K8s and Kubectl Notes
memo of K8 and Kubectl stuffs
Pod
kubectl get pods
kubectl get pods --show-labels
kubectl run nginx --image=nginx
k run nginx --image=nginx --labels app=nginx
kubectl describe pod nginx
kubectl delete pod nginx
kubectl delete pod -lapp=nginx
k delete pod nginx --force --grace-period=0
k delete pod nginx --now #similar to --grace-period=1
kubectl run nginx --image=nginx --dry-run=client -o yaml > nginx-pod.yaml
kubectl edit pod nginx
kubectl get pods -o json
k run static-busybox --image=busybox -- sh -c "sleep 1000"
k run busybox --image=busybox --restart=Never -- sh -c "echo sleeping.... && sleep 5"
kubectl run busybox-pod --image=busybox --restart=Never --command -- /bin/sh -c "echo 'sleeping...'; sleep 5"
kubectl replace nginx --force -f nginx.yaml
You cannot edit pod spec other than
- spec.containers[*].image
- spec.initContainers[*].image
- spec.activeDeadlineSeconds
- spec.tolerations
Replicaset
k get rs nginx
kubectl describe rs nginx
k explain rs nginx
k edit rs nginx
k scale rs nginx --replicas 2
k scale --replicas 2 -f manifest.yaml
k delete rs nginx
k delete rs nginx --force --grace-period=0
Deployments
k get deploy
k create deploy nginx --image=nginx --replicas=3
# With Deployments you can easily edit any field/property of the POD template. Since the pod template is a child of the deployment specification, since it deletes the pod and recreats it
Namespace
k get ns
k create ns myns
k get pods -n myns
k run nginx --image=nginx -n myns
k get pods -A
k get pods --all-namespaces
Domain Names
<service-name>.<namespace>.svc.<cluster-endpoint>
Service
k get svc
k get svc --show-labels
k describe svc
k get ep
k run nginx --image=nginx --expose --port 8080
k expose pod nginx-pod --name nginx-service --port 80
k expose deployment webapp --type NodePort --port 30082 --target-port 8080
#port range => (30000 - 32767)
kube-proxy --proxy-mode iptables/ipvs/userspace #default is iptables
kube-api-server --service-cluster-ip-range ## is the option to specify the ip range of the service
iptables -L -t nat | grep <service-name> to list the iptables rules
tail -f /var/log/kube-proxy.log
DNS
before k8s 1.12 DNS was called kube-dns and now the recommended is core-dns
configuration file for core-dns can be found in /etc/coredns/corefile
Service FQDN: <service-name>.<namespace>.svc.<cluster-endpoint>
- eg: web-service.default.svc.cluster.local
By default pod DNS is disabled.
FQDN: <pod-ip>.<namespace>.pod.<cluster-endpoint>
- eg: 10-122-5-1.default.pod.cluster.local
core-dns is accessible using the service with name kube-dns
pod's DNS configurations are automatically set by the Kubernetes using kubelet process. kubelet gets the cluster domain and the DNS IP using its config.
Sample Core File
Corefile: |
.:53 {
errors
health {
lameduck 5s
}
ready
kubernetes cluster.local in-addr.arpa ip6.arpa {
pods insecure
fallthrough in-addr.arpa ip6.arpa
ttl 30
}
prometheus :9153
forward . /etc/resolv.conf {
max_concurrent 1000
}
cache 30
loop
reload
loadbalance
}
## core file
kubectl get cm coredns -n kube-system -o yaml | less
##
Nodes
k get nodes
k get nodes -o jsonpath='{.items[*].status.nodeInfo.osImage}'
k taint node node01 color=blue:NoExecute
k taint node node01 color=blue:NoSchedule
k taint node node01 color=blue:PreferNoSchedule
k taint node controlplane node-role.kubernetes.io/control-plane:NoSchedule-
k label node node01 color=blue
kubectl label node node01 color-
Ip Commands
#see the list of interfaces
ip link
#see ip address
ip addr
ip addr show
## add ip address
ip addr add 192.168.1.5/24 dev eth0
# list the routes
ip route
#ip route add <network-addr> via <gateway-ip>
ip route add 192.168.1.0/24 via 192.168.2.1
#if gateway is directly linked with interface then you can
ip route add 192.168.1.0/24 dev eth0
#verify if the forward is enabled or not. if 0 disabled/if 1 enabled
cat /proc/sys/net/ipv4/ip_forward
#Modify /etc/systcl.conf to forward the request from one interface to others
## modify /etc/nsswitch.conf to update the priority of the dns server
cat /etc/nsswitch.conf
#you can add extra nameservers in resolv.conf by adding
nameserver 8.8.8.8
#you can append domain alias as well by using
search mycompany.com, prod.mycompany.com