查看所有 namespace 下的 pods
[root@liqiang.io]# kubectl get pods --all-namespaces -o wide
NAMESPACE NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
cattle-system cattle-cluster-agent-6cd74cc467-jc2kg 1/1 Running 0 14m 10.244.1.4 host-632 <none> <none>
cattle-system cattle-node-agent-x8pb6 1/1 Running 0 22m 192.168.63.2 host-632 <none> <none>
kube-system coredns-5c98db65d4-45dwm 1/1 Running 0 51m 10.244.0.3 host-79 <none> <none>
kube-system coredns-5c98db65d4-qqd9s 1/1 Running 0 51m 10.244.0.2 host-79 <none> <none>
kube-system etcd-host-79 1/1 Running 0 33m 192.168.62.255 host-79 <none> <none>
kube-system kube-apiserver-host-79 1/1 Running 0 33m 192.168.62.255 host-79 <none> <none>
kube-system kube-controller-manager-host-79 1/1 Running 0 33m 192.168.62.255 host-79 <none> <none>
kube-system kube-flannel-ds-amd64-95bbm 1/1 Running 0 32m 192.168.63.2 host-632 <none> <none>
kube-system kube-flannel-ds-amd64-hnjw9 1/1 Running 0 42m 192.168.62.255 host-79 <none> <none>
kube-system kube-proxy-4wgh5 1/1 Running 0 32m 192.168.63.2 host-632 <none> <none>
kube-system kube-proxy-m694k 1/1 Running 0 51m 192.168.62.255 host-79 <none> <none>
kube-system kube-scheduler-host-79 1/1 Running 0 33m 192.168.62.255 host-79 <none> <none>
Master 也能运行 Pods
[root@liqiang.io]# kubectl taint node mymasternode node-role.kubernetes.io/master:NoSchedule-
删除一个节点
First drain the node
[root@liqiang.io]# kubectl drain <node-name>
You might have to ignore daemonsets and local-data in the machine
[root@liqiang.io]# kubectl drain <node-name> --ignore-daemonsets --delete-local-data
添加一个节点
方式一:
To do this in the latest version (tested on 1.10.0) you can issue following command on the masternode:
[root@liqiang.io]# kubeadm token create --print-join-command
It will then print out a new join command (like the one you got after kubeadmn init):
[root@liqiang.io]# kubeadm join 192.168.1.101:6443 --token tokentoken.lalalalaqyd3kavez --discovery-token-ca-cert-hash sha256:complexshaoverhere
方式二
You need to run kubelet and kube-proxy on a new minion indicating api address in params.
[root@liqiang.io]# kubelet --kubeconfig=/root/.kube/config
[root@liqiang.io]# kube-proxy --master=http://<API_SERVER_IP>:8080 --v=2
After this you should see new node in
[root@liqiang.io]# kubectl get no
Unable to connect to the server: x509: certificate is valid for
如果你的 K8S 集群创建的证书没有包含你访问的 IP 或者地址的时候就会报这个错,解决思路有两种,一种就是你根据你签名的接入点进行访问,这个是没有问题的;当然,更多的时候你是拒绝这么做的,所以,你可以通过指定 “允许不安全连接” 的方式进行,但是,你必须知道你在干什么,以及面临着什么风险,操作方式就是在
kubectl
命令中加个参数--insecure-skip-tls-verify
:[root@liqiang.io]# kubectl --insecure-skip-tls-verify get pods
kubectl exec command not found
通过 kubectl exec 执行远程命令的时候,我发生了这样的错误:
[root@liqiang.io]# kubectl exec downward-meta-volume "ls -al /etc/downward"
OCI runtime exec failed: exec failed: container_linux.go starting container process caused "exec: \"ls -al /etc/downward\": stat ls -al /etc/downward: no such file or directory": unknown
command terminated with exit code 126
看上去像是语法错误,于是就看了看 kubectl exec 的 help,发现应该这么写:
[root@liqiang.io]# kubectl exec downward-meta-volume -- ls -al /etc/downward
移除所有的资源(包含 Nodes,但是 nodes 会恢复回来)
[root@liqiang.io]# kubectl delete all --all