Tổng hợp các câu lệnh cơ bản khi sử dụng kubectl để vận hành cụm kuberentes.
Pods
List all pods in namespace <default>
kubectl get pods
hoặc
kubectl get pod
hoặc
kubectl get po
View a pod in watch mode
kubectl get pod <pod> --watch
View all pods in watch mode
kubectl get pods -A --watch
List sroted pods
kubectl get pods --sort-by='.status.containerStatuses[0].restartCount'
List pods using a different output
kubectl get pods -o <json|yaml|wide|custom-columns=...|custom-columns-file=...|go-template=...|go-template-file=...|jsonpath=...|jsonpath-file=...>
Ví dụs:
- JSON output
kubectl get pods -o json
Hoặc
kubectl get pods -ojson
Hoặc
kubectl get pods -o=json
- Wide output:
kubectl get pods -o wide
- Custom columns:
kubectl get pods -o custom-columns='DATA:spec.containers[*].image'
Hoặc
kubectl get pods -o custom-columns='DATA:spec.containers[*].volumeMounts'
Hoặc
kubectl get pods -o custom-columns='DATA:metadata.*'
Formatting output
Bạn muốn output của câu lệnh theo format gì, sử dụng các tủy chọn như bên dưới:
| Output format | Description |
|---|---|
-o=custom-columns=<spec> | Print a table using a comma separated list of custom columns |
-o=custom-columns-file=<filename> | Print a table using the custom columns template in the file<filename> |
-o=json | Output a JSON formatted API object |
-o=jsonpath=<template> | Print the fields defined in a jsonpath expression |
-o=jsonpath-file=<filename> | Print the fields defined by the jsonpath expression in the file<filename> |
-o=name | Print only the resource name and nothing else |
-o=wide | Output in the plain-text format with any additional information, and for pods, the node name is included |
-o=yaml | Output a YAML formatted API object |
List all pods in a namespace
kubectl get pods -n <namespace>
Hoặc
kubectl -n <namespace> get pods
Hoặc
kubectl --namespace <namespace> get pods
List all pods in all namespaces
kubectl get pods --all-namespaces
Hoặc
kubectl get pods -A
Create pod from an image
kubectl run <pod> --generator=run-pod/v1 --image=<image>
Trong cheat sheet này chúng ta sẽ dùng image nginx hoặc busybox.
Ví dụ:
kubectl run nginx --generator=run-pod/v1 --image=nginx
kubectl run busybox --generator=run-pod/v1 --image=busybox
Run pod in an interactive shell mode
kubectl run -i --tty nginx --image=nginx -- sh
Run a command after creating a pod
kubectl run busybox --image=busybox -- sleep 100000
Executing a command in a running pod
kubectl exec <pod> -- <command>
Hoặc pass stdin to the container in TTY mode:
kubectl exec -it <pod> -- <command>
Ví dụ:
kubectl exec -it nginx -- ls -lrth /app/
Create a pod: dry run mode (không thực sự tạo pod, chỉ chạy ở loca mà không tạo trên server)
kubectl run <pod> --generator=run-pod/v1 --image=nginx --dry-run=client
Patch a pod
kubectl patch pod <pod> -p '<patch>'
Ví dụ:
kubectl patch pod <pod> -p '{"spec":{"containers":[{"name":"kubernetes-serve-hostname","image":"new image"}]}}'
Ví dụ khác:
kubectl patch pod valid-pod --type='json' -p='[{"op": "replace", "path": "/spec/containers/0/image", "value":"new image"}]'
Create from a YAML file
kubectl create -f pod.yaml
Export YAML from the dry run mode
kubectl run nginx --generator=run-pod/v1 --image=nginx --dry-run -o yaml
Create from STDIN
cat <<EOF | kubectl create -f -
apiVersion: v1
kind: Pod
metadata:
name: nginx-pod
spec:
containers:
- name: nginx
image: nginx:latest
EOF
Create multiple resources from STDIN
cat <<EOF | kubectl create -f -
apiVersion: v1
kind: Pod
metadata:
name: nginx-pod
spec:
containers:
- name: nginx
image: nginx:latest
---
apiVersion: v1
kind: Pod
metadata:
name: busybox
spec:
containers:
- name: busybox
image: busybox
args:
- sleep
- "100"
Create in a namespace
kubectl run nginx --generator=run-pod/v1 --image=nginx -n <namespace>
Create in a namespace from a file
kubectl create -f pod.yaml -n <namespace>
Delete pods
kubectl delete pod/<pod>
Hoặc
kubectl delete pod <pod>
Nếu bạn tạo pod từ file yaml, bạn có thể dùng:
kubectl delete -f pod.yaml
To force deletion:
kubectl delete pod <pod> --grace-period=0 --force
Get pod logs
kubectl logs <pod>
Hoặc
Đôi khi bạn chạy nhiều container trong một pod, bạn sẽ cần phải chọn container để xem log:
kubectl logs <pod> -c <container>
Để follow output log (tail -f):
kubectl logs -f <pod>
Lấy log của nhiều pod thông qua label:
kubectl logs -l <label_name>=<label_value>
Ví dụ:
kubectl logs -l env=prod
Bạn có thể xem log của nhiều container qua label:
kubectl logs -l <label_name>=<label_value> -c <container>
Hoặc view all containers logs với label:
kubectl logs -f -l <label_name>=<label_value> --all-containers
List all container id of init container of all pods
kubectl get pods --all-namespaces -o jsonpath='{range .items[*].status.initContainerStatuses[*]}{.containerID}{"\n"}{end}' | cut -d/ -f3
Show metrics for a given pod
kubectl top pod <pod>
Show metrics for a given pod and all its containers
kubectl top pod <pod> --containers
Deployments
Tạo một deployment
kubectl create deployment <deployment> --image=<image> -n <namespace>
Tạo deployment với định nghĩa số replica
kubectl create deployment <deployment> --image=<image> --replicas=<number> -n <namespace>
Tạo deployment với số pod và port được định nghĩa trước
kubectl create deployment <deployment> --image=<image> --replicas=<replicas> --port=<port> -n <namespace>
Ví dụ:
kubectl create deployment nginx --image=nginx --replicas=2 --port=80
Tạo deployment với số pod và port được định nghĩa trước và expose nó
kubectl create deployment nginx --image=nginx --replicas=2 --port=80 --expose
Get a deployment
kubectl get deploy <deployment>
Watch a deployment
kubectl get deployment <deployment> --watch
Hoặc
kubectl get deployment <deployment> -w
Hoặc using a shorter version:
kubectl get deploy <deployment> -w
Hoặc dài hơn:
kubectl get deployments.apps <deployment> --watch
List all deployments
Giống như việc list các pod, namespace hay service, chúng ta dùng giống một format:
kubectl get deploy -n <namespace> kubectl get deploy --all-namespaces kubectl get deploy -A kubectl get deploy -o yaml kubectl get deploy -o wide
Update the image
Rolling update “nginx” containers của “nginx” deployment, updating image:
kubectl set image deployment/nginx nginx=nginx:1.9.1
Rolling update “api” containers của “backend” deployment, updating image:
kubectl set image deployment/backend api=image:v2
Scale a deployment
kubectl scale --replicas=5 deployment/<deployment>
Note: Bạn có thể dùng cách ngắn hơn:
kubectl scale --replicas=5 deploy/<deployment>
Dry run và YAML output
kubectl create deployment nginx --image=nginx --replicas=2 --port=80 --dry-run -o yaml
Tạo một deployment từ một file
kubectl apply -f deployment.yaml
Edit a deployment
kubectl edit deployment/<deployment>
Rollback deployment
Sau khi chỉnh sửa deployment, nếu bị lỗi thì bạn có thể rollback về thay đổi trước đó:
kubectl rollout undo deployment <deployment>
Get rollout history
Bạn có thể xem rollout history:
kubectl rollout history deployment <deployment>
kubectl rollout history deployment <deployment>
Ví dụ:
kubectl rollout history deployment nginx
Bạn sẽ nhận được:
REVISION CHANGE-CAUSE 2 kubectl set image deployment/nginx nginx=nginx:1.9.1 --record=true 3 <none>
Roll back đến một bản sửa đổi trước đó
Sử dụng revison, chúng ta có thể rollback lại thay đổi trước đó:
kubectl rollout undo deployment <deployment> --to-revision=<revision>
Ví dụ:
kubectl rollout undo deployment nginx --to-revision=2
Execute deployment rollout operations
kubectl rollout status deployment <deployment> kubectl rollout pause deployment <deployment> kubectl rollout resume deployment <deployment>
Port Forwarding
Chọn localhost port
kubectl port-forward deployment <deployment> <locahost-port>:<deployment-port> kubectl port-forward pod <pod> <locahost-port>:<pod-port> kubectl port-forward service <service> <locahost-port>:<service-port> kubectl port-forward replicaset <replicaset> <locahost-port>:<replicaset-port>
Ví dụ:
Forward port localhost 8090 từ pod 6379:
kubectl port-forward redis 8090:6379
Sử dụng chung port ở local
kubectl port-forward pod <pod> <port>
Ví dụ: Listen on ports 8000 and 9000 on localhost, forwarded from the same ports in the pod (8000 and 9000)
kubectl port-forward pod nginx 8000 9000
Listen trên một random port ở local
kubectl port-forward pod <pod> :<pod-port>
Ví dụ:
kubectl port-forward pod nginx :80
Listen trên port ở localhost + IP khác
kubectl port-forward --address localhost,<IP.IP.IP.IP> pod <pod> <locahost-port>:<pod-port>
Ví dụ:
kubectl port-forward --address localhost,10.10.10.1 pod redis 8090:6379
Listen trên forwarded port trên tất cả địa chỉ
kubectl port-forward --address 0.0.0.0 pod <pod> <hosts-port>:<pod-port>
Services
Create a service
kubectl create service <clusterip|externalname|loadbalancer|nodeport> <service> [flags] [options]>
Ví dụ:
kubectl create service clusterip myclusterip --tcp=5678:8080 kubectl create service loadbalancer myloadbalancer --tcp=80
Có thể dùng svc thay cho service.
Delete service(s)
kubectl delete service myclusterip kubectl delete service myloadbalancer kubectl delete svc myclusterip kubectl delete svc myloadbalancer
Hoặc
kubectl delete service myclusterip myloadbalancer
Describe a service
kubectl describe service <service>
Nodes
Get node
kubectl get nodes
Get a specific node
kubectl get nodes <node>
Show node metrics
kubectl top node <node>
Get external IPs of cluster nodes
kubectl get nodes -o jsonpath='{.items[*].status.addresses[?(@.type=="ExternalIP")].address}'
Describe commands with verbose output
kubectl describe nodes <node>
Check which nodes are ready
JSONPATH='{range .items[*]}{@.metadata.name}:{range @.status.conditions[*]}{@.type}={@.status};{end}{end}' && kubectl get nodes -o jsonpath="$JSONPATH" | grep "Ready=True"
Mark a node as unschedulable
kubectl cordon <node>
Drain a node for maintenance
kubectl drain <node>
Mark a node as schedulable
kubectl uncordon <node>
Namespaces
List namespaces
kubectl get namespaces
Hoặc
kubectl get ns
List hoặc describe a namespace
kubectl get namespace <namespace> kubectl describe namespace <namespace>
Create namespace
kubectl create namespace <namespace>
Hoặc
kubectl create -f namespace.yaml
Hoặc
cat <<EOF | kubectl create -f - apiVersion: v1 kind: Namespace metadata: name: mynamespace EOF
Delete namespace
kubectl delete namespace <namespace>
Hoặc
kubectl delete -f namespace.yaml
Service accounts
List service accounts
kubectl get serviceaccounts
Hoặc
kubectl get sa
Get a service account
kubectl get serviceaccount <serviceaccount>
Hoặc
kubectl get serviceaccounts <serviceaccount>
Hoặc
kubectl get sa <serviceaccount>
Hoặc
kubectl get sa/<serviceaccount>
Create a service account
kubectl create serviceaccount <serviceaccount>
Delete a service account
kubectl delete serviceaccount <serviceaccount>
Hoặc
kubectl delete -f myserviceaccount.yaml
Describe a service account
kubectl describe serviceaccount <serviceaccount>
Events
List events
kubectl get events -A
List sorted events
kubectl get events --sort-by=<JSONPath>
Ví dụ: Sorted by timestamp
kubectl get events --sort-by=.metadata.creationTimestamp
List formatted events
kubectl get events -o <json|yaml|wide|custom-columns=...|custom-columns-file=...|go-template=...|go-template-file=...|jsonpath=...|jsonpath-file=...>
Ví dụ:
kubectl get events -owide
Documentation
Get the documentation for pod manifests
kubectl explain pod
Get the documentation for service manifests
kubectl explain service
Describing resources
kubectl describe <resource> <reosurce_name>
Ví dụ:
kubectl describe pod busybox
Hoặc
kubectl describe nodes minikube
Other possible resources you can use with :describe
apiservices.apiregistration.k8s.io certificatesigningrequests.certificates.k8s.io clusterrolebindings.rbac.authorization.k8s.io clusterroles.rbac.authorization.k8s.io componentstatuses configmaps controllerrevisions.apps cronjobs.batch csidrivers.storage.k8s.io csinodes.storage.k8s.io customresourcedefinitions.apiextensions.k8s.io daemonsets.apps daemonsets.extensions deployments.apps deployments.extensions endpoints events events.events.k8s.io horizontalpodautoscalers.autoscaling ingresses.extensions ingresses.networking.k8s.io jobs.batch leases.coordination.k8s.io limitranges mutatingwebhookconfigurations.admissionregistration.k8s.io namespaces networkpolicies.extensions networkpolicies.networking.k8s.io nodes persistentvolumeclaims persistentvolumes poddisruptionbudgets.policy pods podsecuritypolicies.extensions podsecuritypolicies.policy podtemplates priorityclasses.scheduling.k8s.io replicasets.apps replicasets.extensions replicationcontrollers resourcequotas rolebindings.rbac.authorization.k8s.io roles.rbac.authorization.k8s.io runtimeclasses.node.k8s.io secrets serviceaccounts services statefulsets.apps storageclasses.storage.k8s.io validatingwebhookconfigurations.admissionregistration.k8s.io volumeattachments.storage.k8s.io
Editing resources
Edit a service
kubectl edit service <service>
Edit a service with your favorite text editor
KUBE_EDITOR="vim" edit service <service>
Note: chúng ta có thể thay đổi cho các resource khác như: service, deployment …
Deleting Resources
Delete a resource using the type and name specified in <file>
kubectl delete -f <file>
Delete pods and services with same names
kubectl delete pod,service <name1> <name2>
Delete pods and services with a custom label
kubectl delete pods,services -l <label-name>=<label-value>
Delete all pods and services in a namespace
kubectl -n <namespace> delete pods,services --all
Delete all resources in a namespace
kubectl delte <namespace>
All get commands
kubectl get all kubectl get pods kubectl get replicasets kubectl get services kubectl get nodes kubectl get namespaces kubectl get configmaps kubectl get endpoints
Viết tắt của một vài resouce bạn có thể dùng
| Resource type | Abbreviations |
|---|---|
| componentstatuses | cs |
| configmaps | cm |
| daemonsets | ds |
| deployments | deploy |
| endpoints | ep |
| event | ev |
| horizontalpodautoscalers | hpa |
| ingresses | ing |
| limitranges | limits |
| namespaces | ns |
| nodes | no |
| persistentvolumeclaims | pvc |
| persistentvolumes | pv |
| pods | po |
| podsecuritypolicies | psp |
| replicasets | rs |
| replicationcontrollers | rc |
| resourcequotas | quota |
| serviceaccount | sa |
| services | svc |
Verbose Kubectl
kubectl run nginx --image=nginx --v=5
| Verbosity | Description |
|---|---|
--v=0 | Generally useful for this to always be visible to a cluster operator. |
--v=1 | A reasonable default log level if you don’t want verbosity. |
--v=2 | Useful steady state information about the service and important log messages that may correlate to significant changes in the system. This is the recommended default log level for most systems. |
--v=3 | Extended information about changes. |
--v=4 | Debug level verbosity. |
--v=6 | Display requested resources. |
--v=7 | Display HTTP request headers. |
--v=8 | Display HTTP request contents. |
--v=9 | Display HTTP request contents without truncation of contents. |
(Table source: K8s docs)
Cluster
Display addresses of the master and services
kubectl cluster-info
Dump cluster state to STDOUT
kubectl cluster-info dump
Dump cluster state to a file
kubectl cluster-info dump --output-directory=</file/path>
Compares the current cluster state against the state that the cluster would be in if the manifest was applied
kubectl diff -f ./my-manifest.yaml
List all images running in a cluster
kubectl get pods -A -o=custom-columns='DATA:spec.containers[*].image'
Kubectl context
Show merged kubeconfig settings
kubectl config view
Use multiple kubeconfig
KUBECONFIG=~/.kube/config1:~/.kube/config2:~/.kube/config3
Get a list of users
kubectl config view -o jsonpath='{.users[*].name}'
Display the first user
kubectl config view -o jsonpath='{.users[].name}'
Get the password for the “admin” user
kubectl config view -o jsonpath='{.users[?(@.name == "admin")].user.password}'
Display the current context
kubectl config current-context
Display list of contexts
kubectl config get-contexts
Set the default context to <cluster>
kubectl config use-context <cluster>
Sets a user entry in kubeconfig
kubectl config set-credentials <username> [options]
Sets a user with a client key
kubectl config set-credentials <user> --client-key=~/.kube/admin.key
Sets a user with basic auth
kubectl config set-credentials --username=<username> --password=<password>
Sets a user with client certificate
kubectl config set-credentials <user> --client-certificate=<path/to/cert> --embed-certs=true
Set a context utilizing a specific config file
kubectl config --kubeconfig=<config/path> use-context <cluster>
Set a context utilizing a specific username and namespace.
kubectl config set-context gce --user=cluster-admin --namespace=foo \ && kubectl config use-context gce
Alias
Create an alias on *nix
alias k=kubectl
Create an alias on Windows
Set-Alias -Name k -Value kubectl
Kubectl create và apply
Create
Create khi bạn muốn tạo một deployment, service … mới chưa tồn tại. Nếu chúng đã tồn tại thì bạn sẽ nhận được thông báo lỗi:
kubectl create -f <filename|url> kubectl delete deployment <deployment-name> kubectl delete deployment <deployment-filename> kubectl delete deployment <deployment-url>
Apply
Apply sẽ linh động hơn Create, khi mà resouce cần tại đã có sẵn thì sẽ update những thay đổi, còn chưa có sẽ tạo mới.
kubectl apply -f <filename|url> kubectl delete -f <deployment-filename> kubectl apply -f <deployment-filename>
