《Kubernetes v1.30 集群搭建完全指南:从初始化到节点管理》
·
Kubernetes 安装
创建集群
下载镜像
在master节点初始化集群过程中,需要下载镜像,这里我们提前下载。
[root@master30 ~ 19:17:42]# kubeadm config images pull --kubernetes-version=v1.30.2
[config/images] Pulled registry.k8s.io/kube-apiserver:v1.30.2
[config/images] Pulled registry.k8s.io/kube-controller-manager:v1.30.2
[config/images] Pulled registry.k8s.io/kube-scheduler:v1.30.2
[config/images] Pulled registry.k8s.io/kube-proxy:v1.30.2
[config/images] Pulled registry.k8s.io/coredns/coredns:v1.11.1
[config/images] Pulled registry.k8s.io/pause:3.9
[config/images] Pulled registry.k8s.io/etcd:3.5.12-0
备选方案-使用阿里云仓库镜像:
[root@master30 ~ 19:17:55]# kubeadm config images pull --kubernetes-version=v1.30.2 --image-repository registry.aliyuncs.com/google_containers
[config/images] Pulled registry.k8s.io/kube-apiserver:v1.30.2
[config/images] Pulled registry.k8s.io/kube-controller-manager:v1.30.2
[config/images] Pulled registry.k8s.io/kube-scheduler:v1.30.2
[config/images] Pulled registry.k8s.io/kube-proxy:v1.30.2
[config/images] Pulled registry.k8s.io/coredns/coredns:v1.11.1
[config/images] Pulled registry.k8s.io/pause:3.9
[config/images] Pulled registry.k8s.io/etcd:3.5.12-0
worker 节点需要kube-proxy和pause镜像:
[root@worker31 ~ 19:17:38]# nerdctl pull registry.k8s.io/kube-proxy:v1.30.2
[root@worker31 ~ 19:18:33]# nerdctl pull registry.k8s.io/pause:3.9
[root@worker32 ~ 19:17:34]# nerdctl pull registry.k8s.io/kube-proxy:v1.30.2
[root@worker32 ~ 19:19:17]# nerdctl pull registry.k8s.io/pause:3.9
初始化集群
[root@master30 ~ 19:18:15]# kubeadm init --kubernetes-version=v1.30.2 --pod-network-cidr=10.224.0.0/16
备选方案-使用阿里云仓库镜像初始化集群:
[root@master30 ~ 19:22:01]# kubeadm init --kubernetes-version=v1.30.2 --pod-network-cidr=10.224.0.0/16 --image-repository registry.aliyuncs.com/google_containers
初始化过程如下:
[init] Using Kubernetes version: v1.30.2
[preflight] Running pre-flight checks
[preflight] Pulling images required for setting up a Kubernetes cluster
[preflight] This might take a minute or two, depending on the speed of your internet connection
[preflight] You can also perform this action in beforehand using 'kubeadm config images pull'
[certs] Using certificateDir folder "/etc/kubernetes/pki"
[certs] Generating "ca" certificate and key
[certs] Generating "apiserver" certificate and key
[certs] apiserver serving cert is signed for DNS names [kubernetes kubernetes.default kubernetes.default.svc kubernetes.default.svc.cluster.local master30.laoma.cloud] and IPs [10.96.0.1 10.1.8.30]
[certs] Generating "apiserver-kubelet-client" certificate and key
[certs] Generating "front-proxy-ca" certificate and key
[certs] Generating "front-proxy-client" certificate and key
[certs] Generating "etcd/ca" certificate and key
[certs] Generating "etcd/server" certificate and key
[certs] etcd/server serving cert is signed for DNS names [localhost master30.laoma.cloud] and IPs [10.1.8.30 127.0.0.1 ::1]
[certs] Generating "etcd/peer" certificate and key
[certs] etcd/peer serving cert is signed for DNS names [localhost master30.laoma.cloud] and IPs [10.1.8.30 127.0.0.1 ::1]
[certs] Generating "etcd/healthcheck-client" certificate and key
[certs] Generating "apiserver-etcd-client" certificate and key
[certs] Generating "sa" key and public key
[kubeconfig] Using kubeconfig folder "/etc/kubernetes"
[kubeconfig] Writing "admin.conf" kubeconfig file
[kubeconfig] Writing "super-admin.conf" kubeconfig file
[kubeconfig] Writing "kubelet.conf" kubeconfig file
[kubeconfig] Writing "controller-manager.conf" kubeconfig file
[kubeconfig] Writing "scheduler.conf" kubeconfig file
[etcd] Creating static Pod manifest for local etcd in "/etc/kubernetes/manifests"
[control-plane] Using manifest folder "/etc/kubernetes/manifests"
[control-plane] Creating static Pod manifest for "kube-apiserver"
[control-plane] Creating static Pod manifest for "kube-controller-manager"
[control-plane] Creating static Pod manifest for "kube-scheduler"
[kubelet-start] Writing kubelet environment file with flags to file "/var/lib/kubelet/kubeadm-flags.env"
[kubelet-start] Writing kubelet configuration to file "/var/lib/kubelet/config.yaml"
[kubelet-start] Starting the kubelet
[wait-control-plane] Waiting for the kubelet to boot up the control plane as static Pods from directory "/etc/kubernetes/manifests"
[kubelet-check] Waiting for a healthy kubelet. This can take up to 4m0s
[kubelet-check] The kubelet is healthy after 502.398615ms
[api-check] Waiting for a healthy API server. This can take up to 4m0s
[api-check] The API server is healthy after 7.50265248s
[upload-config] Storing the configuration used in ConfigMap "kubeadm-config" in the "kube-system" Namespace
[kubelet] Creating a ConfigMap "kubelet-config" in namespace kube-system with the configuration for the kubelets in the cluster
[upload-certs] Skipping phase. Please see --upload-certs
[mark-control-plane] Marking the node master30.laoma.cloud as control-plane by adding the labels: [node-role.kubernetes.io/control-plane node.kubernetes.io/exclude-from-external-load-balancers]
[mark-control-plane] Marking the node master30.laoma.cloud as control-plane by adding the taints [node-role.kubernetes.io/control-plane:NoSchedule]
[bootstrap-token] Using token: ybenal.6mszwb1nf8nck72g
[bootstrap-token] Configuring bootstrap tokens, cluster-info ConfigMap, RBAC Roles
[bootstrap-token] Configured RBAC rules to allow Node Bootstrap tokens to get nodes
[bootstrap-token] Configured RBAC rules to allow Node Bootstrap tokens to post CSRs in order for nodes to get long term certificate credentials
[bootstrap-token] Configured RBAC rules to allow the csrapprover controller automatically approve CSRs from a Node Bootstrap Token
[bootstrap-token] Configured RBAC rules to allow certificate rotation for all node client certificates in the cluster
[bootstrap-token] Creating the "cluster-info" ConfigMap in the "kube-public" namespace
[kubelet-finalize] Updating "/etc/kubernetes/kubelet.conf" to point to a rotatable kubelet client certificate and key
[addons] Applied essential addon: CoreDNS
[addons] Applied essential addon: kube-proxy
Your Kubernetes control-plane has initialized successfully!
To start using your cluster, you need to run the following as a regular user:
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
Alternatively, if you are the root user, you can run:
export KUBECONFIG=/etc/kubernetes/admin.conf
You should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
https://kubernetes.io/docs/concepts/cluster-administration/addons/
Then you can join any number of worker nodes by running the following on each as root:
kubeadm join 10.1.8.30:6443 --token mi0yt8.1tzza4q64dr8y3pc \
--discovery-token-ca-cert-hash sha256:5606e09618330aee8859abe3ea4cd8734f9b540630048a6e1c3aaf6c54d486fd
选项说明:
--image-repository registry.aliyuncs.com/google_containers,指定镜像下载位置
--kubernetes-version=v1.30.2,指定版本
--pod-network-cidr=10.224.0.0/16,指定Pod网络的范围。 Kubernetes支持多种网络
方案, 而且不同网络方案对–pod-network-cidr有自己的要求。
--apiserver-advertise-address指明用哪个interface与Cluster的其他节点通信。 如果master有多个interface, 建议明确指定, 如果不指定, kubeadm会自动选择有默认网关的interface。
初始化过程说明:
- kubeadm执行初始化前的检查。
- 下载组件的镜像。 这一步可能会花一些时间, 主要取决于网络质量。
- 生成token和证书。
- 生成KubeConfig文件, kubelet需要用这个文件与master通信。
- 安装master组件。
- 安装附加组件kube-proxy和CoreDNS。
- Kubernetes master初始化成功。
- 提示如何配置kubectl。
- 提示如何安装Pod网络。
- 提示如何注册其他节点到Cluster。
配置集群
配置凭据
- kubectl默认使用~/.kube/config文件中凭据信息管理kubernetes。
[root@master30 ~ 19:22:41]# mkdir -p $HOME/.kube
[root@master30 ~ 19:22:43]# cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
- 如果环境变量KUBECONFIG存在,则优先使用境变量KUBECONFIG设置的值。
[root@master30 ~ 19:22:51]# mv .kube/config .
[root@master30 ~ 19:22:59]# export KUBECONFIG=/root/config
[root@master30 ~ 19:23:04]# kubectl get nodes
NAME STATUS ROLES AGE VERSION
master30.laoma.cloud NotReady control-plane,master 5m2s v1.28.2
# 等网络配置完成后,STATUS状态由NotReady变更为Ready
- 还可以通过选项
--kubeconfig=''明确指定凭据文件位置。
[root@master30 ~ 19:23:08]# kubectl get nodes --kubeconfig /root/config
kubernetes对凭据文件名没有要求。
[root@master30 ~ 19:23:14]# mv config kube.conf
[root@master30 ~ 19:23:19]# kubectl get nodes --kubeconfig kube.conf
- 恢复使用默认位置
~/.kube/config
[root@master30 ~ 19:23:23]# unset KUBECONFIG
[root@master30 ~ 19:23:28]# mv kube.conf .kube/config
部署网络
这里采用 calico 网络。
官方地址:http://projectcalico.org 或者 https://www.tigera.io/project-calico/
产品文档:https://projectcalico.docs.tigera.io/about/about-calico
项目地址:https://github.com/projectcalico/calico(提供镜像)
下载 calico 配置
[root@master30 ~ 19:23:34]# wget --no-check-certificate https://raw.githubusercontent.com/projectcalico/calico/v3.30.7/manifests/calico.yaml
修改 pod 网络
# 查看集群 pod 网络范围
[root@master30 ~ 19:23:49]# kubectl get cm -n kube-system kubeadm-config -o yaml|grep podSubnet
podSubnet: 10.224.0.0/16
# 更改 calico.yml,确保 CALICO_IPV4POOL_CIDR 与集群初始化的pod网络一致。
[root@master30 ~ 19:23:55]# sed -i "s|# - name: CALICO_IPV4POOL_CIDR|- name: CALICO_IPV4POOL_CIDR|g" calico.yaml
[root@master30 ~ 19:24:01]# sed -i "s|# value: \"192.*| value: \"10.224.0.0/16\"|g" calico.yaml
下载镜像
[root@master30 ~]# grep image: calico.yaml | uniq
image: docker.io/calico/cni:v3.30.7
image: docker.io/calico/node:v3.30.7
image: docker.io/calico/kube-controllers:v3.30.7
# 所有节点下载以上镜像
[root@all-node ~]# nerdctl pull docker.io/calico/cni:v3.30.7
[root@all-node ~]# nerdctl pull docker.io/calico/node:v3.30.7
[root@all-node ~]# nerdctl pull docker.io/calico/kube-controllers:v3.30.7
部署 calico 网络
[root@master30 ~]# kubectl apply -f calico.yaml
验证部署
[root@master30 ~]# kubectl get pods --all-namespaces
NAMESPACE NAME READY STATUS RESTARTS AGE
kube-system calico-kube-controllers-56fcbf9d6b-v6qsn 1/1 Running 0 28m
kube-system calico-node-vc9v6 1/1 Running 0 28m
kube-system coredns-6d8c4cb4d-9qdxg 1/1 Running 0 43m
kube-system coredns-6d8c4cb4d-wwfmx 1/1 Running 0 43m
kube-system etcd-master30.laoma.cloud 1/1 Running 0 43m
kube-system kube-apiserver-master30.laoma.cloud 1/1 Running 0 43m
kube-system kube-controller-manager-master30.laoma.cloud 1/1 Running 0 43m
kube-system kube-proxy-8b7tn 1/1 Running 0 43m
kube-system kube-scheduler-master30.laoma.cloud 1/1 Running 0 43m
节点加入集群
# 节点 worker31 加入集群
[root@worker31 ~ 19:28:23]#
kubeadm join 10.1.8.30:6443 --token yz9f22.5zj7ycn7288hshgy --discovery-token-ca-cert-hash sha256:5b72d350afd6610d54847025f2686e9981746068653f90a15d31d3d2c7588a1a
--discovery-token-ca-cert-hash sha256:5606e09618330aee8859abe3ea4cd8734f9b540630048a6e1c3aaf6c54d486fd
[preflight] Running pre-flight checks
[WARNING SystemVerification]: missing optional cgroups: blkio
[preflight] Reading configuration from the cluster...
[preflight] FYI: You can look at this config file with 'kubectl -n kube-system get cm kubeadm-config -o yaml'
[kubelet-start] Writing kubelet configuration to file "/var/lib/kubelet/config.yaml"
[kubelet-start] Writing kubelet environment file with flags to file "/var/lib/kubelet/kubeadm-flags.env"
[kubelet-start] Starting the kubelet
[kubelet-start] Waiting for the kubelet to perform the TLS Bootstrap...
This node has joined the cluster:
* Certificate signing request was sent to apiserver and a response was received.
* The Kubelet was informed of the new secure connection details.
Run 'kubectl get nodes' on the control-plane to see this node join the cluster.
# 节点 worker32 加入集群
[root@worker32 ~ 19:29:19]# kubeadm token create --print-join-command
kubeadm join 10.1.8.30:6443 --token yz9f22.5zj7ycn7288hshgy --discovery-token-ca-cert-hash sha256:5b72d350afd6610d54847025f2686e9981746068653f90a15d31d3d2c7588a1a
如果没有保存初始化界面中加入集群命令,可以通过以下命令获取加入集群命令:
[root@master30 ~ 19:29:45]# kubeadm token create --print-join-command
kubeadm join 10.1.8.30:6443 --token 6s76r9.homonlj0wbsweewr --discovery-token-ca-cert-hash sha256:5b72d350afd6610d54847025f2686e9981746068653f90a15d31d3d2c7588a1
验证部署
# 查看集群信息
[root@master30 ~]# kubectl cluster-info
Kubernetes control plane is running at https://10.1.8.30:6443
CoreDNS is running at https://10.1.8.30:6443/api/v1/namespaces/kube-system/services/kube-dns:dns/proxy
To further debug and diagnose cluster problems, use 'kubectl cluster-info dump'.
# 查看版本
[root@master30 ~]# kubectl version
Client Version: v1.30.2
Kustomize Version: v5.0.4-0.20230601165947-6ce0bf390ce3
Server Version: v1.30.2
# 查看节点状态
[root@master30 ~]# kubectl get nodes
NAME STATUS ROLES AGE VERSION
master30.laoma.cloud Ready control-plane 9h v1.30.2
worker31.laoma.cloud Ready <none> 8h v1.30.2
worker32.laoma.cloud Ready <none> 8h v1.30.2
节点的状态为 Ready,必须满足以下条件:
- 网络配置完成
- 节点启动 kubelet 服务
- swap 关闭
- SELinux 关闭
# 查看 pod 状态
[root@master30 ~]# kubectl get pods -A
NAMESPACE NAME READY STATUS RESTARTS AGE
kube-system calico-kube-controllers-7cb4fd5784-jx2xl 1/1 Running 0 11m
kube-system calico-node-4b6s8 1/1 Running 0 11m
kube-system calico-node-bsr7v 1/1 Running 0 11m
kube-system calico-node-v8jdn 1/1 Running 0 11m
kube-system coredns-66f779496c-4j88h 1/1 Running 0 13m
kube-system coredns-66f779496c-fnb8m 1/1 Running 0 13m
kube-system etcd-master30.laoma.cloud 1/1 Running 0 13m
kube-system kube-apiserver-master30.laoma.cloud 1/1 Running 0 13m
kube-system kube-controller-manager-master30.laoma.cloud 1/1 Running 0 13m
kube-system kube-proxy-27vl2 1/1 Running 0 11m
kube-system kube-proxy-npv9h 1/1 Running 0 11m
kube-system kube-proxy-q2qrs 1/1 Running 0 11m
kube-system kube-scheduler-master30.laoma.cloud 1/1 Running 0 13m
Node and Cluster
学习参考:Node
查看节点
# 查看节点清单
[root@master30 ~]# kubectl get nodes
NAME STATUS ROLES AGE VERSION
master30.laoma.cloud Ready control-plane 37h v1.30.2
worker31.laoma.cloud Ready <none> 36h v1.30.2
worker32.laoma.cloud Ready <none> 36h v1.30.2
# 查看特定节点详细信息
[root@master30 ~]# kubectl describe node worker31.laoma.cloud
删除节点
以 worker31 节点为例。
# 设置节点为维护模式
[root@master30 ~]# kubectl drain worker31.laoma.cloud --ignore-daemonsets
node/worker31.laoma.cloud cordoned
Warning: ignoring DaemonSet-managed Pods: kube-system/calico-node-v8jdn, kube-system/kube-proxy-27vl2
evicting pod kube-system/calico-kube-controllers-7cb4fd5784-jx2xl
pod/calico-kube-controllers-7cb4fd5784-jx2xl evicted
node/worker31.laoma.cloud drained
[root@master30 ~]# kubectl get nodes
NAME STATUS ROLES AGE VERSION
master30.laoma.cloud Ready control-plane 41h v1.30.2
worker31.laoma.cloud Ready,SchedulingDisabled <none> 41h v1.30.2
worker32.laoma.cloud Ready <none> 41h v1.30.2
# 删除 worker31 节点
[root@master30 ~]# kubectl delete node worker31.laoma.cloud
node "worker31.laoma.cloud" deleted
[root@master30 ~]# kubectl get nodes
NAME STATUS ROLES AGE VERSION
master30.laoma.cloud Ready control-plane 41h v1.30.2
worker32.laoma.cloud Ready <none> 41h v1.30.2
# 重置删除的 worker31 节点
[root@worker31 ~]# kubeadm reset -f
[preflight] Running pre-flight checks
W1019 07:37:44.242023 7660 removeetcdmember.go:106] [reset] No kubeadm config, using etcd pod spec to get data directory
[reset] Deleted contents of the etcd data directory: /var/lib/etcd
[reset] Stopping the kubelet service
[reset] Unmounting mounted directories in "/var/lib/kubelet"
[reset] Deleting contents of directories: [/etc/kubernetes/manifests /var/lib/kubelet /etc/kubernetes/pki]
[reset] Deleting files: [/etc/kubernetes/admin.conf /etc/kubernetes/kubelet.conf /etc/kubernetes/bootstrap-kubelet.conf /etc/kubernetes/controller-manager.conf /etc/kubernetes/scheduler.conf]
The reset process does not clean CNI configuration. To do so, you must remove /etc/cni/net.d
The reset process does not reset or clean up iptables rules or IPVS tables.
If you wish to reset iptables, you must do so manually by using the "iptables" command.
If your cluster was setup to utilize IPVS, run ipvsadm --clear (or similar)
to reset your system's IPVS tables.
The reset process does not clean your kubeconfig files and you must remove them manually.
Please, check the contents of the $HOME/.kube/config file.
删除集群
删除集群流程:
- 删除所有 node
- 删除所有 master
具体步骤:
- 删除所有node节点
[root@master30 ~]# kubectl drain worker31.laoma.cloud --ignore-daemonsets --force
[root@master30 ~]# kubectl drain worker32.laoma.cloud --ignore-daemonsets --force
[root@master30 ~]# kubectl delete node worker31.laoma.cloud worker32.laoma.cloud
# 重置节点,注意执行位置
[root@worker31 ~]# kubeadm reset -f
[root@worker32 ~]# kubeadm reset -f
- 删除master节点
# 删除集群前获取集群配置
[root@master30 ~]# kubectl get cm kubeadm-config -n kube-system -o yaml > kubeadm.yml
# 修改kubeadm.yml内容如下:
[root@master30 ~]# vim kubeadm.yml
# 删除1-3和22-28行,效果如下
apiServer:
timeoutForControlPlane: 4m0s
apiVersion: kubeadm.k8s.io/v1beta3
certificatesDir: /etc/kubernetes/pki
clusterName: kubernetes
controllerManager: {}
dns: {}
etcd:
local:
dataDir: /var/lib/etcd
imageRepository: registry.k8s.io
kind: ClusterConfiguration
kubernetesVersion: v1.30.2
networking:
dnsDomain: cluster.local
podSubnet: 10.224.0.0/16
serviceSubnet: 10.96.0.0/12
scheduler: {}
[root@master30 ~]# kubectl delete node master30.laoma.cloud
[root@master30 ~]# kubeadm reset -f
[root@master30 ~]# rm -fr .kube/
重建集群
# 初始化集群
[root@master30 ~]# kubeadm init --config kubeadm.yml
# 也可以使用之前的命令
[root@master30 ~]# kubeadm init --kubernetes-version=v1.30.2 --pod-network-cidr=10.224.0.0/16
# 配置凭据
[root@master30 ~]# mkdir -p $HOME/.kube
[root@master30 ~]# sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
[root@master30 ~]# sudo chown $(id -u):$(id -g) $HOME/.kube/config
# 配置网络
[root@master30 ~]# kubectl apply -f calico.yaml
# 加入集群
[root@worker31 ~]# kubeadm join 10.1.8.30:6443 --token ky95b9.sjg0fn21pdi1m0xz --discovery-token-ca-cert-hash sha256xxxxxxx
[root@worker32 ~]# kubeadm join 10.1.8.30:6443 --token ky95b9.sjg0fn21pdi1m0xz --discovery-token-ca-cert-hash sha256xxxxxxx
Namespace and Contexts
学习参考:Namespace
Namespace 介绍
**问题:**多个用户使用同一个Kubernetes Cluster, 如何将他们创建的资源隔离开呢?
答案:Namespace,简写ns,也称之为 project,代表资源集合,用于分组集群资源。Kubernetes 使用 Namespace 可以将一个物理的 Cluster 逻辑上划分成多个资源集合, 每个集合就是一个Namespace。 不同Namespace 里的资源是完全隔离的。
Kubernetes 默认创建以下Namespace:
- default: 创建资源时如果不指定Namespace, 将被放到这个Namespace中。
- kube-system: Kubernetes 自己创建的系统资源将放到这个Namespace中。
- kube-public:该命名空间中所有对象可以被所有用户(包括未验证身份的用户)读取。
- kube-node-lease:该命名空间含有与每个节点关联的Lease对象。节点租用允许kubelet发送heartbeat(心跳),以便控制平面能检测节点故障。
思考:所有对象都属于 Namespace 吗?
**答:**大多数Kubernetes资源(例如 pod、services、pvc等)都属于某个Namespace,但 Namespace 资源本身并不在 Namespace 中,更低级别资源(如Node和persistentVolumes)也不在任何Namespace中。
Namespace 管理
# 查看Namespace清单
[root@master30 ~]# kubectl get ns
NAME STATUS AGE
default Active 7d4h
kube-node-lease Active 7d4h
kube-public Active 7d4h
kube-system Active 7d4h
# 获取Namespace资源yaml格式定义文件
[root@master30 ~]# kubectl get ns default -o yaml
# 创建Namespace
[root@master30 ~]# kubectl create ns laoma
# 注意:命名空间名称满足正则表达式[a-z0-9]([-a-z0-9]*[a-z0-9])?,最大长度为63位
# 直接编辑Namespace
[root@master30 ~]# kubectl edit ns laoma
# 查看Namespace详细信息
[root@master30 ~]# kubectl describe ns laoma
Name: laoma
Labels: <none>
Annotations: <none>
Status: Active
No resource quota.
No LimitRange resource.
# 删除Namespace
[root@master30 ~]# kubectl delete ns laoma
namespace "laoma" deleted
# 注意:
# 删除一个namespace会自动删除该namespace中所有资源。
# default和kube-system命名空间不可删除。
Namespace 还可以通过 yaml 文件创建。
# ns-laoma.yaml
apiVersion: v1
kind: Namespace
metadata:
name: laoma
[root@master30 ~]# kubectl apply -f ns-laoma.yaml
namespace/laoma created
操作特定ns中对象,需要使用选项-n指定ns,例如:
[root@master30 ~]# kubectl run web --image=nginx -n laoma
pod/web created
[root@master30 ~]# kubectl get pod -n laoma -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
web 1/1 Running 0 39s 10.224.113.129 worker32.laoma.cloud <none> <none>
[root@master30 ~]# curl -s 10.224.113.129 | grep nginx
<title>Welcome to nginx!</title>
<h1>Welcome to nginx!</h1>
<p>If you see this page, nginx is successfully installed and working.
<a href="https://nginx.org/">nginx.org</a>.<br/>
<a href="https://community.nginx.org/">community.nginx.org</a>.<br/>
<a href="https://f5.com/nginx">f5.com/nginx</a>.</p>
<p><em>Thank you for using nginx.</em></p>
Namespace 切换
kubectl
查看当前所在ns
[root@master30 ~]# kubectl config get-contexts
CURRENT NAME CLUSTER AUTHINFO NAMESPACE
* kubernetes-admin@kubernetes kubernetes kubernetes-admin
此时NAMESPACE列对应的属性为空,不属于任何NAMESPACE。
设置默认ns
[root@master30 ~]# kubectl config set-context --current --namespace=laoma
Context "kubernetes-admin@kubernetes" modified.
[root@master30 ~]# kubectl config get-contexts
CURRENT NAME CLUSTER AUTHINFO NAMESPACE
* kubernetes-admin@kubernetes kubernetes kubernetes-admin laoma
此时,NAMESPACE 列对应的属性为 laoma。
kubens
kubens 安装
[root@master30 ~]# wget https://codeload.github.com/ahmetb/kubectx/zip/refs/heads/master -O kubectx.zip
[root@master30 ~]# unzip kubectx.zip
[root@master30 ~]# ls kubectx-master/
CONTRIBUTING.md README.md completion go.sum internal kubens
LICENSE cmd go.mod img kubectx test
[root@master30 ~]# cp kubectx-master/kubens /usr/local/bin/
[root@master30 ~]# chmod +x /usr/local/bin/kubens
# 配置补全
[root@master30 ~]# cp kubectx-master/completion/kubens.bash /etc/bash_completion.d/
[root@master30 ~]# source /etc/bash_completion.d/kubens.bash
kubens 命令使用
[root@master30 ~]# kubens -h
USAGE:
kubens : list the namespaces in the current context
kubens <NAME> : change the active namespace of current context
kubens - : switch to the previous namespace in this context
kubens -c, --current : show the current namespace
kubens -h,--help : show this message
[root@master30 ~]# kubens
default
kube-node-lease
kube-public
kube-system
laoma
[root@master30 ~]# kubens kube-system
[root@master30 ~]# kubectl config get-contexts
CURRENT NAME CLUSTER AUTHINFO NAMESPACE
* kubernetes-admin@kubernetes kubernetes kubernetes-admin kube-syste
[root@master30 ~]# kubectl get pods
NAME READY STATUS RESTARTS AGE
calico-kube-controllers-7cb4fd5784-dqv6n 1/1 Running 0 19m
calico-node-5k2bp 1/1 Running 0 18m
calico-node-6vpt6 1/1 Running 0 19m
calico-node-7x82d 1/1 Running 0 19m
coredns-66f779496c-h89xx 1/1 Running 0 19m
coredns-66f779496c-zqqxd 1/1 Running 0 19m
etcd-master30.laoma.cloud 1/1 Running 2 19m
kube-apiserver-master30.laoma.cloud 1/1 Running 2 19m
kube-controller-manager-master30.laoma.cloud 1/1 Running 2 19m
kube-proxy-7l9pr 1/1 Running 0 19m
kube-proxy-9djwp 1/1 Running 0 19m
kube-proxy-n2bk9 1/1 Running 0 18m
kube-scheduler-master30.laoma.cloud 1/1 Running 2 19m
智能硬件社区聚焦AI智能硬件技术生态,汇聚嵌入式AI、物联网硬件开发者,打造交流分享平台,同步全国赛事资讯、开展 OPC 核心人才招募,助力技术落地与开发者成长。
更多推荐
5
0- 0
已为社区贡献2条内容
所有评论(0)