当Kubernetes集群构建完成时,我们需要先查看集群内的一些信息来了解Kubernetes集群。这些信息包括集群节点,Kubernetes版本,Kubernetes API对象(Kubernetes中的资源类型)及其版本,Kubernetes上下文和配置等信息。
Kubernetes集群搭建的教程传送门:
kubectl get nodes:显示节点名,状态,角色,存活时间和版本。
root@k8s-01:~# kubectl get nodes
NAME STATUS ROLES AGE VERSION
k8s-01 Ready control-plane,master 160m v1.22.1
k8s-02 Ready <none> 150m v1.22.1
k8s-03 Ready <none> 152m v1.22.1
字段解释:
字段 | NAME | STATUS | ROLES | AGE | ERSION |
---|---|---|---|---|---|
中文 | 节点名 | 状态 | 角色 | 存活时间 | 版本 |
说明 | k8s节点名 | 节点状态:Ready或NotReady | 节点在集群中扮演的角色 | 从节点创建后至现在的时间统计 | Kubernetes版本(即kubelet版本) |
示例:
k8s-01节点的状态是Ready,表明节点kubelet服务正常运行,角色是控制面,master,已经创建了160分钟,kubelet版本是1.22.1。
kubectl cluster-info:显示主控节点和服务的地址。
root@k8s-01:~# kubectl cluster-info
Kubernetes control plane is running at https://10.117.136.98:6443
CoreDNS is running at https://10.117.136.98:6443/api/v1/namespaces/kube-system/services/kube-dns:dns/proxy
To further debug and diagnose cluster problems, use 'kubectl cluster-info dump'.
输出格式为字典,同时输出server版本和client版本。
root@k8s-01:~# kubectl version
Client Version: version.Info{Major:"1", Minor:"22", GitVersion:"v1.22.1", GitCommit:"632ed300f2c34f6d6d15ca4cef3d3c7073412212", GitTreeState:"clean", BuildDate:"2021-08-19T15:45:37Z", GoVersion:"go1.16.7", Compiler:"gc", Platform:"linux/amd64"}
Server Version: version.Info{Major:"1", Minor:"22", GitVersion:"v1.22.1", GitCommit:"632ed300f2c34f6d6d15ca4cef3d3c7073412212", GitTreeState:"clean", BuildDate:"2021-08-19T15:39:34Z", GoVersion:"go1.16.7", Compiler:"gc", Platform:"linux/amd64"}
kubectl version=kubectl version --client=false --short=false
root@k8s-01:~# kubectl version --short=true
Client Version: v1.22.1
Server Version: v1.22.1
root@k8s-01:~# kubectl version --client=true
Client Version: version.Info{Major:"1", Minor:"22", GitVersion:"v1.22.1", GitCommit:"632ed300f2c34f6d6d15ca4cef3d3c7073412212", GitTreeState:"clean", BuildDate:"2021-08-19T15:45:37Z", GoVersion:"go1.16.7", Compiler:"gc", Platform:"linux/amd64"}
kubectl api-resources:列出所支持的全部资源类型及其简称、API 组, 是否是命名空间作用域和 Kind。
root@k8s-01:~# kubectl api-resources
字段解释:
字段 | NAME | SHORTNAMES | APIVERSION | NAMESPACED | KIND |
---|---|---|---|---|---|
中文 | 资源名 | 缩写名 | API 版本 | 按命名空间 | 资源类型 |
说明 | 资源名称 | 资源的缩写 | 每个资源都有自己的API组 | 是否是命名空间作用域 true表示该资源的作用域是命名空间 false表示该资源为全局资源。 |
KIND字段的值 |
示例:
nodes资源的缩写是no,API组是v1,它是全局对象。所以我们在查询节点信息时,可以使用下面三种命令查询:
kubectl get nodes
kubectl get no
kubectl get node
下表列出所有受支持的资源类型及其缩写别名。
(以下输出可以通过kubectl api-resources获取,内容以 Kubernetes 1.25.0 版本为准。)
资源名 | 缩写名 | API 版本 | 按命名空间 | 资源类型 |
---|---|---|---|---|
bindings | v1 | true | Binding | |
componentstatuses | cs | v1 | false | ComponentStatus |
configmaps | cm | v1 | true | ConfigMap |
endpoints | ep | v1 | true | Endpoints |
events | ev | v1 | true | Event |
limitranges | limits | v1 | true | LimitRange |
namespaces | ns | v1 | false | Namespace |
nodes | no | v1 | false | Node |
persistentvolumeclaims | pvc | v1 | true | PersistentVolumeClaim |
persistentvolumes | pv | v1 | false | PersistentVolume |
pods | po | v1 | true | Pod |
podtemplates | v1 | true | PodTemplate | |
replicationcontrollers | rc | v1 | true | ReplicationController |
resourcequotas | quota | v1 | true | ResourceQuota |
secrets | v1 | true | Secret | |
serviceaccounts | sa | v1 | true | ServiceAccount |
services | svc | v1 | true | Service |
mutatingwebhookconfigurations | admissionregistration.k8s.io/v1 | false | MutatingWebhookConfiguration | |
validatingwebhookconfigurations | admissionregistration.k8s.io/v1 | false | ValidatingWebhookConfiguration | |
customresourcedefinitions | crd,crds | apiextensions.k8s.io/v1 | false | CustomResourceDefinition |
apiservices | apiregistration.k8s.io/v1 | false | APIService | |
controllerrevisions | apps/v1 | true | ControllerRevision | |
daemonsets | ds | apps/v1 | true | DaemonSet |
deployments | deploy | apps/v1 | true | Deployment |
replicasets | rs | apps/v1 | true | ReplicaSet |
statefulsets | sts | apps/v1 | true | StatefulSet |
tokenreviews | authentication.k8s.io/v1 | false | TokenReview | |
localsubjectaccessreviews | authorization.k8s.io/v1 | true | LocalSubjectAccessReview | |
selfsubjectaccessreviews | authorization.k8s.io/v1 | false | SelfSubjectAccessReview | |
selfsubjectrulesreviews | authorization.k8s.io/v1 | false | SelfSubjectRulesReview | |
subjectaccessreviews | authorization.k8s.io/v1 | false | SubjectAccessReview | |
horizontalpodautoscalers | hpa | autoscaling/v2 | true | HorizontalPodAutoscaler |
cronjobs | cj | batch/v1 | true | CronJob |
jobs | batch/v1 | true | Job | |
certificatesigningrequests | csr | certificates.k8s.io/v1 | false | CertificateSigningRequest |
leases | coordination.k8s.io/v1 | true | Lease | |
endpointslices | discovery.k8s.io/v1 | true | EndpointSlice | |
events | ev | events.k8s.io/v1 | true | Event |
flowschemas | flowcontrol.apiserver.k8s.io/v1beta2 | false | FlowSchema | |
prioritylevelconfigurations | flowcontrol.apiserver.k8s.io/v1beta2 | false | PriorityLevelConfiguration | |
ingressclasses | networking.k8s.io/v1 | false | IngressClass | |
ingresses | ing | networking.k8s.io/v1 | true | Ingress |
networkpolicies | netpol | networking.k8s.io/v1 | true | NetworkPolicy |
runtimeclasses | node.k8s.io/v1 | false | RuntimeClass | |
poddisruptionbudgets | pdb | policy/v1 | true | PodDisruptionBudget |
podsecuritypolicies | psp | policy/v1beta1 | false | PodSecurityPolicy |
clusterrolebindings | rbac.authorization.k8s.io/v1 | false | ClusterRoleBinding | |
clusterroles | rbac.authorization.k8s.io/v1 | false | ClusterRole | |
rolebindings | rbac.authorization.k8s.io/v1 | true | RoleBinding | |
roles | rbac.authorization.k8s.io/v1 | true | Role | |
priorityclasses | pc | scheduling.k8s.io/v1 | false | PriorityClass |
csidrivers | storage.k8s.io/v1 | false | CSIDriver | |
csinodes | storage.k8s.io/v1 | false | CSINode | |
csistoragecapacities | storage.k8s.io/v1 | true | CSIStorageCapacity | |
storageclasses | sc | storage.k8s.io/v1 | false | StorageClass |
volumeattachments | storage.k8s.io/v1 | false | VolumeAttachment |
该命令可以应用于使用编程方式访问 Kubernetes API 时。
root@k8s-01:~# kubectl api-versions
admissionregistration.k8s.io/v1
apiextensions.k8s.io/v1
apiregistration.k8s.io/v1
apps/v1
authentication.k8s.io/v1
authorization.k8s.io/v1
autoscaling/v1
autoscaling/v2beta1
autoscaling/v2beta2
batch/v1
batch/v1beta1
certificates.k8s.io/v1
coordination.k8s.io/v1
crd.projectcalico.org/v1
discovery.k8s.io/v1
discovery.k8s.io/v1beta1
events.k8s.io/v1
events.k8s.io/v1beta1
flowcontrol.apiserver.k8s.io/v1beta1
networking.k8s.io/v1
node.k8s.io/v1
node.k8s.io/v1beta1
policy/v1
policy/v1beta1
rbac.authorization.k8s.io/v1
scheduling.k8s.io/v1
storage.k8s.io/v1
storage.k8s.io/v1beta1
v1
查看kubeconfig文件,可以用来做认证文件。
root@k8s-01:~# kubectl config view
apiVersion: v1
clusters:
- cluster:
certificate-authority-data: DATA+OMITTED
server: https://10.117.136.98:6443
name: kubernetes
contexts:
- context:
cluster: kubernetes
user: kubernetes-admin
name: kubernetes-admin@kubernetes
current-context: kubernetes-admin@kubernetes
kind: Config
preferences: {}
users:
- name: kubernetes-admin
user:
client-certificate-data: REDACTED
client-key-data: REDACTED
如果用的是kubeadm创建的集群,可以使用下面命令查看集群配置
kubectl get cm -o yaml -n kube-system kubeadm-config
该命令等效于kubeadm config view(已经被弃用)
root@k8s-01:~# kubectl get cm -o yaml -n kube-system kubeadm-config
apiVersion: v1
data:
ClusterConfiguration: |
apiServer:
extraArgs:
authorization-mode: Node,RBAC
timeoutForControlPlane: 4m0s
apiVersion: kubeadm.k8s.io/v1beta3
certificatesDir: /etc/kubernetes/pki
clusterName: kubernetes
controllerManager: {}
dns: {}
etcd:
local:
dataDir: /var/lib/etcd
imageRepository: registry.aliyuncs.com/google_containers
kind: ClusterConfiguration
kubernetesVersion: v1.22.1
networking:
dnsDomain: cluster.local
podSubnet: 10.244.0.0/16
serviceSubnet: 10.96.0.0/12
scheduler: {}
kind: ConfigMap
metadata:
creationTimestamp: "2022-09-01T13:04:28Z"
name: kubeadm-config
namespace: kube-system
resourceVersion: "211"
uid: c519ae1b-a820-4d30-9803-c46bc84b2e0f
root@k8s-01:~#
其中,data字段的值是集群配置。从结果中可以查看