1.背景介绍
在维护多个k8s 集群中我们经常会遇到 类似情况
- 查询k8s service 关联了哪些 deployments ?
- 查询k8s ingress 关联了哪些 servcie ?
- 查询service 和 deployments 哪些在运行着?
话不多说直接上命令 GoGoGo
2.操作命令
1.查询 dev 环境所有svc 关联哪些deployments 对象名称(支持使用多个selector)
kubectl get svc -n dev -o custom-columns="NAME:.metadata.name, Deployments:.spec.selector" | grep -v "NAME"
admin-api-svc map[app:admin-api]
advert-api-svc map[app:advert-api]
advert-srv-svc map[app:advert-srv]
ammut-api-svc map[app:ammut-api]
ammut-assistantgroup-svc map[app:ammut-assistantgroup]
2.查询 dev 环境所有 deployments 关联的标签 selector
kubectl get deployments.apps -n dev -o custom-columns="NAME:.metadata.name, Deployments:.spec.selector" | grep -v "NAME"
bid-srv map[matchLabels:map[app:bid-srv]]
canary-user-api map[matchLabels:map[app:user-api]]
common-api map[matchLabels:map[app:common-api]]
dc-api map[matchLabels:map[app:dc-api]]
dc-srv map[matchLabels:map[app:dc-srv]]
friend-srv map[matchLabels:map[app:friend-srv]]
ingress-nginx-controller map[matchLabels:map[app.kubernetes.io/component:controller app.kubernetes.io/instance:ingress-nginx app.kubernetes.io/name:ingress-nginx]]
3.查询dev 环境所有ingress 关联哪些service
#查询单个ingress 单个backend service
kubectl get ingress -n dev -o custom-columns="NAME:.metadata.name, SERVICE:.spec.rules[0].http.paths[0].backend.serviceName" | grep -v "NAME"
#查询多个ingress 多个backend service 域名方式
kubectl get ingress -n dev -o=jsonpath='{range .items[*]}{.metadata.name}{"\n"}{range .spec.rules[*].http.paths[*]}{.backend.serviceName}{"\n"}{end}{end}'
4.查询ep pod 正常运行pod地址
#这种方式比较low 太麻烦 可观察性不太好
kubectl get ep -n dev -o custom-columns="NAME:.metadata.name, Endpoints:.subsets" | grep -v -E "NAME|\<none\>"
kubectl get ep -n dev-02 -o custom-columns="NAME:.metadata.name, Endpoints:.subsets" | grep -v "NAME"
#还是推荐常用的写法
kubectl get ep -n dev-02 |egrep -v "\<none\>"|grep -v "NAME"
5.查询指定ns deployments 所有服务的limit和request
kubectl get deploy -n default -o=jsonpath='{range .items[*]}{"\n"}{.metadata.name}{"\n"}{range .spec.template.spec.containers[*]}{.name}: Requests={.resources.requests}, Limits={.resources.limits}{"\n"}{end}{end}' | awk 'NF'
6.查询node节点配置(CPU/MEM)
kubectl get nodes -o custom-columns=NODE:.metadata.name,CPU:.status.capacity.cpu,MEM:.status.capacity.memory
7.查询node 节点上都有哪些污点(TAINTS)
kubectl get nodes -o custom-columns=NAME:.metadata.name,TAINTS:.spec.taints
8.查询 ServiceAccount 和rolebindings和clusterrolebindings绑定关系
kubectl get rolebindings,clusterrolebindings --all-namespaces -o custom-columns="NAMESPACE:.metadata.namespace,NAME:.metadata.name,ROLE:.roleRef.name,SERVICE_ACCOUNT:.subjects[0].name" | grep <service-account-name> #sa
9.查询default 下 deployments 所有 镜像列表
kubectl get deployments -o=jsonpath='{range .items[*]}{"\n"}{.metadata.name}{"\t"}{range .spec.template.spec.containers[*]}{.image}{", "}{end}{end}' | tail -n +2
10.查询 deployments 所有replicas
kubectl get deployments -o=jsonpath='{range .items[*]}{"\n"}{.metadata.name}{"\t"}{.spec.replicas}{"\n"}{end}' | tail -n +2
11.查询 deployments 所有 nodeSelector.node_type=="gpu" 服务有哪些
kubectl get deployments.apps -A -o=jsonpath='{range .items[?(@.spec.template.spec.nodeSelector.node_type=="gpu")]}{.metadata.namespace}/{.metadata.name}{"\n"}{end}'
12.查询 每一个node 上运行pod 分布情况(运行了几个pod)
kubectl get pods -n default -o custom-columns="NODE:.spec.nodeName,POD:.metadata.name" --no-headers | awk '{print $1}' | sort | uniq -c |grep gpu
13.通过+token 访问节点获取资源
curl -k --cacert /var/run/secrets/kubernetes.io/serviceaccount/ca.crt --header "Authorization: Bearer $(cat /var/run/secrets/kubernetes.io/serviceaccount/token)" https://kubernetes.default.svc:443/api/v1/nodes/k8s-node1/proxy/metrics/cadvisor
