Kubectl: Difference between revisions
Jump to navigation
Jump to search
No edit summary |
|||
(7 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
<syntaxhighlight lang="bash"> | |||
brew info kubectl | |||
brew search kubectl | |||
brew install kubectl | |||
</syntaxhighlight> | |||
---- | |||
<syntaxhighlight lang="bash"> | <syntaxhighlight lang="bash"> | ||
curl -fsSL https://pkgs.k8s.io/core:/stable:/v1.30/deb/Release.key\ | curl -fsSL https://pkgs.k8s.io/core:/stable:/v1.30/deb/Release.key\ | ||
| sudo | | sudo tee /etc/apt/keyrings/kubernetes.asc >/dev/null | ||
cat << EOF | sudo tee /etc/apt/sources.list.d/kubernetes.list >/dev/null | cat << EOF | sudo tee /etc/apt/sources.list.d/kubernetes.list >/dev/null | ||
deb [arch=$(dpkg --print-architecture)\ | deb [arch=$(dpkg --print-architecture)\ | ||
signed-by=/etc/apt/keyrings/kubernetes | signed-by=/etc/apt/keyrings/kubernetes.asc]\ | ||
https://pkgs.k8s.io/core:/stable:/v1.30/deb/ / | https://pkgs.k8s.io/core:/stable:/v1.30/deb/ / | ||
EOF | EOF | ||
echo 'apt-get update;echo;apt list -a --upgradable'|sudo bash | |||
echo 'apt-get install -y kubectl'|sudo bash | |||
kubectl version --client --output=json|jq . | |||
</syntaxhighlight> | </syntaxhighlight> | ||
Line 45: | Line 52: | ||
</syntaxhighlight> | </syntaxhighlight> | ||
== | ==Swiss Knife== | ||
<syntaxhighlight lang="bash"> | <syntaxhighlight lang="bash"> | ||
kubectl run -i --tty --rm debug --image=busybox --restart=Never -- sh | kubectl run -i --tty --rm debug --image=busybox --restart=Never -- sh | ||
Line 223: | Line 230: | ||
kubectl get all -n ingress-nginx | kubectl get all -n ingress-nginx | ||
apk add inetutils-telnet | apk add inetutils-telnet | ||
|- | |||
|colspan='3'| | |||
---- | |||
|- | |||
|valign='top'| | |||
<syntaxhighlight lang="bash"> | |||
kubectl config set-context minikube --cluster=minikue | |||
kubectl config set-context minikube | |||
kubectl config get-contexts | |||
kubectl config get-clusters | |||
kubectl config view | |||
</syntaxhighlight> | |||
|valign='top'| | |||
|valign='top'| | |||
|} | |} | ||
Line 253: | Line 277: | ||
| valign="top" | | | valign="top" | | ||
* [https://www.alibabacloud.com/blog/pause-resume-and-scale-kubernetes-deployments_595019 K8s » Pause, Resume and Scale Deployments] | |||
* [https://stackoverflow.com/questions/52369247/ K8s » Namespace "stuck" as Terminating] | |||
* [https://stackoverflow.com/questions/72465216/ K8s » Resources Short Names] | * [https://stackoverflow.com/questions/72465216/ K8s » Resources Short Names] | ||
* [https://min.io/docs/minio/kubernetes/upstream/index.html K8s » MinIO] | * [https://min.io/docs/minio/kubernetes/upstream/index.html K8s » MinIO] | ||
Line 272: | Line 298: | ||
| valign="top" | | | valign="top" | | ||
* [https://kubernetes.io/docs/tasks/extend-kubectl/kubectl-plugins/ <code>kubectl</code> » Extend with plugins] | |||
* [https://security.snyk.io/ Snyk Vulnerability DB] | * [https://security.snyk.io/ Snyk Vulnerability DB] | ||
* [[Linuxbrew]] | |||
* [https://sysdig.com/ Sysdig] | * [https://sysdig.com/ Sysdig] | ||
* [[EKSctl]] | |||
| valign="top" | | | valign="top" | | ||
|} | |} |
Latest revision as of 19:19, 24 November 2024
brew info kubectl
brew search kubectl
brew install kubectl
curl -fsSL https://pkgs.k8s.io/core:/stable:/v1.30/deb/Release.key\
| sudo tee /etc/apt/keyrings/kubernetes.asc >/dev/null
cat << EOF | sudo tee /etc/apt/sources.list.d/kubernetes.list >/dev/null
deb [arch=$(dpkg --print-architecture)\
signed-by=/etc/apt/keyrings/kubernetes.asc]\
https://pkgs.k8s.io/core:/stable:/v1.30/deb/ /
EOF
echo 'apt-get update;echo;apt list -a --upgradable'|sudo bash
echo 'apt-get install -y kubectl'|sudo bash
kubectl version --client --output=json|jq .
Kubeconfig
Kubernetes components like kubelet
, kube-controller-manager
, or kubectl
use the kubeconfig
file to interact with the Kubernetes API. Usually, the kubectl
or oc
commands use the kubeconfig
file.
The kubeconfig
file's default location for kubectl
or oc
is the ~/.kube
directory. Instead of using the full kubeconfig
name, the file is just named config. The default location of the kubeconfig
file is ~/.kube/config
. There are other ways to specify the kubeconfig
location, such as the KUBECONFIG
environment variable or the kubectl --kubeconfig
parameter.
The kubeconfig
file is a YAML file containing groups of clusters, users, and contexts.
- A cluster is a Kubernetes or OpenShift cluster.
- A user is a credential used to interact with the Kubernetes API.
- A context is a combination of a cluster and a user. Every time you execute an
oc
orkubectl
command, you reference a context insidekubeconfig
.
export KUBECONFIG=$HOME/.kube/chorke-academia-kubeconfig.yaml
chmod 600 $HOME/.kube/chorke-academia-kubeconfig.yaml
Kube Export
for n in $(kubectl get -o=name pvc,configmap,serviceaccount,\
secret,ingress,service,deployment,statefulset,hpa,job,cronjob);do
mkdir -p $(dirname $n); kubectl get -o=yaml --export $n > $n.yaml
done
for n in $(kubectl get -o=name pvc,configmap,ingress,service,secret,\
deployment,statefulset,hpa,job,cronjob | grep -v 'secret/default-token');do
kubectl get -o=yaml --export $n > $(dirname $n)_$(basename $n).yaml
done
Swiss Knife
kubectl run -i --tty --rm debug --image=busybox --restart=Never -- sh
kubectl run -i --tty --rm debug --image=alpine --restart=Never -- sh
apk add inetutils-telnet
kubectl config view --minify -o jsonpath='{.clusters[].name}'
kubectl cluster-info
kubectl config view
K8s Lens
# install from snapcraft
sudo snap install kontena-lens --classic
# license version
curl -fsSL https://downloads.k8slens.dev/keys/gpg\
| sudo gpg --dearmor -o /etc/apt/keyrings/k8slens.gpg
cat << EOF | sudo tee /etc/apt/sources.list.d/k8slens.list >/dev/null
deb [arch=$(dpkg --print-architecture)\
signed-by=/etc/apt/keyrings/k8slens.gpg]\
https://downloads.k8slens.dev/apt/debian stable main
EOF
sudo apt install lens
lens-desktop
Shortnames
kubectl api-resources
Kind | Name | Shortnames | Kind | Name | Shortnames | |
---|---|---|---|---|---|---|
Binding | bindings |
LocalSubjectAccessReview | localsubjectaccessreviews |
|||
ComponentStatus | componentstatuses |
cs |
SelfSubjectAccessReview | selfsubjectaccessreviews |
||
ConfigMap | configmaps |
cm |
SelfSubjectRulesReview | selfsubjectrulesreviews |
||
Endpoints | endpoints |
ep |
SubjectAccessReview | subjectaccessreviews |
||
Event | events |
ev |
HorizontalPodAutoscaler | horizontalpodautoscalers |
hpa
| |
LimitRange | limitranges |
limits |
CronJob | cronjobs |
cj
| |
Namespace | namespaces |
ns |
Job | jobs |
||
Node | nodes |
no |
CertificateSigningRequest | certificatesigningrequests |
csr
| |
PersistentVolumeClaim | persistentvolumeclaims |
pvc |
Lease | leases |
||
PersistentVolume | persistentvolumes |
pv |
EndpointSlice | endpointslices |
||
Pod | pods |
po |
Event | events |
ev
| |
PodTemplate | podtemplates |
FlowSchema | flowschemas |
|||
ReplicationController | replicationcontrollers |
rc |
PriorityLevelConfiguration | prioritylevelconfigurations |
||
ResourceQuota | resourcequotas |
quota |
NodeMetrics | nodes |
||
Secret | secrets |
PodMetrics | pods |
|||
ServiceAccount | serviceaccounts |
sa |
IngressClass | ingressclasses |
||
Service | services |
svc |
Ingress | ingresses |
ing
| |
MutatingWebhookConfiguration | mutatingwebhookconfigurations |
NetworkPolicy | networkpolicies |
netpol
| ||
ValidatingAdmissionPolicy | validatingadmissionpolicies |
RuntimeClass | runtimeclasses |
|||
ValidatingAdmissionPolicyBinding | validatingadmissionpolicybindings |
PodDisruptionBudget | poddisruptionbudgets |
pdb
| ||
ValidatingWebhookConfiguration | validatingwebhookconfigurations |
ClusterRoleBinding | clusterrolebindings |
|||
CustomResourceDefinition | customresourcedefinitions |
crd,crds |
ClusterRole | clusterroles |
||
APIService | apiservices |
RoleBinding | rolebindings |
|||
ControllerRevision | controllerrevisions |
Role | roles |
|||
DaemonSet | daemonsets |
ds |
PriorityClass | priorityclasses |
pc
| |
Deployment | deployments |
deploy |
CSIDriver | csidrivers |
||
ReplicaSet | replicasets |
rs |
CSINode | csinodes |
||
StatefulSet | statefulsets |
sts |
CSIStorageCapacity | csistoragecapacities |
||
SelfSubjectReview | selfsubjectreviews |
StorageClass | storageclasses |
sc
| ||
TokenReview | tokenreviews |
VolumeAttachment | volumeattachments |
Knowledge
kubectl get deployment -A kubectl get configmap -A kubectl get service -A kubectl get secret -A kubectl get event -A kubectl get pod -A |
kubectl config --kubeconfig=./demo-config view --minify kubectl config view --minify kubectl config view kubectl get -n=argocd -o=yaml secret argocd-initial-admin-secret echo RE83Uk81QTU5clZyLTlsdg== | base64 --decode |
kubectl get pod academia-<hash> -n chorke -o yaml kubectl describe pod academia-<hash> -n chorke kubectl logs pod academia-<hash> -n chorke -p kubectl delete pod academia-<hash> -n chorke kubectl edit pod academia-<hash> -n chorke kubectl get pod academia-<hash> -n chorke |
| ||
kubectl get -n=argocd configmap kubectl get -n=argocd deployment kubectl get -n=argocd service kubectl get -n=argocd secret kubectl get -n=argocd event kubectl get -n=argocd pod |
kubectl edit -n=argocd configmap argocd-rbac-cm kubectl edit -n=argocd configmap argocd-cm kubectl edit -n=argocd deployment argocd-redis kubectl edit -n=argocd service argocd-redis kubectl edit -n=argocd secret argocd-secret kubectl edit -n=argocd pod argocd-app-ctrl-0 |
kubectl get -n=argocd -o=yaml configmap argocd-rbac-cm kubectl get -n=argocd -o=yaml configmap argocd-cm kubectl get -n=argocd -o=yaml deployment argocd-redis kubectl get -n=argocd -o=yaml service argocd-redis kubectl get -n=argocd -o=yaml secret argocd-secret kubectl get -n=argocd -o=yaml pod argocd-app-ctrl-0 |
| ||
sudo ss -tulwn | grep LISTEN sudo ss -tulpn | grep LISTEN sudo ss -tulpn | grep LISTEN | grep sshd sudo ss -tulpn | grep LISTEN | grep minio sudo ss -tulpn | grep LISTEN | grep resolve |
sudo lsof -i -P -n | grep LISTEN kubectl describe service academia -n academia kubectl describe service academia-auth -n academia nslookup <service-name>.<namespace>.svc.<cluster-domain> |
nslookup <service-name>.<namespace>.svc.cluster.local nslookup academia-auth.academia.svc.cluster.local kubectl get all -n ingress-nginx apk add inetutils-telnet |
| ||
kubectl config set-context minikube --cluster=minikue
kubectl config set-context minikube
kubectl config get-contexts
kubectl config get-clusters
kubectl config view
|
References
| ||