关于kubectl version正确的显示方式
Kubernetes交互时,使用命令kubectl,接下来详细解释kubectl,首先要检查kubectl是否已安装,运行kubectl version命令:
[centos@16 kubernetes]$ kubectl version
Client Version: version.Info{Major:"1", Minor:"5", GitVersion:"v1.5.2", GitCommit:"08e099554f
3c31f6e6f07b448ab3ed78d0520507", GitTreeState:"clean", BuildDate:"2017-01-12T04:57:25Z", GoVe
rsion:"go1.7.4", Compiler:"gc", Platform:"linux/amd64"}
Server Version: version.Info{Major:"1", Minor:"5", GitVersion:"v1.5.2", GitCommit:"08e099554f
3c31f6e6f07b448ab3ed78d0520507", GitTreeState:"clean", BuildDate:"1970-01-01T00:00:00Z", GoVe
rsion:"go1.7.1", Compiler:"gc", Platform:"linux/amd64"}
但是我本地的两个CentOS是这么显示╮(╯-╰)╭ :
[centos@16 kubernetes]$ kubectl version
Client Version: version.Info{Major:"1", Minor:"6", GitVersion:"v1.6.4", GitCommit:"d6f433224538d4f9ca2f7ae19b252e6fcb66a3ae", GitTreeState:"clean", BuildDate:"2017-05-19T18:44:27Z", GoVersion:"go1.7.5", Compiler:"gc", Platform:"linux/amd64"}
Error in configuration:
* unable to read client-cert /kubernetes/path/to/my/client/cert for green-user due to open /kubernetes/path/to/my/client/cert: no such file or directory
* unable to read client-key /kubernetes/path/to/my/client/key for green-user due to open /kubernetes/path/to/my/client/key: no such file or directory
* unable to read certificate-authority /kubernetes/path/to/my/cafile for horse-cluster due to open /kubernetes/path/to/my/cafile: no such file or directory
[centos@35 ~]$ kubectl version
Client Version: version.Info{Major:"1", Minor:"6", GitVersion:"v1.6.4", GitCommit:"d6f433224538d4f9ca2f7ae19b252e6fcb66a3ae", GitTreeState:"clean", BuildDate:"2017-05-19T18:44:27Z", GoVersion:"go1.7.5", Compiler:"gc", Platform:"linux/amd64"}
The connection to the server localhost:8080 was refused - did you specify the right host or port?
关于kubectl cluster-info集群信息
运行中会有一个master和一个仪表板。 Kubernetes仪表板允许可以在UI中查看应用程序。 在本教程中,我们将专注于部署和探索我们的应用程序的命令行。 要查看群集中的节点,请运行kubectl get nodes命令:
[centos@35 ~]$ kubectl cluster-info
Kubernetes master is running at http://host01:8080
heapster is running at http://host01:8080/api/v1/proxy/namespaces/kube-system/services/heapst
kubernetes-dashboard is running at http://host01:8080/api/v1/proxy/namespaces/kube-system/ser
monitoring-grafana is running at http://host01:8080/api/v1/proxy/namespaces/kube-system/servi
monitoring-influxdb is running at http://host01:8080/api/v1/proxy/namespaces/kube-system/serv
To further debug and diagnose cluster problems, use 'kubectl cluster-info dump'.
我的:
[centos@16 ~]$ kubectl cluster-info
Kubernetes master is running at https://202.193.75.16:6443
KubeDNS is running at https://202.193.75.16:6443/api/v1/proxy/namespaces/kube-system/services/kube-dns
To further debug and diagnose cluster problems, use 'kubectl cluster-info dump'.
关于kubectl get nodes信息
此命令显示可用于托管我们的应用程序的所有节点。 现在我们只有一个节点,我们可以看到它的状态已经准备就绪(它准备好接受应用程序部署):
[centos@35 ~]$ kubectl get nodes
NAME STATUS AGE
host01 Ready 1m
关于kubectl run运行第一个应用
用kubectl run命令在Kubernetes上运行第一个应用程序。 运行命令会创建一个新的部署,我们需要提供部署名称和应用程序映像位置(包括Docker外部托管的映像的完整存储库url)。 我们要在特定端口上运行应用程序,所以我们添加了--port参数
[centos@35 ~]$ kubectl run kubernetes-bootcamp --image=docker.io/jocatalin/kubernetes-bootcamp:v1 --port=8080 deployment "kubernetes-bootcamp" created
这时已经成功部署了一个应用。列出部署方案get deployments命令:
[centos@35 ~]$ kubectl get deployments
NAME DESIRED CURRENT UP-TO-DATE AVAILABLE AGE
kubernetes-bootcamp 1 1 1 1 1m
可以看到有一个单节点的实例在运行,该实例正在节点上的Docker容器中运行。
kubernetes cluster
关于kubectl proxy代理路由
默认情况下,部署的应用智能在kubernetes集群内显示,外网公开之后介绍。我们将使用代理程序在终端和kubernetes集群创建一个路由。
[centos@35 ~]$ kubectl proxy
Starting to serve on 127.0.0.1:8001
此时,主机与kubernetes集群由了一个连接,proxy可以直接调用API,应用运行在Pod中,获取Pod的名称并将其存储在POD_NAME环境变量中:
[centos@35 ~]$ export POD_NAME=$(kubectl get pods -o go-template --template '{{range .items}}{{.metadata.name}}{{"\n"}}{{end}}') echo Name of the Pod: $POD_NAME
nge .items}}{{.metadata.name}}{{"\n"}}{{end}}')mplate --template '{{ra
> echo Name of the Pod: $POD_NAME
Name of the Pod: kubernetes-bootcamp-390780338-cstrc
查看应用的输出结果,运行一个curl 请求
[centos@35 ~]$ curl http://localhost:8001/api/v1/proxy/namespaces/default/pods/$POD_NAME/OD_NAME/ http://localhost:8001/api/v1/proxy/namespaces/default/pods/$P
Hello Kubernetes bootcamp! | Running on: kubernetes-bootcamp-390780338-cstrc | v=1
这个URL是路由通过API调用的Pod。
关于Pod的使用
Pod是kubernetes的最小单元,可以运行一个或者一组docker,可以共享资源:
- 共享数据卷,Volumes
- 共享网络,用集群IP作为唯一标识
- 包括没个容器的信息,如容器的版本、端口
一个Pod模型可以包含紧密耦合的不同应用的容器,比如es集群在Pod中可以共享IP和端口。
Pods overview
Pod存在在Node节点当中,其中每一个Nodes中包括Kubelet和Container,其概况如图所示:
Node overview
关于应用程序的使用
查看现有的Pods状态kubectl get命令:
[centos@35 ~]$ kubectl get pods
NAME READY STATUS RESTARTS AGE
kubernetes-bootcamp-390780338-f31jg 1/1 Running 0 1m
查看Pod内部的容器以及构建容器的镜像kubectl describe pods命令:
[centos@35 ~]$ kubectl describe pods
Name: kubernetes-bootcamp-390780338-f31jg
Namespace: default
Node: host01/172.17.0.56
Start Time: Wed, 28 Jun 2017 09:28:40 +0000
Labels: pod-template-hash=390780338
run=kubernetes-bootcamp
Status: Running
IP: 172.18.0.2
Controllers: ReplicaSet/kubernetes-bootcamp-390780338
Containers:
kubernetes-bootcamp:
Container ID: docker://235537e3fd3014335a93d2045ced770995782654ede89a1d14e6da415247cb16
Image: docker.io/jocatalin/kubernetes-bootcamp:v1
Image ID: docker-pullable://jocatalin/kubernetes-bootcamp@sha256:0d6b8ee63bb57c5f5b6156f446b3bc3b3c143d233037f3a2f00e279c8fcc
64af
Port: 8080/TCP
State: Running
Started: Wed, 28 Jun 2017 09:28:40 +0000
Ready: True
Restart Count: 0
Volume Mounts:
/var/run/secrets/kubernetes.io/serviceaccount from default-token-hg38n (ro)
Environment Variables: <none>
Conditions:
Type Status
Initialized True
Ready True
PodScheduled True
Volumes:
default-token-hg38n:
Type: Secret (a volume populated by a Secret)
SecretName: default-token-hg38n
QoS Class: BestEffort
Tolerations: <none>
Events:
FirstSeen LastSeen Count From SubObjectPath Type Reason Mes
sage
--------- -------- ----- ---- ------------- -------- ------ ---
----
8m 8m 1 {default-scheduler } Normal Scheduled Suc
cessfully assigned kubernetes-bootcamp-390780338-f31jg to host01
8m 8m 1 {kubelet host01} spec.containers{kubernetes-bootcamp} Normal Pulled Con
tainer image "docker.io/jocatalin/kubernetes-bootcamp:v1" already present on machine
8m 8m 1 {kubelet host01} spec.containers{kubernetes-bootcamp} Normal Created Cre
ated container with docker id 235537e3fd30; Security:[seccomp=unconfined]
8m 8m 1 {kubelet host01} spec.containers{kubernetes-bootcamp} Normal Started Sta
rted container with docker id 235537e3fd30
我们可以看到Pod中容器的IP,端口,生命周期等。默认情况下,Pod仅在集群中可见,所以要从主机访问应用还需要proxy创建主机与kubernetes集群的联系kubectl proxy,proxy命令在前台运行,所有的命令都在单独的终端中运行。所以输入命令启动一个新的终端,需要得到Pod的姓名,并且把POD_NAME存入环境变量。
[centos@35 ~]$ export POD_NAME=$(kubectl get pods -o go-template --template '{{range .items}}{{.metadata.name}}{{"\n"}}{{end}}') echo Name of the Pod: $POD_NAME
nge .items}}{{.metadata.name}}{{"\n"}}{{end}}')mplate --template '{{ra
> echo Name of the Pod: $POD_NAME
Name of the Pod: kubernetes-bootcamp-390780338-nmk13
此时,输入curl可以查看输出结果
[centos@35 ~]$ curl http://localhost:8001/api/v1/proxy/namespaces/default/pods/$POD_NAME/
Hello Kubernetes bootcamp! | Running on: kubernetes-bootcamp-390780338-nmk13 | v=1
要获取这个容器的日志使用kubectl logs命令:
[centos@35 ~]$ kubectl logs $POD_NAME
Kubernetes Bootcamp App Started At: 2017-06-28T14:54:50.302Z | Running On: kubernetes-bootca
Running On: kubernetes-bootcamp-390780338-nmk13 | Total Requests: 1 | App Uptime: 110.365 sec
Running On: kubernetes-bootcamp-390780338-nmk13 | Total Requests: 2 | App Uptime: 113.95 seco
Running On: kubernetes-bootcamp-390780338-nmk13 | Total Requests: 3 | App Uptime: 116.3 secon
Running On: kubernetes-bootcamp-390780338-nmk13 | Total Requests: 4 | App Uptime: 121.945 sec
Running On: kubernetes-bootcamp-390780338-nmk13 | Total Requests: 5 | App Uptime: 168.014 sec
关于execute命令的使用
比如使用exec和Pod_Name来查看环境变量:
[centos@35 ~]$ kubectl exec $POD_NAME env
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
HOSTNAME=kubernetes-bootcamp-390780338-nmk13
KUBERNETES_PORT=tcp://10.0.0.1:443
KUBERNETES_PORT_443_TCP=tcp://10.0.0.1:443
KUBERNETES_PORT_443_TCP_PROTO=tcp
KUBERNETES_PORT_443_TCP_PORT=443
KUBERNETES_PORT_443_TCP_ADDR=10.0.0.1
KUBERNETES_SERVICE_HOST=10.0.0.1
KUBERNETES_SERVICE_PORT=443
KUBERNETES_SERVICE_PORT_HTTPS=443
NPM_CONFIG_LOGLEVEL=info
NODE_VERSION=6.3.1
HOME=/root
注意,因为我们只运行了一个Pod,所以我们可以省略容器本身的名字.下面,启动一个Pod容器:
[centos@35 ~]$ kubectl exec -ti $POD_NAME bash
root@kubernetes-bootcamp-390780338-nmk13:/#
通过curl检查应用启动情况:
root@kubernetes-bootcamp-390780338-b6dnp:/# curl localhost:8080
Hello Kubernetes bootcamp! | Running on: kubernetes-bootcamp-390780338-b6dnp | v=1
关于Replication Controller的操作
Pods有自己的生命周期,当工作节点死掉,Pods也会随着消失,此时,Replication Controller通过创建新的Pod来动态将集群控制在所需状态,从而保持程序的稳定运行.kubernetes集群的每一个Pod都有唯一的IP,Service是Kubernetes的一个抽象,它定义了一组逻辑的Pods和一个访问的策略,通常使用YAML或者JSON定义Service.首先检查运行中的应用kubectl get pods命令:
> kubectl get pods
NAME READY STATUS RESTARTS AGE
kubernetes-bootcamp-390780338-rplf9 1/1 Running 0 11s
然后列出当前集群的Serviceskubectl get services命令:
> kubectl get services
NAME CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes 10.0.0.1 <none> 443/TCP 2m
可以看到有一个名为kubernetes的服务随着Minikube启动而创建,要创建一个新的服务并将其暴露到外部,我们需要用到NodePort的expose命令:
> kubectl expose deployment/kubernetes-bootcamp --type="NodePort" --port 8080
service "kubernetes-bootcamp" exposed
此时在运行kubectl get services可以发现有了一个新的kubernetes-bootcamp的服务,并且发现服务有唯一IP和端口:
> kubectl get services
NAME CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes 10.0.0.1 <none> 443/TCP 5m
kubernetes-bootcamp 10.0.0.93 <nodes> 8080:30290/TCP 21s
要找出打开外部的什么端口(通过NodePort选项),我们将运行describe service命令:
> kubectl describe services/kubernetes-bootcamp
Name: kubernetes-bootcamp
Namespace: default
Labels: run=kubernetes-bootcamp
Selector: run=kubernetes-bootcamp
Type: NodePort
IP: 10.0.0.93
Port: <unset> 8080/TCP
NodePort: <unset> 30290/TCP
Endpoints: 172.18.0.2:8080
Session Affinity: None
No events.
创建一个名为NODE_PORT的环境变量,其值为Node端口:
export NODE_PORT=$(kubectl get services/kubernetes-bootcamp -o go-template='{{(index .spec.ports 0).nodePort}}')
echo NODE_PORT=$NODE_PORT
spec.ports 0).nodePort}}')ectl get services/kubernetes-bootcamp -o go-template='{{(index .
> echo NODE_PORT=$NODE_PORT
NODE_PORT=30290
此时我们可以使用curl通过节点的IP和暴露的外部端口来测试应用程序是否暴露:
> curl host01:$NODE_PORT
Hello Kubernetes bootcamp! | Running on: kubernetes-bootcamp-390780338-rplf9 | v=1
部署自动为我们的Pod创建了一个标签。使用describe deployment命令可以看到标签的名称:
> kubectl describe deployment
Name: kubernetes-bootcamp
Namespace: default
CreationTimestamp: Thu, 29 Jun 2017 23:53:11 +0000
Labels: run=kubernetes-bootcamp
Selector: run=kubernetes-bootcamp
Replicas: 1 updated | 1 total | 1 available | 0 unavailable
StrategyType: RollingUpdate
MinReadySeconds: 0
RollingUpdateStrategy: 1 max unavailable, 1 max surge
Conditions:
Type Status Reason
---- ------ ------
Available True MinimumReplicasAvailable
OldReplicaSets: <none>
NewReplicaSet: kubernetes-bootcamp-390780338 (1/1 replicas created)
Events:
FirstSeen LastSeen Count From SubObjectPath TypeR
eason Message
--------- -------- ----- ---- ------------- -----
--- ------ -------
14m 14m 1 {deployment-controller } Normal
ScalingReplicaSet Scaled up replica set kubernetes-bootcamp-390780338 to 1
可以看到标签name为kubernetes-bootcamp,我们可以通过get pod命令与-l作为参数:
> kubectl get pods -l run=kubernetes-bootcamp
NAME READY STATUS RESTARTS AGE
kubernetes-bootcamp-390780338-rplf9 1/1 Running 0 23m
同理,通过get service来获取参数:
> kubectl get services -l run=kubernetes-bootcamp
NAME CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes-bootcamp 10.0.0.93 <nodes> 8080:30290/TCP 24m
获取pod名称并将其存储在POD_NAME环境变量中:
> export POD_NAME=$(kubectl get pods -o go-template --template '{{range .items}}{{.metadata.name}}{{"\n"}}{{end}}')
> echo Name of the Pod: $POD_NAME
Name of the Pod: kubernetes-bootcamp-390780338-rplf9
这是我们会感觉标签太复杂,我们可以通过kubectl label命令来修改标签:
> kubectl label pod $POD_NAME app=v1
pod "kubernetes-bootcamp-390780338-rplf9" labeled
此时的标签名变为app=v1,查看可以得出:
> kubectl describe pods $POD_NAME
Start Time: Thu, 29 Jun 2017 23:53:15 +0000
Labels: app=v1
pod-template-hash=390780338
run=kubernetes-bootcamp
Status: Running
IP: 172.18.0.2
Controllers: ReplicaSet/kubernetes-bootcamp-390780338
Containers:
kubernetes-bootcamp:
Container ID: docker://5ead2d54a8ecf52b20971e79277b8466a47fcfcd031b7a358eb8e482e7fa3d1e
Image: docker.io/jocatalin/kubernetes-bootcamp:v1
Image ID: docker-pullable://jocatalin/kubernetes-bootcamp@sha256:0d6b8ee63bb57c5f5b6156f446b3bc3b3c143d233037f3a2f00e279c8fcc
64af
Port: 8080/TCP
State: Running
Started: Thu, 29 Jun 2017 23:53:16 +0000
Ready: True
Restart Count: 0
Volume Mounts:
/var/run/secrets/kubernetes.io/serviceaccount from default-token-2rbf0 (ro)
Environment Variables: <none>
Conditions:
Type Status
Initialized True
Ready True
PodScheduled True
Volumes:
default-token-2rbf0:
Type: Secret (a volume populated by a Secret)
SecretName: default-token-2rbf0
QoS Class: BestEffort
Tolerations: <none>
Events:
FirstSeen LastSeen Count From SubObjectPath Type Reason Mes
sage
--------- -------- ----- ---- ------------- -------- ------ ---
----
33m 33m 1 {default-scheduler } Normal Scheduled Suc
cessfully assigned kubernetes-bootcamp-390780338-rplf9 to host01
33m 33m 1 {kubelet host01} spec.containers{kubernetes-bootcamp} Normal Pulled Con
tainer image "docker.io/jocatalin/kubernetes-bootcamp:v1" already present on machine
33m 33m 1 {kubelet host01} spec.containers{kubernetes-bootcamp} Normal Created Cre
ated container with docker id 5ead2d54a8ec; Security:[seccomp=unconfined]
33m 33m 1 {kubelet host01} spec.containers{kubernetes-bootcamp} Normal Started Sta
rted container with docker id 5ead2d54a8ec
可以发现标签名称已经为app=v1,此时可以通过先标签来查看信息:
> kubectl get pods app=v1
NAME READY STATUS RESTARTS AGE
kubernetes-bootcamp-390780338-rplf9 1/1 Running 0 37m
删除service可以使用delete service命令,可以通过标签来调用:
> kubectl delete service -l run=kubernetes-bootcamp
service "kubernetes-bootcamp" deleted
查看service会发现我们创建的kubernetes-bootcamp:
>kubectl get services
NAME CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes 10.0.0.1 <none> 443/TCP 41m
此时service已删除,这个应用不再暴露到外部,但是我们它仍然存在在pod当中,可以通过kubectl exec查看,并且可以看出应用正在启动中:
> kubectl exec -ti $POD_NAME curl localhost:8080
Hello Kubernetes bootcamp! | Running on: kubernetes-bootcamp-390780338-rplf9 | v=1
网友评论