1. 查看所有 namespace 下的 pods

    [root@liqiang.io]# kubectl get pods --all-namespaces -o wide
    NAMESPACE       NAME                                    READY   STATUS    RESTARTS   AGE   IP               NODE       NOMINATED NODE   READINESS GATES
    cattle-system   cattle-cluster-agent-6cd74cc467-jc2kg   1/1     Running   0          14m   10.244.1.4       host-632   <none>           <none>
    cattle-system   cattle-node-agent-x8pb6                 1/1     Running   0          22m   192.168.63.2     host-632   <none>           <none>
    kube-system     coredns-5c98db65d4-45dwm                1/1     Running   0          51m   10.244.0.3       host-79    <none>           <none>
    kube-system     coredns-5c98db65d4-qqd9s                1/1     Running   0          51m   10.244.0.2       host-79    <none>           <none>
    kube-system     etcd-host-79                            1/1     Running   0          33m   192.168.62.255   host-79    <none>           <none>
    kube-system     kube-apiserver-host-79                  1/1     Running   0          33m   192.168.62.255   host-79    <none>           <none>
    kube-system     kube-controller-manager-host-79         1/1     Running   0          33m   192.168.62.255   host-79    <none>           <none>
    kube-system     kube-flannel-ds-amd64-95bbm             1/1     Running   0          32m   192.168.63.2     host-632   <none>           <none>
    kube-system     kube-flannel-ds-amd64-hnjw9             1/1     Running   0          42m   192.168.62.255   host-79    <none>           <none>
    kube-system     kube-proxy-4wgh5                        1/1     Running   0          32m   192.168.63.2     host-632   <none>           <none>
    kube-system     kube-proxy-m694k                        1/1     Running   0          51m   192.168.62.255   host-79    <none>           <none>
    kube-system     kube-scheduler-host-79                  1/1     Running   0          33m   192.168.62.255   host-79    <none>           <none>
    
  2. Master 也能运行 Pods

    [root@liqiang.io]# kubectl taint node mymasternode node-role.kubernetes.io/master:NoSchedule-
    
  3. 删除一个节点

    First drain the node

    [root@liqiang.io]# kubectl drain <node-name>
    

    You might have to ignore daemonsets and local-data in the machine

    [root@liqiang.io]# kubectl drain <node-name> --ignore-daemonsets --delete-local-data
    
  4. 添加一个节点

    1. 方式一:

      To do this in the latest version (tested on 1.10.0) you can issue following command on the masternode:

      [root@liqiang.io]# kubeadm token create --print-join-command
      

      It will then print out a new join command (like the one you got after kubeadmn init):

      [root@liqiang.io]# kubeadm join 192.168.1.101:6443 --token tokentoken.lalalalaqyd3kavez --discovery-token-ca-cert-hash sha256:complexshaoverhere
      
    2. 方式二

      You need to run kubelet and kube-proxy on a new minion indicating api address in params.

      [root@liqiang.io]# kubelet --kubeconfig=/root/.kube/config
      [root@liqiang.io]# kube-proxy --master=http://<API_SERVER_IP>:8080 --v=2
      

      After this you should see new node in

      [root@liqiang.io]# kubectl get no
      
    3. Adding node to existing cluster in Kubernetes

  5. Unable to connect to the server: x509: certificate is valid for

    如果你的 K8S 集群创建的证书没有包含你访问的 IP 或者地址的时候就会报这个错,解决思路有两种,一种就是你根据你签名的接入点进行访问,这个是没有问题的;当然,更多的时候你是拒绝这么做的,所以,你可以通过指定 “允许不安全连接” 的方式进行,但是,你必须知道你在干什么,以及面临着什么风险,操作方式就是在 kubectl 命令中加个参数 --insecure-skip-tls-verify:

    [root@liqiang.io]# kubectl --insecure-skip-tls-verify get pods
    
  6. kubectl exec command not found

    通过 kubectl exec 执行远程命令的时候,我发生了这样的错误:

     [root@liqiang.io]# kubectl exec downward-meta-volume "ls -al /etc/downward"
    OCI runtime exec failed: exec failed: container_linux.go:345: starting container process caused "exec: \"ls -al /etc/downward\": stat ls -al /etc/downward: no such file or directory": unknown
    command terminated with exit code 126
    

    看上去像是语法错误,于是就看了看 kubectl exec 的 help,发现应该这么写:

    [root@liqiang.io]# kubectl exec downward-meta-volume -- ls -al /etc/downward