본문 바로가기
Kubernetes/Management

K8s 잡학다식

by 여행을 떠나자! 2021. 9. 23.

- busybox / Favoriate OS

$ kubectl run -it --rm --restart=Never --image=busybox busybox -- sh
$ kubectl run -it --rm --restart=Never --image=centos centos -- bash
$ kubectl run -it --rm --restart=Never --image=ubuntu ubuntu — bash
$ kubectl run -it --rm --restart=Never --image=alpine alpine -- bash

 

- netshoot : a Docker + Kubernetes network trouble-shooting swiss-army container (https://github.com/nicolaka/netshoot)

kubectl run --rm -i --tty --image nicolaka/netshoot tmp-shell -- /bin/bash

 

- JSON path examples

 kubectl get nodes -o jsonpath='{.items[*].status.addresses[?(@.type=="InternalIP")].address}'
 kubectl get service emo-dev-es-http -n elastic-cluster --output jsonpath='{.spec.ports[?(@.name=="https")].nodePort}'
 kubectl get secrets my-release-harbor-nginx -o jsonpath='{.data.ca\.crt}'

 

- Patch

$ kubectl patch service istio-ingressgateway -n istio-system -p '{ "spec": { "type": "LoadBalancer" } }'
$ kubectl get service istio-ingressgateway -n istio-system -o json
$ kubectl edit service istio-ingressgateway -n istio-system
...
:s/NodePort/LoadBalancer/

 

- Scale 변경

$ k scale --replicas=6 deployment/kubia
deployment.extensions/kubia scaled
$ k get deployments kubia
NAME    READY   UP-TO-DATE   AVAILABLE   AGE
kubia   4/6     6            4           81s
$

 

- K8s Playgrounds

   ✓ Katacoda (https://www.katacoda.com/courses/kubernetes/playground)

   ✓ Play with Kubernetes (https://labs.play-with-k8s.com/)

 

- Cheat sheet: https://kubernetes.io/docs/reference/kubectl/cheatsheet/


- 특정 Namespace에 속한 리소스 검색

$ export namespace='nvidia-mon'
$ kubectl api-resources --verbs=list --namespaced -o name | xargs -n 1 kubectl get -n ${namespace} 2>&1 | grep -v "No resources"

 

- Namespace “stuck” as Terminating

$ NAMESPACE=your-rogue-namespace
$ k get namespace $NAMESPACE -o json > temp.json
$ vi temp.json
…
   "spec": {
       "finalizers": [
           “kubernetes”        # remove this line
       ]
   },
…
$ k replace --raw "/api/v1/namespaces/$NAMESPACE/finalize" -f ./temp.json

or

$ kubectl proxy &
$ curl -k -H "Content-Type: application/json" -X PUT --data-binary @temp.json \
  127.0.0.1:8001/api/v1/namespaces/$NAMESPACE/finalize

 

- 강제로 삭제하고자 할 경우

$ kubectl -n rook-ceph patch cephclusters.ceph.rook.io rook-ceph -p '{"metadata":{"finalizers": []}}' --type merge

 

- Worker node Join

$ sudo kubeadm token create
fj9jqg.6rcjisym0nsmwspv
$ kubeadm token list
TOKEN                    TTL        EXPIRES                    USAGES                  DESCRIPTION  EXTRA GROUPS
fj9jqg.6rcjisym0nsmwspv  23h        2020-06-17T16:10:59+09:0   authentication,signing  <none>       system:bootstrappers:kubeadm:default-node-token
tqte4l.m15k0fwtvqp3aa1p  <invalid   2020-06-10T03:30:42-04:00  authentication,signing  <none>       system:bootstrappers:kubeadm:default-node-token
$ openssl x509 -pubkey -in /etc/kubernetes/pki/ca.crt | openssl rsa -pubin -outform der 2>/dev/null | openssl dgst -sha256 -hex | sed 's/^.* //'
0edd6023735ab34bf40efa196dcd3651ac1663f7e97d1c573b200793402ee834
$ kubeadm join 14.52.244.136:7443 --token fj9jqg.6rcjisym0nsmwspv \
   --discovery-token-ca-cert-hash sha256:0edd6023735ab34bf40efa196dcd3651ac1663f7e97d1c573b200793402ee834

 

- Worker node Delete

## On Master Node
$ kubectl drain ${node} --ignore-daemonsets --delete-local-data     # Drain it
$ kubectl delete node ${node}                                       # Delete it

## On Worker Node (nodetoberemoved). Remove join/init setting from node
# kubadm reset

 


- default namespace 설정

$ k config set-context --current --namespace=kubeflow
$ k config get-contexts

 

 

- Kubectl Autocomplete

$ sudo yum install -y bash-completion
$ source <(kubectl completion bash)
$ alias k=kubectl
$ complete -F __start_kubectl k

 

- Kubectl Autocomplete 에러 발생시

$ k api-resources | grep error
error: unable to retrieve the complete list of server APIs: custom.metrics.k8s.io/v1beta1: the server is currently unable to handle the  request, webhook.cert-manager.io/v1beta1: the server is currently unable to handle the request
$ k get apiservices.apiregistration.k8s.io | grep -i false
v1beta1.custom.metrics.k8s.io               knative-serving/autoscaler          False (FailedDiscoveryCheck)   21d
v1beta1.webhook.cert-manager.io             cert-manager/cert-manager-webhook   False (FailedDiscoveryCheck)   21d
$ k delete apiservices.apiregistration.k8s.io v1beta1.custom.metrics.k8s.io
apiservice.apiregistration.k8s.io "v1beta1.custom.metrics.k8s.io" deleted
k delete apiservices.apiregistration.k8s.io v1beta1.webhook.cert-manager.io
apiservice.apiregistration.k8s.io "v1beta1.webhook.cert-manager.io" deleted
$

 

'Kubernetes > Management' 카테고리의 다른 글

Cert-manager with LetsEncrypt (HTTP challenge)  (0) 2021.09.23
ClusterIP, NodePort, Ingress 개념  (0) 2021.09.23
Cert-manager with LetsEncrypt (DNS challenge)  (1) 2021.09.23
Crobjob  (0) 2021.09.23
K8s - Slab memory leakage  (2) 2021.09.16

댓글