(Kubernetes) kubectl 커맨드 모음 -2

Taint And Tolerance

■ 조회

kubectl get pods --selector [env=dev] : 'dev' labeled POD를 조회
kubectl get pods --selector [env=dev,bu=finance] : 'env=dev' and 'bu=finance' labeled POD를 조회

■ 생성

kubectl taint nodes [node1] [key=value1]:NoSchedule : node1 노드에 테인트을 배치한다. 이는 일치하는 톨러레이션이 없으면 파드를 node1 에 스케줄할 수 없음을 의미한다.
■ 삭제
kubectl taint nodes [node1] [key1=value1]:NoSchedule-
kubectl taint nodes controlplane node-role.kubernetes.io/master:NoSchedule-

 

DaemonSet

kubectl get daemonsets --all-namespaces
kubectl describe daemonsets [kube-flannel-ds-amd64] --namespace=[kube-system]

 

Static-Pod

■ 생성

kubectl run --restart=Never --image=[busybox] [static-busybox] --dry-run=client -o yaml --command -- [sleep 1000] > [/etc/kubernetes/manifests/static-busybox.yaml]

 

Logging

kubectl get events
kubectl logs my-custom-scheduler --namespace=kube-system

 

Monitoring(Metrics API 설치 후)

kubectl top nods

kubectl top pods

 

Rollout

■ 업데이트
kubectl set image deployment/[myapp-deployment \nginx=nginx:1.9.1]
kubectl apply -f [deployment-definition.yaml]
kubectl edit deployment [frontend] : 삭제하거나 재생성없이 Stratgy 및 image 업데이트하기

■ 롤백
kubectl rollout undo deployment/myapp-deployment

■ 조회
kubectl rollout status deployment/myapp-deployment
kubectl rollout history deploymnet/myapp-deployment

 

ConfigMap

kubectl create configmap [app-config] --from-literal=[APP_COLOR]=[blue] --from-literal=[APP_MOD]=[prod]

//파일에서 데이터 불러오기
kubectl create configmap [app-config] --from-file=[app_config.properties]

 

Secret

kubectl create secret generic [db-secret] --from-literal=[DB_Host]=[sql01] --from-literal=[DB_User]=[root] --from-literal=[DB_Password]=[password123]

kubectl create secret generic [secret-name] --from-literal=[key]=[value]

 

CSR

■ 조회

kubectl get csr [akshay]
kubectl describe csr [akshay]

■ 삭제
kubectl delete csr [akshay]

■ 허가/거부
kubectl certificate approve [akshay]
kubectl certificate deny [agent-smith]

 

KubeConfig

■ 조회

kubectl get pods --kubeconfig [config-demo] : 특정 kubeconfig를 환경세팅하여 명령어 호출

kubectl config view --kubeconfig=[my-custom-config] : 현재 혹은 특정 kubeconfig를 보여줌

■ 수정
kubectl config --kubeconfig=[/root/my-kube-config] use-context [research] : 특정 context를 수정하기

kubectl config use-context prod-user@production : 디폴트 context를 수정하기

 

Role / RoleBinding

■ 권한확인

kubectl auth can-i create-deployments
kubectl auth can-i delete nodes

kubectl auth can-i create deployments --as [dev-user]

■ role 및 rolebinding 확인

kubectl get roles
kubectl describe role [kube-proxy] -n [kube-system]
kubectl describe rolebinding [kube-proxy-bind] -n [kube-system]
kubectl get pods --as [dev-user]

 

cluster role bindings

■ 조회
kubectl get clusterrole
kubectl describe clusterrole [storage-admin]
kubectl get clusterrolebinding
kubectl describe clusterrolebinding [storage-admin-binding]
■ 생성
kubectl create clusterrolebinding [michelle-storage-admin] --clusterrole=[storage-admin] --user=[michelle]

 

Image Registry Credential

■ 생성
kubectl create secret docker-registry [regcred] --docker-server=[private-registry.io] --docker-username=[registry-user] --docker-password=[registry-password] --docker-email=[regist-user@org.com]

kubectl create secret docker-registry private-reg-cred --docker-username=dock_user --docker-password=dock_password --docker-server=myprivateregistry.com:5000 --docker-email=dock_user@myprivateregistry.com

 

NetworkPolicy

■ 조회
kubectl get networkpolicy

kubectl describe networkpolicy

 

PersistentVolume&PersistentVolumeClaim

■ 조회

kubectl get pv
kubectl describe pv [mypv]

kubectl get pvc
kubectl describe pvc [claim-log-1]
■ 삭제

kubectl delete pv [mypv]

kubectl delete pvc [claim-log-1]

 

StorageClasses

■ 조회

kubectl get storageclasses
kubectl describe storageclasses [local-storage]

■ 삭제

kubectl delete storageclasses [local-storage]

 

Network

kubectl port-forward [redis-master] [7000:6379]

 

Ingress

■ 조회

kubectl describe ingress [ingress-wear-watch]
kubectl get ingress

■ 수정

kubectl edit ingress --namespace [app-space]