- busybox / Favoriate OS
$ kubectl run -it --rm --restart=Never --image=busybox busybox -- sh
$ kubectl run -it --rm --restart=Never --image=centos centos -- bash
$ kubectl run -it --rm --restart=Never --image=ubuntu ubuntu — bash
$ kubectl run -it --rm --restart=Never --image=alpine alpine -- bash
- netshoot : a Docker + Kubernetes network trouble-shooting swiss-army container (https://github.com/nicolaka/netshoot)
kubectl run --rm -i --tty --image nicolaka/netshoot tmp-shell -- /bin/bash
- JSON path examples
kubectl get nodes -o jsonpath='{.items[*].status.addresses[?(@.type=="InternalIP")].address}'
kubectl get service emo-dev-es-http -n elastic-cluster --output jsonpath='{.spec.ports[?(@.name=="https")].nodePort}'
kubectl get secrets my-release-harbor-nginx -o jsonpath='{.data.ca\.crt}'
- Patch
$ kubectl patch service istio-ingressgateway -n istio-system -p '{ "spec": { "type": "LoadBalancer" } }'
$ kubectl get service istio-ingressgateway -n istio-system -o json
$ kubectl edit service istio-ingressgateway -n istio-system
...
:s/NodePort/LoadBalancer/
- Scale 변경
$ k scale --replicas=6 deployment/kubia
deployment.extensions/kubia scaled
$ k get deployments kubia
NAME READY UP-TO-DATE AVAILABLE AGE
kubia 4/6 6 4 81s
$
- K8s Playgrounds
✓ Katacoda (https://www.katacoda.com/courses/kubernetes/playground)
✓ Play with Kubernetes (https://labs.play-with-k8s.com/)
- Cheat sheet: https://kubernetes.io/docs/reference/kubectl/cheatsheet/
- 특정 Namespace에 속한 리소스 검색
$ export namespace='nvidia-mon'
$ kubectl api-resources --verbs=list --namespaced -o name | xargs -n 1 kubectl get -n ${namespace} 2>&1 | grep -v "No resources"
- Namespace “stuck” as Terminating
$ NAMESPACE=your-rogue-namespace
$ k get namespace $NAMESPACE -o json > temp.json
$ vi temp.json
…
"spec": {
"finalizers": [
“kubernetes” # remove this line
]
},
…
$ k replace --raw "/api/v1/namespaces/$NAMESPACE/finalize" -f ./temp.json
or
$ kubectl proxy &
$ curl -k -H "Content-Type: application/json" -X PUT --data-binary @temp.json \
127.0.0.1:8001/api/v1/namespaces/$NAMESPACE/finalize
- 강제로 삭제하고자 할 경우
$ kubectl -n rook-ceph patch cephclusters.ceph.rook.io rook-ceph -p '{"metadata":{"finalizers": []}}' --type merge
- Worker node Join
$ sudo kubeadm token create
fj9jqg.6rcjisym0nsmwspv
$ kubeadm token list
TOKEN TTL EXPIRES USAGES DESCRIPTION EXTRA GROUPS
fj9jqg.6rcjisym0nsmwspv 23h 2020-06-17T16:10:59+09:0 authentication,signing <none> system:bootstrappers:kubeadm:default-node-token
tqte4l.m15k0fwtvqp3aa1p <invalid 2020-06-10T03:30:42-04:00 authentication,signing <none> system:bootstrappers:kubeadm:default-node-token
$ openssl x509 -pubkey -in /etc/kubernetes/pki/ca.crt | openssl rsa -pubin -outform der 2>/dev/null | openssl dgst -sha256 -hex | sed 's/^.* //'
0edd6023735ab34bf40efa196dcd3651ac1663f7e97d1c573b200793402ee834
$ kubeadm join 14.52.244.136:7443 --token fj9jqg.6rcjisym0nsmwspv \
--discovery-token-ca-cert-hash sha256:0edd6023735ab34bf40efa196dcd3651ac1663f7e97d1c573b200793402ee834
- Worker node Delete
## On Master Node
$ kubectl drain ${node} --ignore-daemonsets --delete-local-data # Drain it
$ kubectl delete node ${node} # Delete it
## On Worker Node (nodetoberemoved). Remove join/init setting from node
# kubadm reset
- default namespace 설정
$ k config set-context --current --namespace=kubeflow
$ k config get-contexts
- Kubectl Autocomplete
$ sudo yum install -y bash-completion
$ source <(kubectl completion bash)
$ alias k=kubectl
$ complete -F __start_kubectl k
- Kubectl Autocomplete 에러 발생시
$ k api-resources | grep error
error: unable to retrieve the complete list of server APIs: custom.metrics.k8s.io/v1beta1: the server is currently unable to handle the request, webhook.cert-manager.io/v1beta1: the server is currently unable to handle the request
$ k get apiservices.apiregistration.k8s.io | grep -i false
v1beta1.custom.metrics.k8s.io knative-serving/autoscaler False (FailedDiscoveryCheck) 21d
v1beta1.webhook.cert-manager.io cert-manager/cert-manager-webhook False (FailedDiscoveryCheck) 21d
$ k delete apiservices.apiregistration.k8s.io v1beta1.custom.metrics.k8s.io
apiservice.apiregistration.k8s.io "v1beta1.custom.metrics.k8s.io" deleted
k delete apiservices.apiregistration.k8s.io v1beta1.webhook.cert-manager.io
apiservice.apiregistration.k8s.io "v1beta1.webhook.cert-manager.io" deleted
$
'Kubernetes > Management' 카테고리의 다른 글
Cert-manager with LetsEncrypt (HTTP challenge) (0) | 2021.09.23 |
---|---|
ClusterIP, NodePort, Ingress 개념 (0) | 2021.09.23 |
Cert-manager with LetsEncrypt (DNS challenge) (1) | 2021.09.23 |
Crobjob (0) | 2021.09.23 |
K8s - Slab memory leakage (2) | 2021.09.16 |
댓글