您对Kubectl不了解的一些事情

Kubectl is the command line tool for interacting with Kubernetes clusters. Many people use it every day to deploy their container workloads into production clusters. But there’s more to Kubectl than just Kubectl create -f or Kubectl rolling-update. Kubectl is a veritable multi-tool of container orchestration and management. Below we describe some of the features of Kubectl that you may not have seen.

重要的提示 :这些功能大多数是即将发布的Kubernetes 1.1版本的一部分。它们在当前的稳定的1.0.x版本系列中不存在。

运行交互式命令

Kubectl run 从1.0版本开始就已经在kubectl中使用了,但是最近我们增加了在集群中运行交互式容器的功能。这意味着您的Kubernetes集群中的交互式shell如下:

$> Kubectl run -i --tty busybox --image=busybox --restart=Never -- sh   
Waiting for pod default/busybox-tv9rm to be running, status is Pending, pod ready: false   
Waiting for pod default/busybox-tv9rm to be running, status is Running, pod ready: false   
$> # ls 
bin dev etc home proc root sys tmp usr var 
$> # exit  

The above Kubectl command is equivalent to docker run -i -t busybox sh. Sadly we mistakenly used -t for template in Kubectl 1.0, so we need to retain backwards compatibility with 现有 CLI user. But the 现有 use of -t is deprecated and we’ll eventually shorten --tty to -t.

In this example, -i indicates that you want an allocated stdin for your container and indicates that you want an interactive session, --restart=Never indicates that the container shouldn’t be restarted after you exit the terminal and --tty requests that you allocate a TTY for that session.

查看您的Pod的日志

Sometimes you just want to watch what’s going on in your server. For this, Kubectl logs is the subcommand to use. Adding the -f flag lets you live stream new logs to your terminal, just like tail -f.
$> Kubectl logs -f redis-izl09

附加到现有容器

除了交互式执行命令外,您现在还可以附加到任何正在运行的进程。像kubectl日志一样,您将获得stderr和stdout数据,但是通过附加,您还可以将stdin从终端发送到程序。非常适合交互式调试,甚至只是将ctrl-c发送到行为异常的应用程序。

      $> Kubectl attach redis -i

1:C 10 Oct 12:05:11.848#警告:未使用默认配置指定配置文件。为了指定配置文件,请使用redis-server /path/to/redis.conf

                _._                                                  
           _.-``__''-._                                             
      _.-`` `. `_. ''-._ Redis 3.0.3 (00000000/0) 64 bit
  .-`` .-```. ```\/ _.,_ ''-._                                   
 ( ' , .-` | `, ) Running in standalone mode
 |`-._`-...-` __...-.``-._|'` _.-'| Port: 6379
 | `-._ `._ / _.-' | PID: 1
  `-._ `-._ `-./ _.-' _.-'                                   
 |`-._`-._ `-.__.-' _.-'_.-'|                                  
 | `-._`-._ _.-'_.-' | http://redis.io
`-._ `-._`-.__.-'_.-' _.-'                                   
 |`-._`-._ `-.__.-' _.-'_.-'|                                  
 | `-._`-._ _.-'_.-' |                                  
  `-._ `-._`-.__.-'_.-' _.-'                                   
      `-._ `-.__.-' _.-'                                       
          `-._ _.-'                                           
              `-.__.-'                                               

1:M 12 Oct 23:05:11.849 # Server started, Redis version 3.0.3
将端口从Pod转发到本地计算机

通常,出于安全原因,您通常希望能够与群集中的应用程序临时通信,而不必将其暴露于公共互联网中。为此,port-forward命令允许您通过kubernetes API服务器将本地计算机上的端口安全地转发到集群中运行的Pod。例如:

$> Kubectl port-forward redis-izl09 6379

打开本地计算机上的端口6379,并将与该端口的通信转发到群集中的Pod或Service。例如,您可以使用“ telnet”命令戳入集群中的Redis服务:

$> telnet localhost 6379   
INCR foo   
:1   
INCR foo 
:2  

在现有容器中执行命令

In addition to being able to attach to 现有 processes inside a container, the “exec” command allows you to spawn new processes inside 现有 containers. This can be useful for debugging, or examining your pods to see what’s going on inside without interrupting a running service. Kubectl exec is different from Kubectl run, because it runs a command inside of an 现有 容器,而不是生成新的容器以执行。

$> Kubectl exec redis-izl09 -- ls /
bin
boot
data
dev
entrypoint.sh
etc
home
添加或删除标签

Sometimes you want to dynamically add or remove labels from a Pod, Service or Replication controller. Maybe you want to add an 现有 Pod to a Service, or you want to remove a Pod from a Service. No matter what you want, you can easily and dynamically add or remove labels using the Kubectl label subcommand:

$> Kubectl label pods redis-izl09 mylabel=awesome 
pod "redis-izl09" labeled

向对象添加注释

就像标签一样,您可以使用kubectl annotate子命令从API对象添加或删除注释。与标签不同,注释可以帮助您描述对象,但不能用于通过标签查询来识别广告连播(有关注释的更多详细信息)。例如,您可以为GUI添加图标注释,以用于显示窗格。

$> Kubectl annotate pods redis-izl09 icon-url=http://goo.gl/XXBTWq 
pod "redis-izl09" annotated

输出自定义格式

Sometimes, you want to customize the fields displayed when Kubectl summarizes an object from your cluster. To do this, you can use the custom-columns-file format. custom-columns-file takes in a template file for rendering the output. Again, JSONPath expressions are used in the template to specify fields in the API object. For example, the following template first shows the number of restarts, and then the name of the object:

$> cat cols.tmpl   
RESTARTS                                   NAME   
.status.containerStatuses[0].restartCount .metadata.name  

If you pass this template to the Kubectl get pods command you get a list of pods with the specified fields displayed.

 $> Kubectl get pods redis-izl09 -o=custom-columns-file --template=cols.tmpl                 RESTARTS           NAME   
 0                  redis-izl09   
 1                  redis-abl42  
轻松管理多个Kubernetes集群

If you’re running multiple Kubernetes clusters, you know it can be tricky to manage all of the credentials for the different clusters. Using the Kubectl config subcommands, switching between different clusters is as easy as:

        $> Kubectl config use-context

不确定哪些群集可用?您可以使用以下方法查看当前配置的集群:

        $> Kubectl config view

哎呀,这会输出很多文本。要将其限制为仅涉及我们感兴趣的事物,我们可以使用JSONPath模板:

        $> Kubectl config view -o jsonpath="{.context[*].name}"

啊,那更好。

结论

这样就可以使用Kubernetes集群和kubectl命令行完成九个令人兴奋的新事情。如果您刚开始使用Kubernetes,请查看 Google容器引擎 或其他方式 Kubernetes入门.

  • Brendan Burns,Google软件工程师