kubernetes GKE:获取哪个pod正在运行的命令

ih99xse1  于 2023-04-29  发布在  Kubernetes
关注(0)|答案(1)|浏览(113)

有没有一种方法可以获得命令和图像的pod是在GKE运行?据我所知,kubectl没有这个功能。也许可以使用一些专用的gcloud工具来实现这一点?docker pskubectl exec ps不是一个选项。

kubernetes

1条答案

按热度按时间
0sgqnhkj

0sgqnhkj1#

kubectl为您提供了多种选项,其中包括describe,它可以让您获得您正在寻找的信息,如下所示:

$ kubectl describe pods etcd-minikube
Name:                 etcd-minikube
Namespace:            kube-system
Priority:             2000001000
Priority Class Name:  system-node-critical
Node:                 minikube/192.168.49.2
Start Time:           Fri, 21 Apr 2023 14:57:11 +0200
Labels:               component=etcd
                      tier=control-plane
Annotations:          kubeadm.kubernetes.io/etcd.advertise-client-urls: https://192.168.49.2:2379
                      kubernetes.io/config.hash: 9d3d310935e5fabe942511eec3e2cd0c
                      kubernetes.io/config.mirror: 9d3d310935e5fabe942511eec3e2cd0c
                      kubernetes.io/config.seen: 2023-04-21T12:57:10.854200840Z
                      kubernetes.io/config.source: file
                      seccomp.security.alpha.kubernetes.io/pod: runtime/default
Status:               Running
SeccompProfile:       RuntimeDefault
IP:                   192.168.49.2
IPs:
  IP:           192.168.49.2
Controlled By:  Node/minikube
Containers:
  etcd:
    Container ID:  docker://172b7490d79dcb36f2c81e3ce82611b18c09f128b5030c7b225636b345d5c7d4
    Image:         k8s.gcr.io/etcd:3.5.1-0
    Image ID:      docker-pullable://k8s.gcr.io/etcd@sha256:64b9ea357325d5db9f8a723dcf503b5a449177b17ac87d69481e126bb724c263
    Port:          <none>
    Host Port:     <none>
    Command:
      etcd
      --advertise-client-urls=https://192.168.49.2:2379
      --cert-file=/var/lib/minikube/certs/etcd/server.crt
      --client-cert-auth=true
      --data-dir=/var/lib/minikube/etcd
      --initial-advertise-peer-urls=https://192.168.49.2:2380
      --initial-cluster=minikube=https://192.168.49.2:2380
      --key-file=/var/lib/minikube/certs/etcd/server.key
      --listen-client-urls=https://127.0.0.1:2379,https://192.168.49.2:2379
      --listen-metrics-urls=http://127.0.0.1:2381
      --listen-peer-urls=https://192.168.49.2:2380
      --name=minikube
      --peer-cert-file=/var/lib/minikube/certs/etcd/peer.crt
      --peer-client-cert-auth=true
      --peer-key-file=/var/lib/minikube/certs/etcd/peer.key
      --peer-trusted-ca-file=/var/lib/minikube/certs/etcd/ca.crt
      --proxy-refresh-interval=70000
      --snapshot-count=10000
      --trusted-ca-file=/var/lib/minikube/certs/etcd/ca.crt

如果你需要以编程方式访问东西,你也可以使用get和json格式化输出,然后管道到jq这样的实用程序:

$ kubectl get pod etcd-minikube -o json
{
    "apiVersion": "v1",
    "kind": "Pod",
    "metadata": {
        "annotations": {
            "kubeadm.kubernetes.io/etcd.advertise-client-urls": "https://192.168.49.2:2379",
            "kubernetes.io/config.hash": "9d3d310935e5fabe942511eec3e2cd0c",
            "kubernetes.io/config.mirror": "9d3d310935e5fabe942511eec3e2cd0c",
            "kubernetes.io/config.seen": "2023-04-21T12:57:10.854200840Z",
            "kubernetes.io/config.source": "file",
            "seccomp.security.alpha.kubernetes.io/pod": "runtime/default"
        },
        "creationTimestamp": "2023-04-21T12:57:11Z",
        "labels": {
            "component": "etcd",
            "tier": "control-plane"
        },
        "name": "etcd-minikube",
        "namespace": "kube-system",
        "ownerReferences": [
            {
                "apiVersion": "v1",
                "controller": true,
                "kind": "Node",
                "name": "minikube",
                "uid": "cfe42b77-7cfc-4248-af39-1dec62196242"
            }
        ],
        "resourceVersion": "294",
        "uid": "58dced46-2ac0-4986-bced-5e7f9a097cf9"
    },
    "spec": {
        "containers": [
            {
                "command": [
                    "etcd",
                    "--advertise-client-urls=https://192.168.49.2:2379",
                    "--cert-file=/var/lib/minikube/certs/etcd/server.crt",
                    "--client-cert-auth=true",
                    "--data-dir=/var/lib/minikube/etcd",
                    "--initial-advertise-peer-urls=https://192.168.49.2:2380",
                    "--initial-cluster=minikube=https://192.168.49.2:2380",
                    "--key-file=/var/lib/minikube/certs/etcd/server.key",
                    "--listen-client-urls=https://127.0.0.1:2379,https://192.168.49.2:2379",
                    "--listen-metrics-urls=http://127.0.0.1:2381",
                    "--listen-peer-urls=https://192.168.49.2:2380",
                    "--name=minikube",
                    "--peer-cert-file=/var/lib/minikube/certs/etcd/peer.crt",
                    "--peer-client-cert-auth=true",
                    "--peer-key-file=/var/lib/minikube/certs/etcd/peer.key",
                    "--peer-trusted-ca-file=/var/lib/minikube/certs/etcd/ca.crt",
                    "--proxy-refresh-interval=70000",
                    "--snapshot-count=10000",
                    "--trusted-ca-file=/var/lib/minikube/certs/etcd/ca.crt"
                ],

如果对于pod使用的给定镜像,您希望获得实际容器镜像的命令,而不是通过其规范传递的命令,则可以使用有关镜像的信息,然后进行docker检查。下面的镜像是按照kubernetes documentation部署的,所以它在规范中没有命令,但仍然运行nginx。
获得正确的Pod(在我们的例子中它们都是一样的)

$ kubectl get pods | grep nginx
nginx-deployment-9456bbbf9-gqzhp   1/1     Running   0             10m
nginx-deployment-9456bbbf9-lthrc   1/1     Running   0             10m

使用其中一个并获取容器镜像:

$ kubectl get pod nginx-deployment-9456bbbf9-gqzhp -o jsonpath="{.spec.containers[*].image}"
nginx:1.14.2

使用docker image inspect来分析图像(并不是说您必须将其拉出)

$ docker pull nginx:1.14.2
1.14.2: Pulling from library/nginx
007027d142c8: Pull complete
925342e1fcde: Pull complete
668b9ac9804b: Pull complete
Digest: sha256:f7988fb6c02e0ce69257d9bd9cf37ae20a60f1df7563c3a2a6abe24160306b8d
Status: Downloaded newer image for nginx:1.14.2
docker.io/library/nginx:1.14.2

$ docker image inspect nginx:1.14.2
[
    {
        "Id": "sha256:7bbc8783b8ecfdb6453396805cc0fb5fcdaf1b16cbb907c8ab1b8685732d50a4",
        "RepoTags": [
            "nginx:1.14.2"
        ],
        "RepoDigests": [
            "nginx@sha256:f7988fb6c02e0ce69257d9bd9cf37ae20a60f1df7563c3a2a6abe24160306b8d"
        ],
        "Parent": "",
        "Comment": "",
        "Created": "2019-03-27T09:51:29.346495571Z",
        "Container": "877b55d528f890d650358f37048a361f24b8c4d1e414c79e4d2c82bb8d186310",
        "ContainerConfig": {
            "Hostname": "877b55d528f8",
            "Domainname": "",
            "User": "",
            "AttachStdin": false,
            "AttachStdout": false,
            "AttachStderr": false,
            "ExposedPorts": {
                "80/tcp": {}
            },
            "Tty": false,
            "OpenStdin": false,
            "StdinOnce": false,
            "Env": [
                "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
                "NGINX_VERSION=1.14.2-1~stretch",
                "NJS_VERSION=1.14.2.0.2.6-1~stretch"
            ],
            "Cmd": [
                "/bin/sh",
                "-c",
                "#(nop) ",
                "CMD [\"nginx\" \"-g\" \"daemon off;\"]"

现在使用jq将其变成一行:

$ docker pull $(kubectl get pod nginx-deployment-9456bbbf9-gqzhp -o jsonpath="{.spec.containers[*].image}") && docker image inspect $(kubectl get pod nginx-deployment-9456bbbf9-gqzhp -o jsonpath="{.spec.containers[*].image}") | jq .[].ContainerConfig.Cmd
1.14.2: Pulling from library/nginx
Digest: sha256:f7988fb6c02e0ce69257d9bd9cf37ae20a60f1df7563c3a2a6abe24160306b8d
Status: Image is up to date for nginx:1.14.2
docker.io/library/nginx:1.14.2
[
  "/bin/sh",
  "-c",
  "#(nop) ",
  "CMD [\"nginx\" \"-g\" \"daemon off;\"]"
]
赞(0)分享  回复(0)举报  2023-04-29
我来回答

相关问题

    查看更多

    热门标签

    更多
    JavaquerypythonNode开发语言requestUtil数据库Table后端算法LoggerMessageElementParser

    最新问答

    更多
    • 蜀ICP备13028337号-1 大数据知识库 https://www.saoniuhuo.com © All rights reserved
    • 本站内容来源互联网,如果侵犯您的权益请联系我们删除, 联系方式:448109455@qq.com