Kubernetes config view
Kubernetes basics
bala$ kubectl get pods
NAME READY STATUS RESTARTS AGE
redis-5c995b7fbf-jxddf 1/1 Running 2 (18m ago) 11d
redis-5c995b7fbf-vp2cd 1/1 Running 2 (18m ago) 11d
redis-5c995b7fbf-z6pg7 1/1 Running 2 (18m ago) 11d
redis-master-5ccf554d96-ssrql 1/1 Running 4 (18m ago) 11d
redis-replica-858fc45586-97zbd 1/1 Running 2 (18m ago) 11d
redis-replica-858fc45586-zfl92 1/1 Running 2 (18m ago) 11d
Configuration
bala:~ bala$ kubectl config view
apiVersion: v1
clusters:
- cluster:
certificate-authority-data: DATA+OMITTED
server: https://127.0.0.1:50022
name: kind-kind
contexts:
- context:
cluster: kind-kind
user: kind-kind
name: kind-kind
current-context: kind-kind
kind: Config
preferences: {}
users:
- name: kind-kind
user:
client-certificate-data: DATA+OMITTED
client-key-data: DATA+OMITTEDbala:~ bala$ kubectl describe pod redis-master-5ccf554d96-ssrql
Name: redis-master-5ccf554d96-ssrql
Namespace: default
Priority: 0
Service Account: default
Node: kind-control-plane/172.18.0.2
Start Time: Wed, 25 Dec 2024 10:17:59 +0530
Labels: app=redis
pod-template-hash=5ccf554d96
role=master
Annotations:
Status: Running
IP: 10.244.0.3
IPs:
IP: 10.244.0.3
Controlled By: ReplicaSet/redis-master-5ccf554d96
Containers:
redis:
Container ID: container1d://b98988221997753dfaaf48a8c81b7787dd04e6440708e9bd1e1269a39a32caca
Image: redis:6.2
Image ID: docker.io/library/redis@sha256:6e38ef745beecc3115c23af29361098e8d195f766794f4930d4778290de6539d
Port: 6379/TCP
Host Port: 0/TCP
Args:
--save
--appendonly
yes
State: Running
Started: Mon, 06 Jan 2025 08:51:22 +0530
Last State: Terminated
Reason: Unknown
Exit Code: 255
Started: Mon, 06 Jan 2025 08:50:20 +0530
Finished: Mon, 06 Jan 2025 08:51:16 +0530
Ready: True
Restart Count: 4
Environment:
Mounts:
/data from redis-data (rw)
/var/run/secrets/kubernetes.io/serviceaccount from kube-api-access-c2xnx (ro)
Conditions:
Type Status
PodReadyToStartContainers True
Initialized True
Ready True
ContainersReady True
PodScheduled True
Volumes:
redis-data:
Type: EmptyDir (a temporary directory that shares a pod's lifetime)
Medium:
SizeLimit:
kube-api-access-c2xnx:
Type: Projected (a volume that contains injected data from multiple sources)
TokenExpirationSeconds: 3607
ConfigMapName: kube-root-ca.crt
ConfigMapOptional:
DownwardAPI: true
QoS Class: BestEffort
Node-Selectors:
Tolerations: node.kubernetes.io/not-ready:NoExecute op=Exists for 300s
node.kubernetes.io/unreachable:NoExecute op=Exists for 300s
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal SandboxChanged 10m kubelet Pod sandbox changed, it will be killed and re-created.
Normal Pulled 10m kubelet Container image "redis:6.2" already present on machine
Normal Created 10m kubelet Created container1: redis
Normal Started 10m kubelet Started container1 redis
Normal SandboxChanged 9m44s kubelet Pod sandbox changed, it will be killed and re-created.
Normal Pulled 9m44s kubelet Container image "redis:6.2" already present on machine
Normal Created 9m44s kubelet Created container1: redis
Normal Started 9m44s kubelet Started container1 redis
Port forward in mac os locally
bala:~ bala$ kubectl port-forward svc/redis-master 6379:6379
Forwarding from 127.0.0.1:6379 -> 6379
Forwarding from [::1]:6379 -> 6379
Token for web UI
bala:~ bala$ kubectl -n kubernetes-dashboard create token dashboard-admin-sa
eyJhbGciOiJSUzI1NiIsImtpZCI6Ik9tamN3N2VjTWpQZE82VGRjZFdnZ19rNFV6MVpreTBJQXYxajM3RjVnSlUifQ.eyJhdWQiOlsiaHR0cHM6Ly9rdWJlcm5ldGVzLmRlZmF1bHQuc3ZjLmNsdXN0ZXIubG9jYWwiXSwiZXhwIjoxNzM2MTQwNjg0LCJpYXQiOjE3MzYxMzcwODQsImlzcyI6Imh0dHBzOi8va3ViZXJuZXRlcy5kZWZhdWx0LnN2Yy5jbHVzdGVyLmxvY2FsIiwianRpIjoiZmVkMmI4YTctZDM0Ny00Y2Q4LWJhM2EtNTIzNDdlODk3YWUxIiwia3ViZXJuZXRlcy5pbyI6eyJuYW1lc3BhY2UiOiJrdWJlcm5ldGVzLWRhc2hib2FyZCIsInNlcnZpY2VhY2NvdW50Ijp7Im5hbWUiOiJkYXNoYm9hcmQtYWRtaW4tc2EiLCJ1aWQiOiI4NzMxYTNjZS1hYzQ5LTRkNzUtOTdmZi1mYTczMzQ5NGRhZDYifX0sIm5iZiI6MTczNjEzNzA4NCwic3ViIjoic3lzdGVtOnNlcnZpY2VhY2NvdW50Omt1YmVybmV0ZXMtZGFzaGJvYXJkOmRhc2hib2FyZC1hZG1pbi1zYSJ9.BJ7M9QXm4AImaLhr1pI3DRlQ5aov66SJ1qhvjqHX0uHOPwbDAwoLpqyVuRzJjYMasIdD1du8615WqLY3ykBwXGbitjPmgNhuLptzZmtptNWIp3J0qDdvXRG9ijEqwxNjk14TkKEHgtMIN-MDfugrzbZGKkZ5CcKjXl_IT2NZPTVwvg4ph_vtjQzZnSSUVPI7OnBs3QlRttzKVLFnBAXflu4z7yuwREhV2SaNEzlJ7CRMtKTEDqsWi97VDGDRfr_au21vUay1yuId2m6xMb-GUjCfo_BO4p5CPzx4CgX1OHgdZaOfCdU45ByR4uPTNxIkVfpqhY1irQe
kubectl proxy Starting to serve on 127.0.0.1:8001
bala:~ bala$ docker start 593fa24e813f
Result
593fa24e813f
kubectl help
bala$ kubectl --help kubectl controls the Kubernetes cluster manager. Find more information at: https://kubernetes.io/docs/reference/kubectl/ Basic Commands (Beginner): create Create a resource from a file or from stdin expose Take a replication controller, service, deployment or pod and expose it as a new Kubernetes service run Run a particular image on the cluster set Set specific features on objects Basic Commands (Intermediate): explain Get documentation for a resource get Display one or many resources edit Edit a resource on the server delete Delete resources by file names, stdin, resources and names, or by resources and label selector Deploy Commands: rollout Manage the rollout of a resource scale Set a new size for a deployment, replica set, or replication controller autoscale Auto-scale a deployment, replica set, stateful set, or replication controller Cluster Management Commands: certificate Modify certificate resources cluster-info Display cluster information top Display resource (CPU/memory) usage cordon Mark node as unschedulable uncordon Mark node as schedulable drain Drain node in preparation for maintenance taint Update the taints on one or more nodes Troubleshooting and Debugging Commands: describe Show details of a specific resource or group of resources logs Print the logs for a container1 in a pod attach Attach to a running container1 exec Execute a command in a container1 port-forward Forward one or more local ports to a pod proxy Run a proxy to the Kubernetes API server cp Copy files and directories to and from container1s auth Inspect authorization debug Create debugging sessions for troubleshooting workloads and nodes events List events Advanced Commands: diff Diff the live version against a would-be applied version apply Apply a configuration to a resource by file name or stdin patch Update fields of a resource replace Replace a resource by file name or stdin wait Experimental: Wait for a specific condition on one or many resources kustomize Build a kustomization target from a directory or URL Settings Commands: label Update the labels on a resource annotate Update the annotations on a resource completion Output shell completion code for the specified shell (bash, zsh, fish, or powershell) Subcommands provided by plugins: Other Commands: api-resources Print the supported API resources on the server api-versions Print the supported API versions on the server, in the form of "group/version" config Modify kubeconfig files plugin Provides utilities for interacting with plugins version Print the client and server version information Usage: kubectl [flags] [options] Use "kubectl--help" for more information about a given command. Use "kubectl options" for a list of global command-line options (applies to all commands).
Top pods container creation
bala:~ bala$ kubectl top pods
error: Metrics API not available
bala:~ bala$ kubectl apply -f https://github.com/kubernetes-sigs/metrics-server/releases/download/v0.6.3/components.yaml
serviceaccount/metrics-server created
clusterrole.rbac.authorization.k8s.io/system:aggregated-metrics-reader created
bala:~ bala$ kubectl get pods -n kube-system
NAME READY STATUS RESTARTS AGE
coredns-668d6bf9bc-ddhqn 1/1 Running 4 (105m ago) 13d
coredns-668d6bf9bc-j2mzv 1/1 Running 4 (105m ago) 13d
etcd-kind-control-plane 1/1 Running 4 (105m ago) 13d
kindnet-7z5h5 1/1 Running 4 (105m ago) 13d
kube-apiserver-kind-control-plane 1/1 Running 4 (105m ago) 13d
kube-controller-manager-kind-control-plane 1/1 Running 10 (105m ago) 13d
kube-proxy-cr9nc 1/1 Running 4 (105m ago) 13d
kube-scheduler-kind-control-plane 1/1 Running 13 (105m ago) 13d
metrics-server-77c7fdf875-qlj5r 0/1 ContainerCreating 0 8s
bala:~ bala$ kubectl get apiservices v1beta1.metrics.k8s.io NAME SERVICE AVAILABLE AGE v1beta1.metrics.k8s.io kube-system/metrics-server False (MissingEndpoints) 20s bala:~ bala$ kubectl get clusterrolebinding | grep metrics-server metrics-server:system:auth-delegator ClusterRole/system:auth-delegator 30s system:metrics-server ClusterRole/system:metrics-server 30s bala:~ bala$ kubectl logs -n kube-system metrics-server-77c7fdf875-qlj5r I0106 05:07:09.278151 1 serving.go:342] Generated self-signed cert (/tmp/apiserver.crt, /tmp/apiserver.key) I0106 05:07:09.790919 1 requestheader_controller.go:169] Starting RequestHeaderAuthRequestController I0106 05:07:09.791025 1 shared_informer.go:240] Waiting for caches to sync for RequestHeaderAuthRequestController I0106 05:07:09.791087 1 configmap_cafile_content.go:201] "Starting controller" name="client-ca::kube-system::extension-apiserver-authentication::client-ca-file" I0106 05:07:09.791113 1 shared_informer.go:240] Waiting for caches to sync for client-ca::kube-system::extension-apiserver-authentication::client-ca-file I0106 05:07:09.791517 1 configmap_cafile_content.go:201] "Starting controller" name="client-ca::kube-system::extension-apiserver-authentication::requestheader-client-ca-file" I0106 05:07:09.791564 1 secure_serving.go:267] Serving securely on [::]:4443 I0106 05:07:09.791577 1 shared_informer.go:240] Waiting for caches to sync for client-ca::kube-system::extension-apiserver-authentication::requestheader-client-ca-file I0106 05:07:09.791602 1 dynamic_serving_content.go:131] "Starting controller" name="serving-cert::/tmp/apiserver.crt::/tmp/apiserver.key" I0106 05:07:09.791664 1 tlsconfig.go:240] "Starting DynamicServingCertificateController" W0106 05:07:09.792282 1 shared_informer.go:372] The sharedIndexInformer has started, run more than once is not allowed E0106 05:07:09.800674 1 scraper.go:140] "Failed to scrape node" err="Get \"https://172.18.0.2:10250/metrics/resource\": x509: cannot validate certificate for 172.18.0.2 because it doesn't contain any IP SANs" node="kind-control-plane" I0106 05:07:09.891581 1 shared_informer.go:247] Caches are synced for client-ca::kube-system::extension-apiserver-authentication::client-ca-file I0106 05:07:09.891708 1 shared_informer.go:247] Caches are synced for RequestHeaderAuthRequestController I0106 05:07:09.892011 1 shared_informer.go:247] Caches are synced for client-ca::kube-system::extension-apiserver-authentication::requestheader-client-ca-file E0106 05:07:24.790513 1 scraper.go:140] "Failed to scrape node" err="Get \"https://172.18.0.2:10250/metrics/resource\": x509: cannot validate certificate for 172.18.0.2 because it doesn't contain any IP SANs" node="kind-control-plane" I0106 05:07:31.361305 1 server.go:187] "Failed probe" probe="metric-storage-ready" err="no metrics to serve" E0106 05:07:39.793768 1 scraper.go:140] "Failed to scrape node" err="Get \"https://172.18.0.2:10250/metrics/resource\": x509: cannot validate certificate for 172.18.0.2 because it doesn't contain any IP SANs" node="kind-control-plane" I0106 05:07:41.359802 1 server.go:187] "Failed probe" probe="metric-storage-ready" err="no metrics to serve" I0106 05:07:51.359499 1 server.go:187] "Failed probe" probe="metric-storage-ready" err="no metrics to serve" E0106 05:07:54.787010 1 scraper.go:140] "Failed to scrape node" err="Get \"https://172.18.0.2:10250/metrics/resource\": x509: cannot validate certificate for 172.18.0.2 because it doesn't contain any IP SANs" node="kind-control-plane" I0106 05:08:01.358910 1 server.go:187] "Failed probe" probe="metric-storage-ready" err="no metrics to serve" E0106 05:08:09.791081 1 scraper.go:140] "Failed to scrape node" err="Get \"https://172.18.0.2:10250/metrics/resource\": x509: cannot validate certificate for 172.18.0.2 because it doesn't contain any IP SANs" node="kind-control-plane" I0106 05:08:11.362418 1 server.go:187] "Failed probe" probe="metric-storage-ready" err="no metrics to serve" bala:~ bala$ kubectl edit deployment metrics-server -n kube-system error: there was a problem with the editor "vi" bala:~ bala$ kubectl edit deployment metrics-server -n kube-system error: deployments.apps "metrics-server" is invalid A copy of your changes has been stored to "/var/folders/r4/xmnq466n34vg3l2j96kl1pzm0000gn/T/kubectl-edit-2730511234.yaml" error: Edit cancelled, no valid changes were saved. bala:~ bala$ kubectl apply -f /var/folders/r4/xmnq466n34vg3l2j96kl1pzm0000gn/T/kubectl-edit-2730511234.yaml error: error parsing /var/folders/r4/xmnq466n34vg3l2j96kl1pzm0000gn/T/kubectl-edit-2730511234.yaml: error converting YAML to JSON: yaml: line 45: found a tab character that violates indentation
edit with insecure tls
spec:
containers:
- args:
- --cert-dir=/tmp
- --secure-port=4443
- --kubelet-insecure-tls
kubectl edit deployment metrics-server -n kube-system deployment.apps/metrics-server edited kubectl get pods -n kube-system NAME READY STATUS RESTARTS AGE coredns-668d6bf9bc-ddhqn 1/1 Running 4 (112m ago) 13d coredns-668d6bf9bc-j2mzv 1/1 Running 4 (112m ago) 13d etcd-kind-control-plane 1/1 Running 4 (112m ago) 13d kindnet-7z5h5 1/1 Running 4 (112m ago) 13d kube-apiserver-kind-control-plane 1/1 Running 4 (112m ago) 13d kube-controller-manager-kind-control-plane 1/1 Running 10 (112m ago) 13d kube-proxy-cr9nc 1/1 Running 4 (112m ago) 13d kube-scheduler-kind-control-plane 1/1 Running 13 (112m ago) 13d metrics-server-76c8978c4b-jdlf2 1/1 Running 0 28s bala:~ bala$ kubectl logs -n kube-system metrics-server-76c8978c4b-jdlf2 I0106 05:13:23.781013 1 serving.go:342] Generated self-signed cert (/tmp/apiserver.crt, /tmp/apiserver.key) I0106 05:13:24.206594 1 requestheader_controller.go:169] Starting RequestHeaderAuthRequestController I0106 05:13:24.206667 1 shared_informer.go:240] Waiting for caches to sync for RequestHeaderAuthRequestController I0106 05:13:24.206997 1 configmap_cafile_content.go:201] "Starting controller" name="client-ca::kube-system::extension-apiserver-authentication::client-ca-file" I0106 05:13:24.207242 1 shared_informer.go:240] Waiting for caches to sync for client-ca::kube-system::extension-apiserver-authentication::client-ca-file I0106 05:13:24.207351 1 configmap_cafile_content.go:201] "Starting controller" name="client-ca::kube-system::extension-apiserver-authentication::requestheader-client-ca-file" I0106 05:13:24.208040 1 shared_informer.go:240] Waiting for caches to sync for client-ca::kube-system::extension-apiserver-authentication::requestheader-client-ca-file I0106 05:13:24.208294 1 dynamic_serving_content.go:131] "Starting controller" name="serving-cert::/tmp/apiserver.crt::/tmp/apiserver.key" I0106 05:13:24.209319 1 secure_serving.go:267] Serving securely on [::]:4443 I0106 05:13:24.209535 1 tlsconfig.go:240] "Starting DynamicServingCertificateController" W0106 05:13:24.209858 1 shared_informer.go:372] The sharedIndexInformer has started, run more than once is not allowed I0106 05:13:24.308116 1 shared_informer.go:247] Caches are synced for client-ca::kube-system::extension-apiserver-authentication::client-ca-file I0106 05:13:24.308149 1 shared_informer.go:247] Caches are synced for RequestHeaderAuthRequestController I0106 05:13:24.310108 1 shared_informer.go:247] Caches are synced for client-ca::kube-system::extension-apiserver-authentication::requestheader-client-ca-file
bala:~ bala$ kubectl top pod
NAME CPU(cores) MEMORY(bytes)
redis-5c995b7fbf-jxddf 2m 8Mi
redis-5c995b7fbf-vp2cd 3m 7Mi
redis-5c995b7fbf-z6pg7 3m 7Mi
redis-master-5ccf554d96-ssrql 3m 7Mi
redis-replica-858fc45586-97zbd 3m 7Mi
redis-replica-858fc45586-zfl92 3m 7Mi
Scaling pods| Delete the pod
bala:~ bala$ kubectl get pods NAME READY STATUS RESTARTS AGE redis-5c995b7fbf-jxddf 1/1 Running 3 (13m ago) 12d redis-5c995b7fbf-vp2cd 1/1 Running 3 (13m ago) 12d redis-5c995b7fbf-z6pg7 1/1 Running 3 (13m ago) 12d redis-master-5ccf554d96-ssrql 1/1 Running 5 (13m ago) 12d redis-replica-858fc45586-97zbd 1/1 Running 3 (13m ago) 12d redis-replica-858fc45586-zfl92 1/1 Running 3 (13m ago) 12d bala:~ bala$ kubectl scale deployment redis --replicas=0 deployment.apps/redis scaled bala:~ bala$ kubectl scale deployment redis-master --replicas=0 deployment.apps/redis-master scaled bala:~ bala$ kubectl get pods NAME READY STATUS RESTARTS AGE redis-5c995b7fbf-jxddf 1/1 Terminating 3 (14m ago) 12d redis-replica-858fc45586-97zbd 1/1 Running 3 (14m ago) 12d redis-replica-858fc45586-zfl92 1/1 Running 3 (14m ago) 12d bala:~ bala$ kubectl scale deployment redis-replica --replicas=0 deployment.apps/redis-replica scaled bala:~ bala$ kubectl get pods NAME READY STATUS RESTARTS AGE redis-5c995b7fbf-jxddf 1/1 Terminating 3 (14m ago) 12d bala:~ bala$ kubectl delete pod redis-5c995b7fbf-jxddf Error from server (NotFound): pods "redis-5c995b7fbf-jxddf" not found bala:~ bala$ kubectl get pods No resources found in default namespace.
Status Information
Reason: All the pods in redis scaled to Zero. no pod is running.
Comments
Post a Comment