Pod
| 현재 네임스페이스의 pods 리스트 | kubectl get pods |
| 모든 네임스페이드 대상 pods 리스트 | kubectl get pods --all-namespaces |
| 현재 네임스페이스와 상세 정보 | kubectl get pods -o wide |
| kube-system 네임스페이스 pods | kubectl get -n kube-system pods -a |
| my-pod 대상 yaml 출력 | kubectl get pod my-pod -o yaml |
| pod 상세 정보 | kubectl describe pod/<pod name> ex) kubectl describe pod/weave-net-2hn7s -n kube-system |
| List all pods with labels | kubectl get pods --show-labels |
| List running pods | kubectl get pods --field-selector=status.phase=Running --all-namespaces |
| Watch pods | kubectl get pods -n <namespace> --watch |
| List pods and containers | kubectl get pods --all-namespaces -o='custom-columns=PODS:.metadata.name,CONTAINERS:.spec.containers[*].name' |
| List pods, containers and images | kubectl get pods --all-namespaces -o='custom-columns=PODS:.metadata.name,CONTAINERS:.spec.containers[*].name,Images:.spec.containers[*].image' |
| Scale out Deployment | kubectl scale --replicas=3 ds <name> |
| 특정 namespace pods상세 보기 |
kubectl describe pods -n audacity
|
Resources Deletion
| Delete pod | kubectl delete pod/<pod-name> -n <my-namespace> |
| yaml 파일로 만들어진 pod, deployment, service 등 삭제 | kubectl delete -f <nameofyaml>.yaml |
| yaml 파일로 만들어진 pod, deployment, service 등 생성 | kubectl apply -f <nameofyam>.yaml |
| Delete pod by force | kubectl delete pod/<pod-name> --grace-period=0 --force |
| Delete pods by labels | kubectl delete pod -l <key>=<label> |
| Delete deployments by labels | kubectl delete deployment -l <key>=<label> |
| Delete all resources filtered by labels | kubectl delete pods,services -l <key>=<label> |
| Delete resources under a namespace | kubectl -n <namespace> delete po,svc --all |
| eks cluster 삭제 | eksctl delete cluster --name <<클러스터 명>> 예) eksctl delete cluster --name eksctl-demo |
Service
| List all services | kubectl get services --all-namespaces |
| List service endpoints | kubectl get endpoints --all-namespaces |
| Get service detail in YAML | kubectl get service <servicename> -n <namespace> -o yaml |
| Get service cluster ip | kubectl get service <servicename> -n <namespace> -o go-template='{{.spec.clusterIP}}' |
| Get service cluster port | kubectl get service <servicename> -n <namespace> -o go-template='{{(index .spec.ports 0).port}} |
| 특정 deployment를 clusterip로 expose하기 | kubectl expose deployment <<deployment name>> -n <<namespace>> kubectl expose deployment canary-v1 -n udacity |
| 특정 service를 yaml로 확인하기 | kubectl get service <<service name>> -n <<namespace>> -o yaml kubectl get service canary-v1 -n udacity -o yaml |
Events & Metrics
| View all events | kubectl get events --all-namespaces |
| List Events sorted by timestamp | kubectl get events --sort-by=.metadata.creationTimestamp |
Namespace & Security
| List authenticated contexts | kubectl config get-contexts |
| Load context from config file | kubectl get cs --kubeconfig <kubeconfig file>.yml |
| 기본 config 파일 수정 | export KUBECONFIG="<<config 파일 위치>>" ex) export KUBECONFIG="C:\\Users\\home\\.kube\config" kubectl config view |
| Switch context | kubectl config use-context <cluster-name> |
| Delete the specified context | kubectl config delete-context <cluster-name> |
| List all namespaces defined | kubectl get namespaces |
| namespace 생성 | kubectl create namespace <<namespace_name>> 예)kubectl create namespace monitoring |
| 기본 namespace 변경하기 | kubectl config set-context --current --namespace=<<namespace>> kubectl config set-context --current --namespace=udacity |
| List certificates | kubectl get csr --all-namespaces |
| aws IAM User 변경 | kubectl edit configmap aws-auth -n kube-system |
| cofigmap 조회 | kubectl get configmap -n udacity |
| configmap 상세 조회 | kubectl describe configmap/canary-config-v1 -n udacity |
Intermediate Commands
| Run curl test temporarily | kubectl run --rm mytest --image=yauritux/busybox-curl -it |
| Run wget test temporarily | kubectl run --rm mytest --image=busybox -it |
| Run nginx deployment with 2 replicas | kubectl run my-nginx --image=nginx --replicas=2 --port=80 |
| Set namespace preference | kubectl config set-context $(kubectl config current-context) --namespace=<ns1> |
| List everything | kubectl get all --all-namespaces |
| Get all services | kubectl get service --all-namespaces |
| Show nodes with labels | kubectl get nodes --show-labels |
| Validate YAML file with dry run | kubectl create --dry-run --validate -f <YAML File> |
| kubectl run shell command | kubectl exec -it <podname> -- ls -l /etc/hosts |
| Get system conf via configmap | kubectl -n kube-system get cm kubeadm-config -o yaml |
| Get deployment YAML | kubectl -n <namespace> get deployment <deploymentname> -o yaml |
| Explain resource | kubectl explain <resource> |
| Open a bash terminal in a pod | kubectl exec -it <pod> -n <namespace> sh kubectl exec --stdin --tty hello-8445fd55cb-s9bps -- /bin/sh |
| Check pod environment variables | kubectl exec <pod> -n <namespace> env |
| Get pods sorted by restart count | kubectl get pods --sort-by='.status.containerStatuses[0].restartCount' --all-namespaces |
| List all container images | kubectl get pods –all-namespaces -o jsonpath=“{..image}” | tr -s ‘[[:space:]]’ ‘\n’ | sort | uniq -d |
Registry Commands
| 업로드할 registry image tag | docker image tag <image name>:<image version> <registry url>:<registry port>/<name>/<image name>:<image version> ex)docker image tag image-name:10.1.1 mysite.registry.com:4000/myname/image-name:10.1.1 |
| registry에 image push | docker image push mysite.registry.com:4000/myname/image-name:10.1.1 |
| diable https registry | //docker { "insecure-registries" : ["myregistrydomain.com:5000"] } //podman v2 [[registry]] location = "myregistrydomain.com:5000" insecure = true snap : /var/snap/docker/current/config/deamon.json podman: /etc/containers/registries.conf default: /etc/docker/deamon.json |
| download the custom registry image | docker pull myregistrydomain.com:5000/myname/image-name:10.1.1 podman pull myregistrydomain.com:5000/myname/image-name:10.1.1 |
Logs Commands
| 특정 pod logs 확인 |
kubectl logs pod/ops-view-655b7b5cc8-6kh7l -n udacity
|
user management Commands
| 특정 namespace serviceaccount 가져오기 |
kubectl get serviceaccount -n udacity
|
| service account 상세 보기 |
kubectl describe serviceaccount kube-ops-view -n udacity
|
| service account 만들기 | kubectl describe serviceaccount <<account name>> -n <<namespace>> kubectl describe serviceaccount ops-view -n udacity |
| clusterrolebinding 만들기 (role과 service account 연결) https://kubernetes.io/docs/reference/access-authn-authz/rbac/#user-facing-roles |
kubectl create clusterrolebinding <<binding name>> --clusterrole=<<target role>> --serviceaccount <<target service account>> -n <<name space> kubectl create clusterrolebinding ops-view-binding --clusterrole=cluster-admin --serviceaccount udacity:ops-view -n udacity |
| clusterrolebinding 상세 보기 | kubectl describe clusterrolebinding <<binding name>> kubectl describe clusterrolebinding ops-view-binding |
| role binding된 service account를 특정 pod에 붙이기 위해서는 yml spec이하에 serviceAccountName을 기입하고 재 apply 해야함 |
apiVersion: apps/v1
kind: Deployment
metadata:
name: ops-view
namespace: udacity
spec:
replicas: 1
selector:
matchLabels:
app: ops-view
template:
metadata:
labels:
app: ops-view
spec:
serviceAccountName: ops-view
containers:
- name: ops-view
image: hjacobs/kube-ops-view
ports:
- containerPort: 8080
restartPolicy: Always
|
Deployment
| 특정 namespace deployment 가져오기 |
kubectl describe deployment/nginx-basic -n udacity
|
| 특정 deployment pods 삭제하기 |
kubectl delete deployment/nginx-basic -n udacity
|
| 특정 deployment의 docker version update하기 | kubectl set image deployment <<deployment name>> <<container name>>=<<image:version>> --record -n <<namespace>> kubectl set image deployment nginx-rolling nginx=nginx:1.21.1 --record -n udacity |
| rollout 상태 확인하기 | kubectl rollout status deployment/<<name>> -n <<namespace>> kubectl rollout status deployment/nginx-rolling -n udacity |
| rollout 일시정지 시키기 | kubectl rollout pause deployment/<<name>> -n <<namespace>> kubectl rollout pause deployment/nginx-rolling -n udacity |
| rollout 재실행 | kubectl rollout resume deployment/nginx-rolling -n udacity |
| rollout 취소 | kubectl rollout undo deployment/nginx-rolling -n udacity |
| rollout 기록 보기 | kubectl rollout history deployment/nginx-rolling -n udacity |
Secrets
| Secrets list 갖어오기 |
kubectl get secrets -A
|
| Secrets 삭제하기 | kubectl delete secrets <<name>> -n <<name space>> 예)kubectl delete secrets additional-scrape-configs -n monitoring |
| secret 추가하기 | kubectl create secret generic <<name>> --from-file=<<file명>> --namespace <<name space>> 예) kubectl create secret generic additional-scrape-configs --from-file=prometheus-additional.yaml --namespace monitoring |
Helm 명령어
| helm의 모든 리스트 |
helm list -A
|
| helm package 삭제 | helm uninstall prometheus-blackbox-exporter -n monitoring |
| helm package install | helm install <<name>> <<package-name>> -f "<<config file>>" --namespace <<name space>> 예) helm install prometheus-blackbox-exporter prometheus-community/prometheus-blackbox-exporter -f "blackbox_values.yaml" --namespace monitoring |
eks 명령어
| aws에 eks cluster 정보를 local kubernetes에 업데이트 한다 | aws eks update-kubeconfig --region <<region명>> --name <<cluster명>> 예)aws eks update-kubeconfig --region us-east-2 --name udacity-cluster |
728x90
반응형
'AWS' 카테고리의 다른 글
| kubectl 1.24 error: exec plugin: invalid apiVersion "client.authentication.k8s.io/v1alpha1" (0) | 2022.06.11 |
|---|---|
| EKS prometheus and grafana 설치하기 (0) | 2022.02.07 |
| AWS CLI 명령어 모음 (계속) (0) | 2022.02.06 |
| windows aws cli update (0) | 2022.01.14 |
| Kubernetes Docker alpine cpu memory process monitoring (0) | 2022.01.13 |