the site subtitle

kubectl 常用快捷键

2019.09.20

查询类

# custom-columns

# 比如 查看role=sre 标签pod镜像,当然也可以用go的自定义输出
kubectl  -n kube-system get po -l tier=control-plane -o custom-columns=NAME:.metadata.name,image:.spec.containers[0].image
NAME                                    image
etcd-ubuntu-bionic                      gcr.azk8s.cn/google_containers/etcd:3.3.15-0
kube-apiserver-ubuntu-bionic            gcr.azk8s.cn/google_containers/kube-apiserver:v1.16.2
kube-controller-manager-ubuntu-bionic   gcr.azk8s.cn/google_containers/kube-controller-manager:v1.16.2
kube-scheduler-ubuntu-bionic            gcr.azk8s.cn/google_containers/kube-scheduler:v1.16.2

# go-template 

# range 嵌套
# 列出所有容器使用的镜像名
kubectl get pods -o go-template --template='{{range .items}}{{range .spec.containers}}{{printf "%s\n" .image}}{{end}}{{end}}'
istio/examples-bookinfo-details-v1:1.5.0
istio/examples-bookinfo-productpage-v1:1.5.0
istio/examples-bookinfo-ratings-v1:1.5.0

# 条件判断
# 列出所有不可调度节点的节点名与 IP
kubectl get no -o go-template='{{range .items}}{{if .spec.unschedulable}}{{.metadata.name}} {{.spec.externalID}}{{"\n"}}{{end}}{{end}}'


# jsonpath

# 查询pod的启动时间
kubectl -n kube-system get pods -o=jsonpath='{range .items[*]}{.metadata.name}{"\t"}{.status.startTime}{"\n"}{end}'
coredns-667f964f9b-fs6kl	2019-12-25T02:54:20Z
coredns-667f964f9b-rlsr5	2019-12-25T02:54:20Z
etcd-ubuntu-bionic	2019-12-25T02:53:19Z
kube-apiserver-ubuntu-bionic	2019-12-28T06:25:42Z
kube-controller-manager-ubuntu-bionic	2019-12-28T06:25:43Z
kube-flannel-ds-amd64-jk586	2019-12-25T02:54:09Z
kube-proxy-vsjmv	2019-12-25T02:53:48Z
kube-scheduler-ubuntu-bionic	2019-12-28T06:25:43Z

jsonpath查询表

Function Description Example Result
text the plain text kind is {.kind} kind is List
@ the current object {@} the same as input
. or [] child operator {.kind}, {['kind']} or {['name\.type']} List
.. recursive descent {..name} 127.0.0.1 127.0.0.2 myself e2e
* wildcard. Get all objects {.items[*].metadata.name} [127.0.0.1 127.0.0.2]
[start🔚step] subscript operator {.users[0].name} myself
[,] union operator {.items[*]['metadata.name', 'status.capacity']} 127.0.0.1 127.0.0.2 map[cpu:4] map[cpu:8]
?() filter {.users[?(@.name=="e2e")].user.password} secret
range, end iterate list {range .items[*]}[{.metadata.name}, {.status.capacity}] {end} [127.0.0.1, map[cpu:4]] [127.0.0.2, map[cpu:8]]
'' quote interpreted string {range .items[*]}{.metadata.name}{'\t'}{end} 127.0.0.1 127.0.0.2

补丁类

#Patch 把SVC改为NodePort类型
kubectl -n istio-system patch svc $SVC  -p  '{"spec":{"type":"NodePort"}}'


    command: ['sh', '-c', 'echo Hello Kubernetes! && sleep 3600']
    args:
    - /bin/sh
    - -c
    - touch /tmp/healthy; sleep 30; rm -rf /tmp/healthy; sleep 60;

# 为Pod template 加上新label 打patch
kubectl patch deployment simple --type=json -p='[{"op": "add", "path": "/spec/template/metadata/labels/this", "value": "that"}]'
kubectl patch deployment myDeployment --patch '{"spec": {"template": {"metadata": {"labels": {"myLabelKey": "myLabelValue"}}}}}'

# 打pacth 使用文件
spec:
  template:
    spec:
      containers:
      - name: curl
        image: nginx:alpine
        env:
        - name: key
          value: value

# 修改po的container的镜像
kubectl patch deployment patch-demo --patch '{"spec": {"template": {"spec": {"containers": [{"name": "patch-demo-ctr-2","image": "redis"}]}}}}'

# 使 node 不可调度 当然cordon 也是可以的 
kubectl patch node ${NAME}  -p "{\"spec\":{\"unschedulable\":false}}"

# 官方的示例

Examples:
  # Partially update a node using a strategic merge patch. Specify the patch as JSON.
  kubectl patch node k8s-node-1 -p '{"spec":{"unschedulable":true}}'

  # Partially update a node using a strategic merge patch. Specify the patch as YAML.
  kubectl patch node k8s-node-1 -p $'spec:\n unschedulable: true'

  # Partially update a node identified by the type and name specified in "node.json" using strategic merge patch.
  kubectl patch -f node.json -p '{"spec":{"unschedulable":true}}'

  # Update a container's image; spec.containers[*].name is required because it's a merge key.
  kubectl patch pod valid-pod -p '{"spec":{"containers":[{"name":"kubernetes-serve-hostname","image":"new image"}]}}'

  # Update a container's image using a json patch with positional arrays.
  kubectl patch pod valid-pod --type='json' -p='[{"op": "replace", "path": "/spec/containers/0/image", "value":"new
image"}]'

快捷键

# 运行一个deployment
kubectl run nginx --image=nginx:alpine --replicas=1 --port=80

# 删除非running Pod
kubectl get pods --all-namespaces -ojson | jq -r '.items[] | select(.status.reason!=null) | select(.status.reason | contains("Evicted")) | .metadata.name + " " + .metadata.namespace' | xargs -n2 -l bash -c 'kubectl delete pods $0 --namespace=$1'

# 正则匹配某个pod
kubectl logs -n kube-system $(kubectl get po -n kube-system | egrep -o alb-ingress[a-zA-Z0-9-]+)

# 修改po的container的镜像 set image 方式
kubectl set image deploy -l run=nginx nginx=vsxen/k8s
deployment.extensions/nginx image updated

kubectl get rs
NAME               DESIRED   CURRENT   READY     AGE
nginx-5dbb4c75cd   1         1         1         7m
nginx-7444d44744   1         1         0         47s

  externalTrafficPolicy: Cluster
  externalIPs:
  - 10.0.0.52