Kubernetes Ecology

Kubernetes生态 之 Kubernetes 1.18 版本重要特性

Kubernetes 1.18 版本重要特性

Posted by 董江 on Sunday, March 29, 2020

Kubernetes 1.18 版本 release

v1.18版本更新比较大的,自运维能力的提升。 核心集中在 deprecations, metrics , kubectlnode 方面

ReleaseNote: https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.18.md

kubectl

1. 添加kubectl debug 命令,可通过此命令来调试 Kubernetes 中的资源

在更改容器镜像时拷贝 Pod

$ kubectl run myapp --image=busybox:latest --restart=Never -- sleep 1d
pod/myapp created

$ kubectl get pod
NAME                            READY   STATUS              RESTARTS         AGE
myapp                           1/1     Running             0                22s

$ kubectl debug myapp --copy-to=myapp-debug --set-image=*=ubuntu
pod/myapp-debug created

$ kubectl delete pod myapp myapp-debug
pod "myapp" deleted
pod "myapp-debug" deleted

在节点上通过 shell 来进行调试

找到运行 Pod 的节点,然后创建一个 Pod 运行在该节点上。 你可以通过 kubectl debug 在节点上创建一个交互式 Shell:

$ kubectl debug node/mynode -it --image=ubuntu

其他

$ kubectl debug -h
Debug cluster resources using interactive debugging containers.

 'debug' provides automation for common debugging tasks for cluster objects identified by resource and name. Pods will
be used by default if no resource is specified.

 The action taken by 'debug' varies depending on what resource is specified. Supported actions include:

  *  Workload: Create a copy of an existing pod with certain attributes changed, for example changing the image tag to a
new version.
  *  Workload: Add an ephemeral container to an already running pod, for example to add debugging utilities without
restarting the pod.
  *  Node: Create a new pod that runs in the node's host namespaces and can access the node's filesystem.

Examples:
  # Create an interactive debugging session in pod mypod and immediately attach to it.
  # (requires the EphemeralContainers feature to be enabled in the cluster)
  kubectl debug mypod -it --image=busybox
  
  # Create a debug container named debugger using a custom automated debugging image.
  # (requires the EphemeralContainers feature to be enabled in the cluster)
  kubectl debug --image=myproj/debug-tools -c debugger mypod
  
  # Create a copy of mypod adding a debug container and attach to it
  kubectl debug mypod -it --image=busybox --copy-to=my-debugger
  
  # Create a copy of mypod changing the command of mycontainer
  kubectl debug mypod -it --copy-to=my-debugger --container=mycontainer -- sh
  
  # Create a copy of mypod changing all container images to busybox
  kubectl debug mypod --copy-to=my-debugger --set-image=*=busybox
  
  # Create a copy of mypod adding a debug container and changing container images
  kubectl debug mypod -it --copy-to=my-debugger --image=debian --set-image=app=app:debug,sidecar=sidecar:debug
  
  # Create an interactive debugging session on a node and immediately attach to it.
  # The container will run in the host namespaces and the host's filesystem will be mounted at /host
  kubectl debug node/mynode -it --image=busybox

Options:
      --arguments-only=false: If specified, everything after -- will be passed to the new container as Args instead of
Command.
      --attach=false: If true, wait for the container to start running, and then attach as if 'kubectl attach ...' were
called.  Default false, unless '-i/--stdin' is set, in which case the default is true.
  -c, --container='': Container name to use for debug container.
      --copy-to='': Create a copy of the target Pod with this name.
      --env=[]: Environment variables to set in the container.
      --image='': Container image to use for debug container.
      --image-pull-policy='': The image pull policy for the container. If left empty, this value will not be specified
by the client and defaulted by the server.
  -q, --quiet=false: If true, suppress informational messages.
      --replace=false: When used with '--copy-to', delete the original Pod.
      --same-node=false: When used with '--copy-to', schedule the copy of target Pod on the same node.
      --set-image=[]: When used with '--copy-to', a list of name=image pairs for changing container images, similar to
how 'kubectl set image' works.
      --share-processes=true: When used with '--copy-to', enable process namespace sharing in the copy.
  -i, --stdin=false: Keep stdin open on the container(s) in the pod, even if nothing is attached.
      --target='': When using an ephemeral container, target processes in this container name.
  -t, --tty=false: Allocate a TTY for the debugging container.

2. kubectl run 去掉 generator

kubectl run 只是创建 Pod

apiserver

  1. 所有资源的 API apps/v1beta1 和 apps/v1beta2 都将废弃,请使用 apps/v1 代替;
  2. daemonsets, deployments, replicasets 资源的 API extensions/v1beta1 将被废弃,请使用 apps/v1 代替;
  3. networkpolicies 资源的 API extensions/v1beta1 将被废弃,请使用 networking.k8s.io/v1 代替;
  4. podsecuritypolicies 资源的 API extensions/v1beta1 将被废弃,请使用 policy/v1beta1 代替;

kube-proxy

  1. 添加 --healthz-bind-address--metrics-bind-address 支持 metrics 拉取
  2. --ipvs-tcp-timeout--ipvs-tcpfin-timeout--ipvs-udp-timeout 配置 IPVS 连接超时

kubeadm

kubeadm alpha certs renew 更新现有的 ECDSA 证书

「如果这篇文章对你有用,请随意打赏」

Kubeservice博客

如果这篇文章对你有用,请随意打赏

使用微信扫描二维码完成支付

CATALOG
    FEATURED TAGS
    agent apiserver application bandwidth-limit cgo cgroupfs ci/cd client-go cloudnative cncf cni community container container-network-interface containerd controller coredns crd custom-controller deployment docker docker-build docker-image drop ebpf ecology egress etcd gitee github gitlab golang governance hpa http2 image ingress iptables jobs kata kata-runtime kernel kind kubelet kubenetes kubernetes library linux-os logging loki metrics monitor namespace network network-troubleshooting node nodeport pingmesh pod prestop prometheus proxyless pvc rollingupdate schedule scheduler serverless sidecar sigtrem systemd throttling timeout tools traceroute