一些自用的kubectl命令

重启pod

NAME_SPACE=default
kubectl get pod podname -n=${NAME_SPACE} -o yaml | kubectl replace --force -f  - 

强制删除pod

解决:加参数--force --grace-period=0
grace-period表示过渡存活期,默认30s,在删除POD之前允许POD慢慢终止其上的容器进程,从而优雅退出
0表示立即终止POD

kubectl delete pod <your-pod-name> -n=<name-space> --force --grace-period=0

根据状态过滤批量操作

过滤条件: ImagePullBackOff|CrashLoopBackOff|Evicted|Terminating

NAME_SPACE=default

## 删除所有ImagePullBackOff或CrashLoopBackOff的pod
kubectl get pods -n=${NAME_SPACE} | grep -E 'ImagePullBackOff|CrashLoopBackOff'  | awk '{print $1}' | xargs kubectl delete pod  -n=${NAME_SPACE}

## 重启所有evicted或Terminating的pod
kubectl get pods -n=${NAME_SPACE} | grep -E 'Evicted|Terminating'  | awk '{print $1}' | xargs kubectl get pod  -n=${NAME_SPACE} -o yaml | kubectl replace --force -f  - 

pod-forward


kubectl port-forward --address 0.0.0.0 pod/pod名称 暴露端口:内部端口
kubectl port-forward --address 0.0.0.0 service/service名称 暴露端口:内部端口

kubectl expose

kubectl -n=default delete svc log-np

kubectl -n=default expose pod log-0 --name=log-np --type=NodePort  --overrides \
'{ "apiVersion": "v1","spec":{"ports": [{"port":9200,"protocol":"TCP","targetPort":9200,"nodePort":30792}]}}'

kubectl -n=default expose pod manager-0 --name=manager-np --type=NodePort  --overrides \
'{ "apiVersion": "v1","spec":{"ports": [{"protocol":"TCP","port":5000,"targetPort":5000,"nodePort":30750}]}}'


xargs查看pod日志

NAME_SPACE=bigdata
POD_NAME="kafka-clean"

kubectl -n=${NAME_SPACE} get pods | grep $POD_NAME | awk '{print $1}' | xargs  kubectl -n=${NAME_SPACE} logs

生成kubernetes集群最高权限admin用户的token

参考:https://jimmysong.io/kubernetes-handbook/guide/auth-with-kubeconfig-or-token.html

cat <<EOF >./my-admin-role.yaml
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1beta1
metadata:
  name: my-admin
  annotations:
    rbac.authorization.kubernetes.io/autoupdate: "true"
roleRef:
  kind: ClusterRole
  name: cluster-admin
  apiGroup: rbac.authorization.k8s.io
subjects:
- kind: ServiceAccount
  name: my-admin
  namespace: kube-system
---
apiVersion: v1
kind: ServiceAccount
metadata:
  name: my-admin
  namespace: kube-system
  labels:
    kubernetes.io/cluster-service: "true"
    addonmanager.kubernetes.io/mode: Reconcile

EOF

# 创建
kubectl create -f my-admin-role.yaml
# 获取token的值
kubectl -n kube-system describe secret $(kubectl -n kube-system  get secret | grep 'my-admin-token' | awk '{print $1}')

生成kubernetes集群最高权限admin用户的token(高版本)

参考:https://blog.csdn.net/wuchenlhy/article/details/128578633

cat <<EOF >./my-admin-role.yaml
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: my-admin
  annotations:
    rbac.authorization.kubernetes.io/autoupdate: "true"
roleRef:
  kind: ClusterRole
  name: cluster-admin
  apiGroup: rbac.authorization.k8s.io
subjects:
- kind: ServiceAccount
  name: my-admin
  namespace: kube-system
---
apiVersion: v1
kind: ServiceAccount
metadata:
  name: my-admin
  namespace: kube-system
  labels:
    kubernetes.io/cluster-service: "true"
    addonmanager.kubernetes.io/mode: Reconcile
---
apiVersion: v1
kind: Secret
metadata:
  name: my-admin-secret
  namespace: kube-system
  annotations:
    kubernetes.io/service-account.name: my-admin
type: kubernetes.io/service-account-token

EOF

kubectl create -f my-admin-role.yaml
kubectl -n kube-system describe secret my-admin-secret

启用kubectl proxy

nohup kubectl proxy --address='0.0.0.0' --accept-hosts='^*$'  --reject-paths=' ' --port=18880   &  

获取当前kubeconfig

kubectl config view --minify --raw

根据pv自动创建pvc

创建create_pvc.sh脚本,内容如下,使用类似./create_pvc.sh pv001 default调用即可
也可直接修改参数,执行以下语句

#!/bin/bash

pv_name=$1
namespace=$2

storage=$(kubectl get pv ${pv_name} -o yaml | grep storage: | awk '{print $2}')
storageClassName=$(kubectl get pv ${pv_name} -o yaml | grep storageClassName: | awk '{print $2}')

cat <<EOF | kubectl create -f -
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  namespace: ${namespace}
  name: ${pv_name}
spec:
  accessModes:
    - ReadWriteMany
  resources:  
    requests:
      storage: ${storage}
  storageClassName: ${storageClassName}
  volumeName: ${pv_name}
EOF

Q.E.D.