AKS Comandos de CLI

todos os comandos que já usei

As principais CLI que usei são:

1. Azure CLI
2. kubectl
3. osm

Azure CLI

Baixar a CLI do AKS

az aks install-cli

winget

winget install --id=Kubernetes.kubectl  -e
winget install --id=Microsoft.Azure.Kubelogin  -e

Obter credenciais de acesso para um cluster Kubernetes gerenciado

az aks get-credentials --resource-group POC_KUBE_KEYVAULT --name aks01

kubelogin plugin for authentication

kubelogin convert-kubeconfig -l azurecli

Verifica uma configuração do AKS

az aks show --resource-group AKS_PRV --name aksprv01 --query 'addonProfiles.openServiceMesh.enabled'

Atacha o ACR no AKS

az aks update -n aks01 -g POC_KUBE_KEYVAULT --attach-acr keyvaultaks

Busca identidade do pool do AKS

az aks show --resource-group <nome-do-grupo-de-recursos> --name <nome-do-cluster> --query "identityProfile"

az aks command invoke

az aks command invoke \
  --resource-group myResourceGroup \
  --name myAKSCluster \
  --command "kubectl apply -f deployment.yaml -n default" \
  --file deployment.yaml

login no ACR

az acr login -n keyvaultaks.azurecr.io

Habilita usuário admin no ACR

az acr update -n keyvaultaks.azurecr.io --admin-enabled true

Build pelo ACR

az acr build -t sampleapiacr --registry keyvaultaks .

check conectividade com ACR

az aks check-acr --name aks01 --resource-group POC_KUBE_KEYVAULT --acr keyvaultaks.azurecr.io
az acr check-health -n keyvaultaks-y

Configurando um Agent

az acr agentpool create --registry acrprv01 --name myagentpool --tier S1 --subnet-id "/subscriptions/60701f8d-0759-4bb3-8d6b-1f1810aef353/resourceGroups/AKS_PRIVADO/providers/Microsoft.Network/virtualNetworks/AKS_PRIVADO-VNET/subnets/default

Podemos listar as imagens do ACR

az acr repository list -n acrprv01

Set-AzAKsCluster: Configures minimum and maximum node values for AKS autoscaling

Start-AzAksCluster: Starts a stopped managed cluster

Update-AzAksNodePool: Updates a node pool in a managed cluster

Set-AzAksClusterCredential: Resets the service principal of an existing AKS cluste

nodepool stop

az aks nodepool stop --resource-group myResourceGroup --cluster-name myAKSCluster --nodepool-name testnodepool

az aks stop

az aks stop --name myAKSCluster --resource-group myResourceGroup

adicionar labels

az aks nodepool update --resource-group myResourceGroup --cluster-name myAKSCluster --name labelnp --labels dept=ACCT costcenter=6000 --no-wait

kubectl

Lista quais contextos ja foram configurados

kubectl config get-contexts

Seta um contexto

kubectl config use-context AKS-WS-01

Reseta todos os contextos

kubectl config unset contexts

comandos básicos do dia a dia

#lista pods
kubectl get pods  
#lista pods
kubectl get nodes  
#lista deployments
kubectl get deployments  
#lista services
kubectl get services  
#lista namespace
kubectl get namespaces
#lista ingress
kubectl get ingress
#lista ingress
kubectl get ingress
#lista ingressbackend
kubectl get ingressbackend
#Visualiza logs do pod
kubectl logs <nomedopod>
#Visualiza métricas do node
kubectl top nodes
#Visualiza métricas do pode
kubectl top pods
#visualiza eventos ordenados por data
kubectl get event --sort-by='.metadata.creationTimestamp' -A
# Obtem detalhes de um pod
kubectl describe pod <nomedopod>
# Obtem detalhes de um deploy
kubectl describe deployment <nomedodeploy>
#deleta um ingress
kubectl delete ingress <nomedoingress>
kubectl create namespace nome

Posso passar a namespace em qualquer comando, se não passar usa a default

kubectl get all -n bookstore

Criar um label para a worker Windows

kubectl label nodes akswin000000 ostype=windows

Criar manifesto YAML para pod passando a imagem e gerando o aquivo yaml

kubectl run nginx-dev --image=nginx --dry-run=client -o yaml > poddev01.yaml

Criar manifesto YAML para Deploy passando a imagem e gerando o aquivo yaml

kubectl create deploy pocaks --image=keyvaultaks.azurecr.io/pockubekeyvault:latest --dry-run=client -o yaml > deploydev01.yaml

Aplicação de Exemplo aspnetapp

kubectl create deploy aspnetapp-delpoy --image=mcr.microsoft.com/dotnet/samples:aspnetapp --dry-run=client -o yaml > aspnetapp-delpoy-01.yml

Criar arquivo YAML para Serviço de LoadBalancer passando o deploy e gera o arquivo

kubectl expose -f aspnetapp-delpoy-01.yml --name=aspnetapp-svc --type=LoadBalancer --port=80 --target-port=8080 --dry-run=client -o yaml > svcdev01.yaml

Criar arquivo YAML para Serviço de ClusterIP passando o deploy e gera o arquivo

kubectl expose deployment aspnetapp-delpoy --type=ClusterIP --port=80 --target-port=8080 

primeira vez

kubectl create -f file.yaml

Atualiza

kubectl apply -f file.yaml

Deleta

kubectl delete -f file.yaml

Criar namespace

kubectl create ns bookstore

Expor as configurações da namespace em um YAML

kubectl get ns bookstore -o yaml

Obter as configurações do OSM e colocar em um yaml

kubectl get meshconfig osm-mesh-config -n kube-system -o yaml

Desabilitar enablePermissiveTrafficPolicyMode

kubectl patch meshconfig osm-mesh-config -n osm-system -p '{"spec":{"traffic":{"enablePermissiveTrafficPolicyMode":false}}}' --type=merge

Cria um encaminhamento para a porta 14001 do pod na porta 8080 do localhost

kubectl port-forward bookbuyer-85b76d4b84-hpd88 -n bookbuyer 8080:14001

Filtra com um selector

kubectl get pods -n kube-system --selector app=osm-controller

all-namespaces

kubectl get events --all-namespaces

Obter Secrets

kubectl get secrets -A

kubectl exec

kubectl exec -n curl -ti curl-864959fcc6-xsn9l -c curl -- curl -sIv http://httpbin.httpbin:14001

bin/bash

kubectl exec -it aspnetapp-delpoy-766547dcd6-drbkz  /bin/bash

/bin/sh

kubectl exec -it aspnetapp-delpoy-766547dcd6-drbkz  /bin/sh

OSM

Adiciona namespace ao OSM

osm namespace add bookstore bookbuyer bookwarehouse

Adiciona namespace ao OSM e desabilita sidecar do OSM

osm namespace add ingress-nginx --mesh-name osm --disable-sidecar-injection

ReplicaSets

kubectl get Replicasets

Storageclass

kubectl get storageclass

PVC (Persist Volume Claim)

kubectl get pvc

PV (Persistent Volume)

kubectl get pv

Visualiza logs de um muticontainer pod

kubectl logs <nomedopod> <nomecontainer>

Assistindo os pods

kubectl get pods -w

Modo Verboso

kubectl -v=10 get pods -w

Mosta os Labels

kubectl get pods --show-labels
kubectl get pods nginx-pod --show-labels

Filtra por Label

kubectl get pod -l kind=web
kubectl get pod --selector=kind=web

Adiciona Labels

kubectl label pod nginx-pod health=fair

Altera Labels

kubectl label pod nginx-pod kind=db --overwrite

incluir informações adicionais, como o endereço IP do pod, o nó

kubectl get pods -n kube-system -o wide

DeamonSets

kubectl get daemonset -all-namespaces

Create the curl client pod na namespace curl

kubectl apply -f https://raw.githubusercontent.com/openservicemesh/osm-docs/release-v1.0/manifests/samples/curl/curl.yaml -n curl

Rollout

kubectl rollout restart deployment -n minimalapi minimalapi

Testar um serviço com curl

kubectl run -i --tty --rm debug --image=progrium/busybox --restart=Never -- sh

opkg-install curl

curl 10.0.253.231:14001

adicionar label em um Node

kubectl label node aks-nodepool1-12345678-0 environment=production