使用kubectl和kubectx轻松管理多个Kubernetes集群
时间:2020-02-23 14:31:46 来源:igfitidea点击:
Kubectl是一个命令行实用程序,用于控制和管理Kubernetes集群以及运行它们的对象。 Kubectl使我们可以创建,修改和删除各种Kubernetes资源,例如Deployments,Pod,Services,切换上下文,甚至访问容器shell。
首先从安装kubectl开始,然后进行必要的配置,以在使用kubectl从CLI管理Kubernetes集群时提高效率。请注意,在使用本教程之前,我们应该有一个正常的Kubernetes集群。
在Linux和macOS上安装Kubectl
通过安装Kubernetes集群,我们必须已安装kubectl作为基本要求。但这意味着我们需要登录到主节点才能运行kubectl命令。我们可以在本地Linux或者macOS计算机上安装kubectl。
在Linux上安装Kubectl
curl -LO https://storage.googleapis.com/kubernetes-release/release/`curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt`/bin/linux/amd64/kubectl chmod +x ./kubectl sudo mv ./kubectl /usr/local/bin/kubectl
确认我们安装了kubectl。
$kubectl version
Client Version: version.Info{Major:"1", Minor:"16", GitVersion:"v1.16.3", GitCommit:"b3cbbae08ec52a7fc73d334838e18d17e8512749", GitTreeState:"clean", BuildDate:"2019-11-13T11:23:11Z", GoVersion:"go1.12.12", Compiler:"gc", Platform:"linux/amd64"}
Server Version: version.Info{Major:"1", Minor:"16", GitVersion:"v1.16.3-k3s.2", GitCommit:"e7e6a3c4e9a7d80b87793612730d10a863a25980", GitTreeState:"clean", BuildDate:"2019-11-18T18:31:23Z", GoVersion:"go1.13.4", Compiler:"gc", Platform:"linux/amd64"}
在macOS上安装Kubectl
对于macOS,运行以下命令。
curl -LO "https://storage.googleapis.com/kubernetes-release/release/$(curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt)/bin/darwin/amd64/kubectl" chmod +x ./kubectl sudo mv ./kubectl /usr/local/bin/kubectl kubectl version
配置Kubectl
kubectl工具在$HOME/.kube目录中查找名为config的文件,但是可以使用--kubeconfig选项指定一个单独的文件。 kubeconfig文件可组织有关集群,用户,名称空间和身份验证机制的信息。
$ls $HOME/.kube/config /home/jmutai/.kube/config
在此配置中,我们需要设置以下元素:集群要配置对集群的访问,我们需要知道集群的位置并具有访问它的凭据。在集群部分,我们将设置证书授权数据,访问URL以及集群的名称。上下文:上下文元素用于将访问参数分组为一个方便的名称。配置文件中的每个上下文都应具有三个参数:cluster,namespace和user.users:指定用于访问及其凭据。
对于单个群集,配置文件将类似于以下内容。
cat .kube/config
apiVersion: v1
clusters:
- cluster:
certificate-authority-data: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUJWakNCL3FBREFnRUNBZ0VBTUFvR0NDcUdTTTQ5QkFNQ01DTXhJVEFmQmdOVkJBTU1HR3N6Y3kxelpYSjIKWlhJdFkyRkFNVFUzTkRNNE16ZzJOVEFlRncweE9URXhNakl3TURVeE1EVmFGdzB5T1RFeE1Ua3dNRFV4TURWYQpNQ014SVRBZkJnTlZCQU1NR0dzemN5MXpaWEoyWlhJdFkyRkFNVFUzTkRNNE16ZzJOVEJaTUJNR0J5cUdTTTQ5CkFnRUdDQ3FHU000OUF3RUhBMElBQkpsb3NSY1FRTHlsL28yeFltQ0l4eHdsZ1F3ZTdlU1dxQmNaRFQ3Q2xJcXoKNnB4R24yb2w3MHM3N3dpcTNaRnkrSW0vdFhHSW16Y3N6MHFNYUpjUy9rV2pJekFoTUE0R0ExVWREd0VCL3dRRQpBd0lDcERBUEJnTlZIUk1CQWY4RUJUQURBUUgvTUFvR0NDcUdTTTQ5QkFNQ0EwY0FNRVFDSUVJcjZ6NGRMUUw1Ck8wSUN3ejBWUEdhYUs0bEU3bFU3SmJXTWhoRk9vcDh1QWlBKzZhcG9NMFVtZ1IxYkFBeWNaS0VHL3AzQWRhWmEKMWV3TGxmUkxiWkJwa3c9PQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg==
server: https://127.0.0.1:6443
name: default
contexts:
- context:
cluster: default
user: default
name: default
current-context: default
kind: Config
preferences: {}
users:
- name: default
user:
password: 76dd75552cb14f3085445277a2091c6c
username: admin
获取群集URL,CA数据和用户凭据,然后替换为文件。
多个集群的Kubectl配置
以下是四个Kubernetes集群的模板配置文件,即:k8s-dev上下文是k8s-dev,用户是k8s-dev-admin.k8s-staging上下文是k8s-staging,用户是k8s-staging-admin.k8s-qa上下文是k8s-qa,用户是k8s-qa-admin。k8s-prod上下文是k8s-prod,用户是k8s-prod-admin。
每个群集都有一个唯一的名称,关联的上下文和用户。
apiVersion: v1
kind: Config
preferences: {}
clusters:
- cluster:
certificate-authority-data:
server:
name: k8s-dev
- cluster:
certificate-authority-data:
server:
name: k8s-staging
- cluster:
certificate-authority-data:
server:
name: k8s-qa
- cluster:
certificate-authority-data:
server:
name: k8s-prod
contexts:
- context:
cluster: k8s-dev
user: k8s-dev-admin
name: k8s-dev
- context:
cluster: k8s-staging
user: k8s-staging-admin
name: k8s-staging
- context:
cluster: k8s-qa
user: k8s-qa-admin
name: k8s-qa
- context:
cluster: k8s-prod
user: k8s-prod-admin
name: k8s-prod
users:
- name: k8s-dev-admin
user:
password:
username:
- name: k8s-staging-admin
user:
client-certificate-data:
client-key-data:
- name: k8s-qa-admin
user:
client-certificate-data:
client-key-data:
- name: k8s-prod-admin
user:
client-certificate-data:
client-key-data:
修改模板以适合用例,然后将内容粘贴到$HOME/.kube/config中。
使用Kubectl在上下文之间切换
查看当前上下文:
$kubectl config get-contexts
CURRENT NAME CLUSTER AUTHINFO NAMESPACE
* k8s-dev k8s-dev k8s-dev-admin kube-system
k8s-staging k8s-staging k8s-staging-admin kube-system
k8s-qa k8s-qa k8s-qa-admin kube-system
k8s-prod k8s-prod k8s-prod-admin kube-system
要切换到其他上下文,请使用:
$kubectl config use-context k8s-prod Switched to context "k8s-prod". $kubectl config use-context k8s-staging Switched to context "k8s-staging".
测试:
$ kubectl get nodes NAME STATUS ROLES AGE VERSION k3s-master01 Ready master 10d v1.16.3-k3s.2 k3s-worker01 Ready <none> 9d v1.16.3-k3s.2 k3s-worker02 Ready <none> 9d v1.16.3-k3s.2
使用kubectx和kubens轻松进行上下文和命名空间切换
kubectx在集群之间来回切换,而kubens在Kubernetes命名空间之间平稳地切换:
安装kubectx和kubens
wget https://raw.githubusercontent.com/ahmetb/kubectx/master/kubectx wget https://raw.githubusercontent.com/ahmetb/kubectx/master/kubens chmod +x kubectx kubens sudo mv kubens kubectx /usr/local/bin
用法页面:
$kubectx --help
USAGE:
kubectx : list the contexts
kubectx <NAME> : switch to context <NAME>
kubectx - : switch to the previous context
kubectx -c, --current : show the current context name
kubectx <NEW_NAME>=<NAME> : rename context <NAME> to <NEW_NAME>
kubectx <NEW_NAME>=. : rename current-context to <NEW_NAME>
kubectx -d <NAME> [<NAME...>] : delete context <NAME> ('.' for current-context)
(this command won't delete the user/cluster entry
that is used by the context)
$kubens --help
USAGE:
kubens : list the namespaces in the current context
kubens <NAME> : change the active namespace of current context
kubens - : switch to the previous namespace in this context
kubens -c, --current : show the current namespace
kubens -h,--help : show this message
例子:
# Get all contexts $kubectx k8s-dev k8s-staging k8s-qa k8s-prod # Switch to prod context $kubectx k8s-prod # Get all namespaces in k8s-prod context $kubens # Switch to a namespace $kubens <namespacename>
