kubectl logs foobar | grep error > /logs
kubectl get pv --all-namespace --sort-by=.metadata.name > /opt/
3.确保在 kubectl 集群的每个节点上运行一个 Nginx Pod。其中 Nginx Pod 必须使用 Nginx 镜像。不要覆盖当前环境中的任何 traints。 使用 Daemonset 来完成这个任务,Daemonset 的名字使用 ds。
题目对应文档:https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/
删除tolerations字段,复制到image: gcr.io/fluentd-elasticsearch/fluentd:v2.5.1这里即可,再按题意更改yaml文件。
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: ds
namespace: kube-system
labels:
k8s-app: fluentd-logging
spec:
selector:
matchLabels:
name: fluentd-elasticsearch
template:
metadata:
labels:
name: fluentd-elasticsearch
spec:
containers:
- name: fluentd-elasticsearch
image: nginx
4.添加一个 initcontainer 到 lum(/etc/data)这个 initcontainer 应该创建一个名为/workdir/calm.txt 的空文件,如果/workdir/calm.txt 没有被检测到,这个 Pod 应该退出
-
-
题目中yaml文件已经给出,只需要增加initcontainers部分,以及emptyDir: {} 即可 init文档位置:https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ apiVersion: v1 kind: Pod metadata: name: nginx labels: env: test spec: volumes: - name: workdir emptyDir: {} containers: - name: nginx image: nginx command: [if ..] volumeMounts: - name: work mountPath: /workdir initContainers: - name: init-myservice image: busybox:1.28 command: - touch - /workdir/calm.txt volumeMounts: - name: work mountPath: /workdir
-
https://v1-14.docs.kubernetes.io/docs/concepts/workloads/pods/pod-overview/
apiVersion: v1
kind: Pod
metadata:
name: kucc
spec:
containers:
- name: nginx
image: nginx
- name: redis
image: redis
- name: memcached
image: memcached
- name: consul
image: consul
https://kubernetes.io/docs/concepts/configuration/assign-pod-node/
apiVersion: v1
kind: Pod
metadata:
name: nginx
labels:
env: test
spec:
containers:
- name: nginx
image: nginx
imagePullPolicy: IfNotPresent
nodeSelector:
disk: ssd
7.创建 deployment 名字为 nginx-app 容器采用 1.11.9 版本的 nginx 这个 deployment 包含 3 个副本,接下来通过滚动升级的方式更新镜像版本为 1.12.0,并记录这个更新,最后,回滚这个更新到之前的 1.11.9 版本
kubectl run deployment nginx-app --image=nginx:1.11.9 --replicas=3
kubectl set image deployment nginx-app nginx-app=nginx:1.12.0 --record (nginx-app container名字)
kubectl rollout history deployment nginx-app
kubectl rollout undo deployment nginx-app
kubectl expose pod fron-end --name=front-end-service --port=80 --type=NodePort
kubectl create ns website-frontend
apiVersion: v1
kind: Pod
metadata:
name: Jenkins
namespace: website-frontend
spec:
containers:
- name: Jenkins
image: Jenkins
kubectl apply -f ./xxx.yaml
10.创建 deployment 的 spec 文件: 使用 redis 镜像,7 个副本,label 为 app_enb_stage=dev deployment 名字为 kual00201 保存这个 spec 文件到/opt/KUAL00201/deploy_spec.yaml完成后,清理(删除)在此任务期间生成的任何新的 k8s API 对象
kubectl run kual00201 --image=redis --labels=app_enb_stage=dev --dry-run -oyaml > /opt/KUAL00201/deploy_spec.yaml
kubectl get svc -n production --show-labels | grep foo
kubectl get pods -l app=foo(label标签) -o=custom-columns=NAME:.spec.name > kucc.txt
12.创建一个secret,名字为super-secret包含用户名bob,创建pod1挂载该secret,路径为/secret,创建pod2,使用环境变量引用该secret,该变量的环境变量名为ABC
https://kubernetes.io/zh/docs/concepts/configuration/secret/#%E8%AF%A6%E7%BB%86
echo -n "bob" | base64
apiVersion: v1
kind: Secret
metadata:
name: super-secret
type: Opaque
data:
username: Ym9i
apiVersion: v1
kind: Pod
metadata:
name: pod1
spec:
containers:
- name: mypod
image: redis
volumeMounts:
- name: foo
mountPath: "/secret"
readOnly: true
volumes: secret
- name: foo
secret:
secretName: super-secret
apiVersion: v1
kind: Pod
metadata:
name: pod-evn-eee
spec:
containers:
- name: mycontainer
image: redis
env:
- name: ABC
valueFrom:
secretKeyRef:
name: super-secret
key: username
restartPolicy: Never
https://kubernetes.io/docs/tasks/configure-pod-container/configure-persistent-volume-storage/#create-a-persistentvolume
kubectl create ns new
apiVersion: v1
kind: PersistentVolume
metadata:
name: pv0003
spec:
capacity:
storage: 5Gi
volumeMode: Filesystem
accessModes:
- ReadWriteOnce
persistentVolumeReclaimPolicy: Recycle
storageClassName: slow
hostPath:
path: "/etc/data"
kubectlc apply -f ./xxx.yaml --namespace=new
kubectl scale deployment website --replicas=6
1.kubectl get nodes
2.把所有ready得都执行kubectl describe node $nodename | grep Taint 如果有NoSchedule
kubectc top pod -l xxx --namespace=xxx
17.创建一个 deployment 名字为:nginx-dns 路由服务名为:nginx-dns 确保服务和 pod 可以通过各自的 DNS 记录访问 容器使用 nginx 镜像,使用 nslookup 工具来解析 service 和 pod 的记录并写入相应的/opt/service.dns 和/opt/pod.dns 文件中,确保你使用 busybox:1.28 的镜像用来测试。
-
busybox这里找:https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/ 1.kubectl run nginx-dns --image=nginx kubectl expose deployment nginx-dns --name=nginx-dns --port=80 --type=NodePort kubectl get pod -owide xxx (查看pod IP) 2.建立busybox apiVersion: v1 kind: Pod metadata: name: busybox1 labels: name: busybox spec: hostname: busybox-1 subdomain: default-subdomain containers: - image: busybox:1.28 command: sleep "3600" name: busybo 3.解析 kubectl exec -it busybox -- nslookup nginx-dns kubectl exec -it busybox -- nslookup 10.244.0.122(pod IP)
ETCDCTL_API=3 etcdctl --endpoints=https://127.0.0.1:1111 --ca-file=/pki/ca.crt --cert-file=/pki/cert.crt --key-file=/pki/key.crt snapshot save 给的路径
有些题目下--ca-file会报错,记得看endpoints -h 里的字段怎么要求的
先切换集群到ek8s
再执行
kubectl drain node1 --ignore-daemonsets --delete-local-data
进入集群
ssh node
systemctl status kubelet
systemctl start kubelet
systemctl enable kubelet
该文件应该放置在/etc/kubernetes/manifest目录下(给出了pod路径)
创建 1.vi /etc/kubernetes/manifest/static-pod.yaml
2.systemctl status kubelet 查找kubelet.service路径 考试目录是: /etc/systemd/system/kubernetes.service
3.vi /etc/systemd/system/kubernetes.service 观察有没有 --pod-manifest-path=/etc/kubernetes/manifest 这句话 没有就加上得
4.sudo -i ssh node sudo -i
5.systemctl daemon-reload systemctl restart kubelet.service
6.systemctl enable kubelet
7.检查 kubectl get pods -n kube-system | grep static-pod 实际是static-pod+系统 static-pod-kubelet-service
kubectl 命令能用 kubectl get cs 健康检查 看manager-controller 是否ready 如果不ready systemctl start kube-manager-controller.service
23.TLS问题 (一道很长的题目,建议放弃,难度特别大)
https://kubernetes.io/docs/tasks/configure-pod-container/configure-persistent-volume-storage/#create-a-persistentvolume