storageClassName: nfs

---
#將pod和pvc進(jìn)行綁定
apiVersion: apps/v1
kind: Deployment
metadata:
  labels:
    app: nginx-deploy-pvc
  name: nginx-deploy-pvc
spec:
  replicas: 2
  selector:
    matchLabels:
      app: nginx-deploy-pvc
  template:
    metadata:
      labels:
        app: nginx-deploy-pvc
    spec:
      containers:
        - image: nginx
          name: nginx
          volumeMounts:
            - name: html
              mountPath: /usr/share/nginx/html
      volumes:
        - name: html
          persistentVolumeClaim:
            claimName: nginx-pvc

查詢PV: kubectl get pv
查詢PVC: kubectl get pvc

c: configMap的使用，一般用來指定配置文件

apiVersion: v1
kind: ConfigMap
metadata:
  name: redis-config
data:
  redis.conf: |
    appendonly yes
---
apiVersion: v1
kind: Pod
metadata:
  name: redis
spec:
  containers:
    - name: redis
      image: redis
      command:
        - redis-server
        - "/redis-master/redis.conf"  #指的是redis容器內(nèi)部的位置
      ports:
        - containerPort: 6379
      volumeMounts:
        - mountPath: /data
          name: data
        - mountPath: /redis-master
          name: config
  volumes:
    - name: data
      emptyDir: {}
    - name: config
      configMap:
        name: redis-config
        items:
          - key: redis.conf
            path: redis.conf

查詢configMap: kubectl get cm
命令行創(chuàng)建configMap:  kubectl create cm redis-conf --from-file=redis.conf
上面創(chuàng)建容器的后，進(jìn)入容器查詢配置 
kubectl exec -it redis -c redis -- /bin/bash
redis-cli命令，然后config get appendonly查詢結(jié)果是否正確

d: secret的使用，當(dāng)我們需要拉取私服鏡像需要賬號(hào)密碼的時(shí)候，可以通過他來實(shí)現(xiàn)：

創(chuàng)建secret: kubectl create secret docker-registry my-dokcer-secrect --docker-username=user --docker-password=password --docker-email=email

應(yīng)用：

apiVersion: v1
kind: Pod
metadata:
  name: private-nginx
spec:
  containers:
  - name: private-nginx
    image: yangxiaohui/nginx:v1.0
  imagePullSecrets:
  - name: my-docker-secret

e.有狀態(tài)服務(wù)創(chuàng)建：StatefulSet

apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: statefulset-pvc
spec:
  accessModes:
    - ReadWriteMany
  resources:
    requests:
      storage: 800M
  storageClassName: nfs
---


apiVersion: v1
kind: Service
metadata:
  name: nginx
  labels:
    app: nginx
spec:
  ports:
    - port: 80
      name: web
  clusterIP: None
  selector:
    app: nginx
---
apiVersion: apps/v1
kind: StatefulSet
metadata:
  name: web
spec:
  serviceName: "nginx"
  replicas: 2
  selector:
    matchLabels:
      app: nginx
  template:
    metadata:
      labels:
        app: nginx
    spec:
      containers:
        - name: nginx
          image: nginx
          ports:
            - containerPort: 80
              name: web
          volumeMounts:
            - name: www
              mountPath: /usr/share/nginx/html
      volumes:
        - name: www
          persistentVolumeClaim:
            claimName: statefulset-pvc

在其他pod中，可以通過域名訪問：web-0.nginx.default.svc.cluster.local 或者 web-1.nginx.default.svc.cluster.local，因?yàn)閟tatefulset創(chuàng)建的pod,命名都是statefulset的name-0或n

f: DaemonSet 守護(hù)進(jìn)程，一般用于收集日志用

apiVersion: apps/v1
kind: DaemonSet
metadata:
  name: fluentd-elasticsearch
  namespace: kube-system
  labels:
    k8s-app: fluentd-logging
spec:
  selector:
    matchLabels:
      name: fluentd-elasticsearch
  template:
    metadata:
      labels:
        name: fluentd-elasticsearch
    spec:
      tolerations:
        # 這些容忍度設(shè)置是為了讓該守護(hù)進(jìn)程集在控制平面節(jié)點(diǎn)上運(yùn)行
        # 如果你不希望自己的控制平面節(jié)點(diǎn)運(yùn)行 Pod，可以刪除它們
        - key: node-role.kubernetes.io/control-plane
          operator: Exists
          effect: NoSchedule
        - key: node-role.kubernetes.io/master
          operator: Exists
          effect: NoSchedule
      containers:
        - name: fluentd-elasticsearch
          image: quay.io/fluentd_elasticsearch/fluentd:v2.5.2
          resources:
            limits:
              memory: 200Mi
            requests:
              cpu: 100m
              memory: 200Mi
          volumeMounts:
            - name: varlog
              mountPath: /var/log
      terminationGracePeriodSeconds: 30
      volumes:
        - name: varlog
          hostPath:
            path: /var/log

posted @ 2023-06-06 15:46 yangxiaohui227 閱讀(80) 評(píng)論(0) 收藏舉報(bào)

刷新頁面返回頂部

yangxiaohui227

k8s常用命令

公告