容器编排(学习环境 k8s)kubectl部署一个Python程序

kubernetes入门

介绍 (Introduction)

Kubectl is a command-line tool designed to manage Kubernetes objects and clusters. It provides a command-line interface for performing common operations like creating and scaling Deployments, switching contexts, and accessing a shell in a running container.

Kubectl是旨在管理Kubernetes对象和集群的命令行工具。 它提供了一个命令行界面，用于执行常见的操作，例如创建和扩展部署，切换上下文以及访问正在运行的容器中的Shell。

How to Use This Guide:

如何使用本指南：

• This guide is in cheat sheet format with self-contained command-line snippets.

  
  

  本指南采用备忘单格式，包含独立的命令行摘要。

• It is not an exhaustive list of kubectl commands, but contains many common operations and use cases. For a more thorough reference, consult the Kubectl Reference Docs

  它不是kubectl命令的详尽列表，但包含许多常见的操作和用例。 有关更全面的参考，请查阅Kubectl参考文档

• Jump to any section that is relevant to the task you are trying to complete.

  
  

  跳至与您要完成的任务有关的任何部分。

先决条件 (Prerequisites)

• To use kubectl, you’ll need a Kubernetes cluster available to you. To learn how to create a Kubernetes cluster from scratch, you can consult How To Create a Kubernetes Cluster Using Kubeadm on Ubuntu 18.04. Alternatively, you can provision a managed Kubernetes cluster in minutes using DigitalOcean Kubernetes. To get started creating a DigitalOcean Kubernetes cluster, consult How to Create Kubernetes Clusters Using the Control Panel.

  要使用kubectl，您将需要一个Kubernetes集群。 要了解如何从头开始创建Kubernetes集群，可以参考如何在Ubuntu 18.04上使用Kubeadm创建Kubernetes集群 。 或者，您可以使用DigitalOcean Kubernetes在几分钟内配置托管Kubernetes群集。 要开始创建DigitalOcean Kubernetes集群，请参阅如何使用控制面板创建Kubernetes集群 。

• You’ll also need a remote machine on which you’ll install and run kubectl. kubectl can run on many different operating systems.

  
  

  您还需要一台远程计算机，在该计算机上安装和运行kubectl。 kubectl可以在许多不同的操作系统上运行。

样本部署 (Sample Deployment)

To demonstrate some of the operations and commands in this cheat sheet, we’ll use a sample Deployment that runs 2 replicas of Nginx:

为了演示该备忘单中的某些操作和命令，我们将使用运行两个Nginx副本的示例Deployment：

apiVersion: apps/v1
kind: Deployment
metadata:
  name: nginx-deployment
spec:
  replicas: 2
  selector:
    matchLabels:
      app: nginx
  template:
    metadata:
      labels:
        app: nginx
    spec:
      containers:
      - name: nginx
        image: nginx
        ports:
        - containerPort: 80

Copy and paste this manifest into a file called nginx-deployment.yaml.

将此清单复制并粘贴到名为nginx-deployment.yaml的文件中。

安装kubectl (Installing kubectl)

Note: These commands have only been tested on an Ubuntu 18.04 machine. To learn how to install kubectl on other operating systems, consult Install and Set Up kubectl from the Kubernetes docs.

注意：这些命令仅在Ubuntu 18.04计算机上经过测试。 要了解如何在其他操作系统上安装kubectl，请参阅Kubernetes文档中的“ 安装并设置kubectl ”。

First, update your local package index and install required dependencies:

首先，更新本地软件包索引并安装所需的依赖项：

Then add the Google Cloud GPG key to APT and make the kubectl package available to your system:

然后将Google Cloud GPG密钥添加到APT，并使kubectl软件包可用于您的系统：

Finally, install kubectl:

最后，安装kubectl：

Test that the installation succeeded using version:

使用version测试安装是否成功：

设置Shell自动补全 (Setting Up Shell Autocompletion)

Note: These commands have only been tested on an Ubuntu 18.04 machine. To learn how to set up autocompletion on other operating systems, consult Install and Set Up kubectl from the Kubernetes docs.

注意：这些命令仅在Ubuntu 18.04计算机上经过测试。 要了解如何在其他操作系统上设置自动完成功能，请参阅Kubernetes文档中的Install and Set up kubectl 。

kubectl includes a shell autocompletion script that you can make available to your system’s existing shell autocompletion software.

kubectl包含一个shell自动完成脚本，您可以将其提供给系统现有的shell自动完成软件。

安装kubectl自动完成 (Installing kubectl Autocompletion)

First, check if you have bash-completion installed:

首先，检查您是否安装了bash-completion ：

You should see some script output.

您应该看到一些脚本输出。

Next, source the kubectl autocompletion script in your ~/.bashrc file:

接下来， source的kubectl自动完成脚本在你~/.bashrc文件：

Alternatively, you can add the completion script to the /etc/bash_completion.d directory:

或者 ，您可以将完成脚本添加到/etc/bash_completion.d目录：

用法 (Usage)

To use the autocompletion feature, press the TAB key to display available kubectl commands:

要使用自动完成功能，请按TAB键以显示可用的kubectl命令：

annotate       apply          autoscale      completion     cordon         delete         drain          explain        kustomize      options        port-forward   rollout        set            uncordon
api-resources  attach         certificate    config         cp             describe
. . .

You can also display available commands after partially typing a command:

您还可以在部分键入命令后显示可用命令：

delete    describe  diff      drain

连接，配置和使用上下文 (Connecting, Configuring and Using Contexts)

连接中 (Connecting)

To test that kubectl can authenticate with and access your Kubernetes cluster, use cluster-info:

要测试kubectl可以通过身份验证并访问您的Kubernetes集群，请使用cluster-info ：

If kubectl can successfully authenticate with your cluster, you should see the following output:

如果kubectl可以成功地对集群进行身份验证，则应该看到以下输出：

Kubernetes master is running at https://kubernetes_master_endpoint
CoreDNS is running at https://coredns_endpoint

To further debug and diagnose cluster problems, use 'kubectl cluster-info dump'.

kubectl is configured using kubeconfig configuration files. By default, kubectl will look for a file called config in the $HOME/.kube directory. To change this, you can set the $KUBECONFIG environment variable to a custom kubeconfig file, or pass in the custom file at execution time using the --kubeconfig flag:

使用kubeconfig配置文件配置kubectl 。 默认情况下，kubectl将在$HOME/.kube目录中查找名为config的文件。 要更改此设置，可以将$KUBECONFIG环境变量设置为自定义kubeconfig文件，或者在执行时使用--kubeconfig标志传入自定义文件：

Note: If you’re using a managed Kubernetes cluster, your cloud provider should have made its kubeconfig file available to you.

注意：如果您使用的是托管Kubernetes集群，则您的云提供商应已将其kubeconfig文件提供给您。

If you don’t want to use the --kubeconfig flag with every command, and there is no existing ~/.kube/config file, create a directory called ~/.kube in your home directory if it doesn’t already exist, and copy in the kubeconfig file, renaming it to config:

如果您不想在每个命令中都使用--kubeconfig标志， 并且不存在~/.kube/config文件 ， ~/.kube在主目录中创建一个名为~/.kube的目录(如果尚不存在)，并复制到kubeconfig文件中，将其重命名为config ：

Now, run cluster-info once again to test your connection.

现在，再次运行cluster-info以测试您的连接。

修改您的kubectl配置 (Modifying your kubectl Configuration)

You can also modify your config using the kubectl config set of commands.

您还可以使用kubectl config命令集来修改配置。

To view your kubectl configuration, use the view subcommand:

要查看您的kubectl配置，请使用view子命令：

apiVersion: v1
clusters:
- cluster:
    certificate-authority-data: DATA+OMITTED
. . .

Modifying Clusters

修改集群

To fetch a list of clusters defined in your kubeconfig, use get-clusters:

要获取在kubeconfig中定义的集群列表，请使用get-clusters ：

NAME
do-nyc1-sammy

To add a cluster to your config, use the set-cluster subcommand:

要将集群添加到配置中，请使用set-cluster子命令：

To delete a cluster from your config, use delete-cluster:

要从配置中删除集群，请使用delete-cluster ：

Note: This only deletes the cluster from your config and does not delete the actual Kubernetes cluster.

注意：这只会从您的配置中删除集群，而不会删除实际的Kubernetes集群。

Modifying Users

修改用户

You can perform similar operations for users using set-credentials:

您可以使用set-credentials为用户执行类似的操作：

To delete a user from your config, you can run unset:

要从配置中删除用户，可以运行unset ：

Contexts

语境

A context in Kubernetes is an object that contains a set of access parameters for your cluster. It consists of a cluster, namespace, and user triple. Contexts allow you to quickly switch between different sets of cluster configuration.

Kubernetes中的上下文是一个对象，其中包含集群的一组访问参数。 它由一个cluster ， namespace和user Triple组成。 上下文使您可以在不同的集群配置集之间快速切换。

To see your current context, you can use current-context:

要查看当前上下文，可以使用current-context ：

do-nyc1-sammy

To see a list of all configured contexts, run get-contexts:

要查看所有已配置上下文的列表，请运行get-contexts ：

CURRENT   NAME            CLUSTER         AUTHINFO              NAMESPACE
*         do-nyc1-sammy   do-nyc1-sammy   do-nyc1-sammy-admin

To set a context, use set-context:

要设置上下文，请使用set-context ：

You can switch between contexts with use-context:

您可以use-context在上下文之间切换：

Switched to context "do-nyc1-sammy"

And you can delete a context with delete-context:

您可以使用delete-context ：

使用命名空间 (Using Namespaces)

A Namespace in Kubernetes is an abstraction that allows you to subdivide your cluster into multiple virtual clusters. By using Namespaces you can divide cluster resources among multiple teams and scope objects appropriately. For example, you can have a prod Namespace for production workloads, and a dev Namespace for development and test workloads.

Kubernetes中的命名空间是一种抽象，它允许您将集群细分为多个虚拟集群 。 通过使用命名空间，您可以在多个团队和范围对象之间适当地分配群集资源。 例如，您可以具有用于生产工作负载的prod命名空间，以及用于开发和测试工作负载的dev命名空间。

To fetch and print a list of all the Namespaces in your cluster, use get namespace:

要获取并打印集群中所有命名空间的列表，请使用get namespace ：

NAME              STATUS   AGE
default           Active   2d21h
kube-node-lease   Active   2d21h
kube-public       Active   2d21h
kube-system       Active   2d21h

To set a Namespace for your current context, use set-context --current:

要为您的当前上下文设置命名空间，请使用set-context --current ：

To create a Namespace, use create namespace:

要创建名称空间，请使用create namespace ：

namespace/sammy created

Similarly, to delete a Namespace, use delete namespace:

同样，要删除命名空间，请使用delete namespace ：

Warning: Deleting a Namespace will delete everything in the Namespace, including running Deployments, Pods, and other workloads. Only run this command if you’re sure you’d like to kill whatever’s running in the Namespace or if you’re deleting an empty Namespace.

警告：删除名称空间将删除名称空间中的所有内容 ，包括正在运行的Deployment，Pod和其他工作负载。 仅在确定要杀死名称空间中正在运行的内容或要删除空的名称空间时，才运行此命令。

To fetch all Pods in a given Namespace or to perform other operations on resources in a given Namespace, make sure to include the --namespace flag:

要获取给定命名空间中的所有Pod或对给定命名空间中的资源执行其他操作，请确保包括--namespace标志：

管理Kubernetes资源 (Managing Kubernetes Resources)

一般语法 (General Syntax)

The general syntax for most kubectl management commands is:

大多数kubectl管理命令的通用语法为：

Where

哪里

• command is an operation you’d like to perform, like create

  command是您要执行的操作，例如create

• type is the Kubernetes resource type, like deployment

  type是Kubernetes资源类型，例如deployment

• name is the resource’s name, like app_frontend

  name是资源的名称，例如app_frontend

• flags are any optional flags you’d like to include

  flags是您要包含的任何可选标志

For example the following command retrieves information about a Deployment named app_frontend:

例如，以下命令检索有关名为app_frontend的部署的信息：

声明式管理和kubectl apply (Declarative Management and kubectl apply)

The recommended approach to managing workloads on Kubernetes is to rely on the cluster’s declarative design as much as possible. This means that instead of running a series of commands to create, update, delete, and restart running Pods, you should define the workloads, services, and systems you’d like to run in YAML manifest files, and provide these files to Kubernetes, which will handle the rest.

在Kubernetes上管理工作负载的推荐方法是尽可能多地依赖集群的声明性设计。 这意味着，您应该在YAML清单文件中定义要运行的工作负载，服务和系统，而不是运行一系列命令来创建，更新，删除和重新启动运行中的Pod，然后将这些文件提供给Kubernetes，这将处理其余的。

In practice, this means using the kubectl apply command, which applies a particular configuration to a given resource. If the target resource doesn’t exist, then Kubernetes will create the resource. If the resource already exists, then Kubernetes will save the current revision, and update the resource according to the new configuration. This declarative approach exists in contrast to the imperative approach of running the kubectl create , kubectl edit, and the kubectl scale set of commands to manage resources. To learn more about the different ways of managing Kubernetes resources, consult Kubernetes Object Management from the Kubernetes docs.

实际上，这意味着使用kubectl apply命令，该命令将特定配置应用于给定资源。 如果目标资源不存在，那么Kubernetes将创建该资源。 如果资源已经存在，那么Kubernetes将保存当前修订，并根据新配置更新资源。 与运行kubectl create ， kubectl edit和kubectl scale的命令集以管理资源的命令式方法相比，存在这种声明性方法。 要了解有关管理Kubernetes资源的不同方式的更多信息，请参阅Kubernetes文档中的Kubernetes对象管理 。

Rolling out a Deployment

展开部署

For example, to deploy the sample Nginx Deployment to your cluster, use apply and provide the path to the nginx-deployment.yaml manifest file:

例如，要将示例Nginx部署部署到您的集群，请使用apply并提供nginx-deployment.yaml清单文件的路径：

deployment.apps/nginx-deployment created

The -f flag is used to specify a filename or URL containing a valid configuration. If you’d like to apply all manifests from a directory, you can use the -k flag:

-f标志用于指定包含有效配置的文件名或URL。 如果要apply目录中的所有清单，可以使用-k标志：

You can track the rollout status using rollout status:

您可以使用rollout status来跟踪rollout status ：

Waiting for deployment "nginx-deployment" rollout to finish: 1 of 2 updated replicas are available...
deployment "nginx-deployment" successfully rolled out

An alternative to rollout status is the kubectl get command, along with the -w (watch) flag:

rollout status的替代方法是kubectl get命令以及-w (监视)标志：

NAME               READY   UP-TO-DATE   AVAILABLE   AGE
nginx-deployment   0/2     2            0           3s
nginx-deployment   1/2     2            1           3s
nginx-deployment   2/2     2            2           3s

Using rollout pause and rollout resume, you can pause and resume the rollout of a Deployment:

使用rollout pause和rollout resume ，您可以暂停和恢复部署的推出：

deployment.extensions/nginx-deployment paused

deployment.extensions/nginx-deployment resumed

Modifying a Running Deployment

修改正在运行的部署

If you’d like to modify a running Deployment, you can make changes to its manifest file and then run kubectl apply again to apply the update. For example, we’ll modify the nginx-deployment.yaml file to change the number of replicas from 2 to 3:

如果要修改正在运行的Deployment，可以对其清单文件进行更改，然后再次运行kubectl apply以应用更新。 例如，我们将修改nginx-deployment.yaml文件，以将副本数从2更改为3 ：

. . .
spec:
  replicas: 3
  selector:
    matchLabels:
      app: nginx
. . .

The kubectl diff command allows you to see a diff between currently running resources, and the changes proposed in the supplied configuration file:

kubectl diff命令使您可以查看当前正在运行的资源与提供的配置文件中建议的更改之间的区别：

Now allow Kubernetes to perform the update using apply:

现在允许Kubernetes使用apply执行更新：

Running another get deployment should confirm the addition of a third replica.

运行另一个get deployment应确认添加了第三个副本。

If you run apply again without modifying the manifest file, Kubernetes will detect that no changes were made and won’t perform any action.

如果再次运行apply而未修改清单文件，Kubernetes将检测到未进行任何更改，并且将不执行任何操作。

Using rollout history you can see a list of the Deployment’s previous revisions:

使用rollout history您可以看到部署的先前版本的列表：

deployment.extensions/nginx-deployment
REVISION  CHANGE-CAUSE
1         <none>

With rollout undo, you can revert a Deployment to any of its previous revisions:

使用rollout undo ，您可以将Deployment还原到其以前的任何版本：

Deleting a Deployment

删除部署

To delete a running Deployment, use kubectl delete:

要删除正在运行的Deployment，请使用kubectl delete ：

deployment.apps "nginx-deployment" deleted

当务之急 (Imperative Management)

You can also use a set of imperative commands to directly manipulate and manage Kubernetes resources.

您还可以使用一组命令性命令直接操作和管理Kubernetes资源。

Creating a Deployment

创建部署

Use create to create an object from a file, URL, or STDIN. Note that unlike apply, if an object with the same name already exists, the operation will fail. The --dry-run flag allows you to preview the result of the operation without actually performing it:

使用create从文件，URL或STDIN创建对象。 请注意，与apply不同，如果已经存在相同名称的对象，则该操作将失败。 --dry-run标志使您可以预览操作结果，而无需实际执行：

deployment.apps/nginx-deployment created (dry-run)

We can now create the object:

现在我们可以创建对象：

deployment.apps/nginx-deployment created

Modifying a Running Deployment

修改运行中的部署

Use scale to scale the number of replicas for the Deployment from 2 to 4:

使用scale将Deployment的副本数量从2缩放到4：

deployment.extensions/nginx-deployment scaled

You can edit any object in-place using kubectl edit. This will open up the object’s manifest in your default editor:

您可以使用kubectl edit就地编辑任何对象。 这将在默认编辑器中打开对象的清单：

You should see the following manifest file in your editor:

您应该在编辑器中看到以下清单文件：

# Please edit the object below. Lines beginning with a '#' will be ignored,
# and an empty file will abort the edit. If an error occurs while saving this file will be
# reopened with the relevant failures.
#
apiVersion: extensions/v1beta1
kind: Deployment
. . . 
spec:
  progressDeadlineSeconds: 600
  replicas: 4
  revisionHistoryLimit: 10
  selector:
    matchLabels:
. . .

Change the replicas value from 4 to 2, then save and close the file.

将replicas值从4更改为2 ，然后保存并关闭文件。

Now run a get to inspect the changes:

现在运行get检查更改：

NAME               READY   UP-TO-DATE   AVAILABLE   AGE
nginx-deployment   2/2     2            2           6m40s

We’ve successfully scaled the Deployment back down to 2 replicas on-the-fly. You can update most of a Kubernetes’ object’s fields in a similar manner.

我们已经成功地将“部署”即时缩减为2个副本。 您可以用类似的方式更新Kubernetes对象的大多数字段。

Another useful command for modifying objects in-place is kubectl patch. Using patch, you can update an object’s fields on-the-fly without having to open up your editor. patch also allows for more complex updates with various merging and patching strategies. To learn more about these, consult Update API Objects in Place Using kubectl patch.

另一个用于就地修改对象的有用命令是kubectl patch 。 使用patch ，您可以即时更新对象的字段，而无需打开编辑器。 patch还允许使用各种合并和修补策略进行更复杂的更新。 要了解有关这些内容的更多信息，请参阅使用kubectl补丁就地更新API对象 。

The following command will patch the nginx-deployment object to update the replicas field from 2 to 4; deploy is shorthand for the deployment object.

以下命令将修补nginx-deployment对象，以将replicas字段从2更新为4 ； deploy是deployment对象的简写。

deployment.extensions/nginx-deployment patched

We can now inspect the changes:

现在，我们可以检查更改：

NAME               READY   UP-TO-DATE   AVAILABLE   AGE
nginx-deployment   4/4     4            4           18m

You can also create a Deployment imperatively using the run command. run will create a Deployment using an image provided as a parameter:

您也可以使用run命令命令性地创建Deployment。 run将使用作为参数提供的映像创建一个Deployment：

The expose command lets you quickly expose a running Deployment with a Kubernetes Service, allowing connections from outside your Kubernetes cluster:

该expose的命令可以让你快速暴露正在运行的部署与Kubernetes服务，让您Kubernetes群集外部连接：

service/nginx-svc exposed

Here we’ve exposed the nginx-deployment Deployment as a LoadBalancer Service, opening up port 80 to external traffic and directing it to container port 80. We name the service nginx-svc. Using the LoadBalancer Service type, a cloud load balancer is automatically provisioned and configured by Kubernetes. To get the Service’s external IP address, use get:

在这里，我们将nginx-deployment部署作为LoadBalancer服务公开，将端口80开放给外部流量，并将其定向到容器端口80 。 我们将服务命名为nginx-svc 。 使用LoadBalancer服务类型，Kubernetes会自动设置和配置云负载平衡器。 要获取服务的外部IP地址，请使用get ：

NAME        TYPE           CLUSTER-IP      EXTERNAL-IP      PORT(S)        AGE
nginx-svc   LoadBalancer   10.245.26.242   203.0.113.0   80:30153/TCP   22m

You can access the running Nginx containers by navigating to EXTERNAL-IP in your web browser.

您可以通过在Web浏览器中导航到EXTERNAL-IP来访问正在运行的Nginx容器。

检查工作量和调试 (Inspecting Workloads and Debugging)

There are several commands you can use to get more information about workloads running in your cluster.

您可以使用几个命令来获取有关集群中运行的工作负载的更多信息。

Inspecting Kubernetes Resources

检查Kubernetes资源

kubectl get fetches a given Kubernetes resource and displays some basic information associated with it:

kubectl get获取给定的Kubernetes资源并显示与其相关的一些基本信息：

NAME               READY   UP-TO-DATE   AVAILABLE   AGE   CONTAINERS   IMAGES   SELECTOR
nginx-deployment   4/4     4            4           29m   nginx        nginx    app=nginx

Since we did not provide a Deployment name or Namespace, kubectl fetches all Deployments in the current Namespace. The -o flag provides additional information like CONTAINERS and IMAGES.

由于我们没有提供部署名称或命名空间，因此kubectl会获取当前命名空间中的所有部署。 -o标志提供其他信息，例如CONTAINERS和IMAGES 。

In addition to get, you can use describe to fetch a detailed description of the resource and associated resources:

除了get ，您还可以使用describe来获取资源和相关资源的详细描述：

Name:                   nginx-deployment
Namespace:              default
CreationTimestamp:      Wed, 11 Sep 2019 12:53:42 -0400
Labels:                 run=nginx-deployment
Annotations:            deployment.kubernetes.io/revision: 1
Selector:               run=nginx-deployment
. . . 

The set of information presented will vary depending on the resource type. You can also use this command without specifying a resource name, in which case information will be provided for all resources of that type in the current Namespace.

呈现的信息集将根据资源类型而有所不同。 您也可以在不指定资源名称的情况下使用此命令，在这种情况下，将为当前命名空间中该类型的所有资源提供信息。

explain allows you to quickly pull configurable fields for a given resource type:

explain使您可以快速提取给定资源类型的可配置字段：

By appending additional fields you can dive deeper into the field hierarchy:

通过附加其他字段，您可以更深入地研究字段层次结构：

Gaining Shell Access to a Container

使Shell访问容器

To gain shell access into a running container, use exec. First, find the Pod that contains the running container you’d like access to:

要获得对正在运行的容器的Shell访问，请使用exec 。 首先，找到包含您要访问的运行容器的Pod：

nginx-deployment-8859878f8-7gfw9   1/1     Running   0          109m
nginx-deployment-8859878f8-z7f9q   1/1     Running   0          109m

Let’s exec into the first Pod. Since this Pod has only one container, we don’t need to use the -c flag to specify which container we’d like to exec into.

让我们exec到第一个Pod。 由于此Pod只有一个容器，因此我们不需要使用-c标志来指定要exec容器。

root@nginx-deployment-8859878f8-7gfw9:/#

You now have shell access to the Nginx container. The -i flag passes STDIN to the container, and -t gives you an interactive TTY. The -- double-dash acts as a separator for the kubectl command and the command you’d like to run inside the container. In this case, we are running /bin/bash.

现在，您具有对Nginx容器的shell访问权限。 -i标志将STDIN传递到容器， -t给您交互式TTY。 --双破折号用作kubectl命令和您要在容器内运行的命令的分隔符。 在这种情况下，我们正在运行/bin/bash 。

To run commands inside the container without opening a full shell, omit the -i and -t flags, and substitute the command you’d like to run instead of /bin/bash:

要在容器中运行命令而不打开完整的外壳，请省略-i和-t标志，并用您要运行的命令代替/bin/bash ：

bin
boot
dev
etc
home
lib
lib64
media
. . .

Fetching Logs

提取日志

Another useful command is logs, which prints logs for Pods and containers, including terminated containers.

另一个有用的命令是logs ，它打印Pod和容器(包括终止的容器)的日志。

To stream logs to your terminal output, you can use the -f flag:

要将日志流传输到终端输出，可以使用-f标志：

10.244.2.1 - - [12/Sep/2019:17:21:33 +0000] "GET / HTTP/1.1" 200 612 "-" "203.0.113.0" "-"
2019/09/16 17:21:34 [error] 6#6: *1 open() "/usr/share/nginx/html/favicon.ico" failed (2: No such file or directory), client: 10.244.2.1, server: localhost, request: "GET /favicon.ico HTTP/1.1", host: "203.0.113.0", referrer: "http://203.0.113.0"
. . .

This command will keep running in your terminal until interrupted with a CTRL+C. You can omit the -f flag if you’d like to print log output and exit immediately.

该命令将一直在您的终端中运行，直到被CTRL+C中断为止。 如果要打印日志输出并立即退出，可以省略-f标志。

You can also use the -p flag to fetch logs for a terminated container. When this option is used within a Pod that had a prior running container instance, logs will print output from the terminated container:

您也可以使用-p标志来获取终止容器的日志。 在具有先前运行的容器实例的Pod中使用此选项时， logs将打印终止的容器的输出：

The -c flag allows you to specify the container you’d like to fetch logs from, if the Pod has multiple containers. You can use the --all-containers=true flag to fetch logs from all containers in the Pod.

如果Pod有多个容器，则-c标志允许您指定要从中获取日志的容器。 您可以使用--all-containers=true标志从Pod中的所有容器中获取日志。

Port Forwarding and Proxying

端口转发和代理

To gain network access to a Pod, you can use port-forward:

要获得对Pod的网络访问权限，可以使用port-forward ：

Forwarding from 127.0.0.1:80 -> 80
Forwarding from [::1]:80 -> 80

In this case we use sudo because local port 80 is a protected port. For most other ports you can omit sudo and run the kubectl command as your system user.

在这种情况下，我们使用sudo因为本地端口80是受保护的端口。 对于大多数其他端口，您可以省略sudo并以系统用户身份运行kubectl命令。

Here we forward local port 80 (preceding the colon) to the Pod’s container port 80 (after the colon).

在这里，我们将本地端口80 (在冒号之前)转发到Pod的集装箱端口80 (在冒号之后)。

You can also use deploy/nginx-deployment as the resource type and name to forward to. If you do this, the local port will be forwarded to the Pod selected by the Deployment.

您还可以deploy/nginx-deployment用作转发的资源类型和名称。 如果执行此操作，则本地端口将被转发到部署选择的Pod。

The proxy command can be used to access the Kubernetes API server locally:

proxy命令可用于本地访问Kubernetes API服务器：

Starting to serve on 127.0.0.1:8080

In another shell, use curl to explore the API:

在另一个Shell中，使用curl探索API：

curl http://localhost:8080/api/

{
  "kind": "APIVersions",
  "versions": [
    "v1"
  ],
  "serverAddressByClientCIDRs": [
    {
      "clientCIDR": "0.0.0.0/0",
      "serverAddress": "203.0.113.0:443"
    }
  ]

Close the proxy by hitting CTRL-C.

通过按CTRL-C关闭代理。

结论 (Conclusion)

This guide covers some of the more common kubectl commands you may use when managing a Kubernetes cluster and workloads you’ve deployed to it.

本指南介绍了一些在管理Kubernetes集群和部署到其上的工作负载时可能会使用的更常见的kubectl命令。

You can learn more about kubectl by consulting the official Kubernetes reference documentation.

您可以通过参考官方的Kubernetes 参考文档来了解有关kubectl的更多信息。

There are many more commands and variations that you may find useful as part of your work with kubectl. To learn more about all of your available options, you can run:

作为使用kubectl的一部分，您可能会发现更多有用的命令和变体。 要了解有关所有可用选项的更多信息，可以运行：

kubectl --help