kubenetes基本操作

本文主要是介绍kubenetes基本操作，希望对大家解决编程问题提供一定的参考价值，需要的开发者们随着小编来一起学习吧！

在用户认证等做完后无法运行

kubectl exec -it mysql-st2ch -- /bin/bash

报错如下：

error: unable to upgrade connection: Forbidden (user=system:anonymous, verb=create, resource=nodes, subresource=proxy)

解决办法：

[Tilyp@master yaml]$ kubectl create clusterrolebinding system:anonymous   --clusterrole=cluster-admin   --user=system:anonymous
clusterrolebinding.rbac.authorization.k8s.io/system:anonymous created
[Tilyp@master yaml]$

查看pod详情：

[Tilyp@master kubernetes]$ kubectl describe pod mysql-st2ch
Name:               mysql-st2ch
Namespace:          default
Priority:           0
PriorityClassName:  <none>
Node:               192.168.4.10/192.168.4.10
Start Time:         Wed, 10 Apr 2019 14:28:39 +0800
Labels:             app=mysql
Annotations:        <none>
Status:             Running
IP:                 10.254.29.2
Controlled By:      ReplicationController/mysql
Containers:mysql:Container ID:   docker://047d9fe9c9045a550be80f5e9ba9ef9c40fb0b28c8ef455d74b3104e81345e59Image:          mysqlImage ID:       docker-pullable://mysql@sha256:a7cf659a764732a27963429a87eccc8457e6d4af0ee9d5140a3b56e74986eed7Port:           3306/TCPHost Port:      0/TCPState:          RunningStarted:      Wed, 10 Apr 2019 14:30:04 +0800Ready:          TrueRestart Count:  0Environment:MYSQL_ROOT_PASSWORD:  123456Mounts:/var/run/secrets/kubernetes.io/serviceaccount from default-token-s95s4 (ro)
Conditions:Type              StatusInitialized       True Ready             True ContainersReady   True PodScheduled      True 
Volumes:default-token-s95s4:Type:        Secret (a volume populated by a Secret)SecretName:  default-token-s95s4Optional:    false
QoS Class:       BestEffort
Node-Selectors:  <none>
Tolerations:     node.kubernetes.io/not-ready:NoExecute for 300snode.kubernetes.io/unreachable:NoExecute for 300s
Events:Type    Reason     Age   From                   Message----    ------     ----  ----                   -------Normal  Scheduled  47m   default-scheduler      Successfully assigned default/mysql-st2ch to 192.168.4.10Normal  Pulling    47m   kubelet, 192.168.4.10  pulling image "mysql"Normal  Pulled     46m   kubelet, 192.168.4.10  Successfully pulled image "mysql"Normal  Created    46m   kubelet, 192.168.4.10  Created containerNormal  Started    46m   kubelet, 192.168.4.10  Started container

查看service

[Tilyp@master kubernetes]$ kubectl get services
NAME         TYPE        CLUSTER-IP      EXTERNAL-IP   PORT(S)          AGE
kubernetes   ClusterIP   10.254.0.1      <none>        443/TCP          5d22h
mysql1       NodePort    10.254.32.117   <none>        3307:32309/TCP   20m

利用kubectl在容器中执行命令

kubectl exec -it podname  -c  containerName -n namespace -- shell comand

查看所有命名空间

[Tilyp@master AIKubeflow]$ kubectl get namespaces
NAME          STATUS   AGE
default       Active   5d23h
kube-public   Active   5d23h
kube-system   Active   5d23h
kubeflow      Active   10m
[Tilyp@master  AIKubeflow]$

设置master可调度

kubectl taint node k8s-master2 node-role.kubernetes.io/master-

给节点设置角色

kubectl label node k8s-node3 node-role.kubernetes.io/node=node

批量删除Evicted 状态的pod

kubectl get pods | grep Evicted | awk '{print $1}' | xargs kubectl delete pod

在执行命令时遇到以下错误

error: error upgrading connection: unable to upgrade connection: Forbidden (user=system:anonymous, verb=create, resource=nodes, subresource=proxy)

临时解决办法

kubectl create clusterrolebinding system:anonymous --clusterrole=cluster-admin --user=system:anonymous

永久解决方案：1，https://stackoverflow.com/questions/44312745/kubernetes-rbac-unable-to-upgrade-connection-forbidden-user-systemanonymous

2，https://www.v2ex.com/t/533770

问题以解决，如有问题请加技术交流群：526855734

最近在做少儿编程培训机构，欢迎大家关注

 

这篇关于kubenetes基本操作的文章就介绍到这儿，希望我们推荐的文章对编程师们有所帮助！

---