Back to Details

kubectl

Compare original and translation side by side

🇺🇸

Original

English
🇨🇳

Translation

Chinese

Kubectl Skill

Kubectl 技能

This skill enables comprehensive Kubernetes cluster management using kubectl and related tools.
本技能支持使用kubectl及相关工具进行全面的Kubernetes集群管理。

Environment

环境

Cluster Aliases

集群别名

Three cluster/namespace combinations are pre-configured:
AliasClusterNamespacePurpose
k1
AWS EKS Production
production
生产环境
k2
AWS EKS Production
staging
预发布环境
k
K3s (192.168.10.117)
simplex
本地开发环境
Usage:
bash
k1 get pods          # 查看生产环境 pods
k2 get pods          # 查看预发布环境 pods
k get pods           # 查看本地环境 pods
已预配置三个集群/命名空间组合:
别名集群命名空间用途
k1
AWS EKS 生产环境
production
生产环境
k2
AWS EKS 生产环境
staging
预发布环境
k
K3s (192.168.10.117)
simplex
本地开发环境
使用示例:
bash
k1 get pods          # 查看生产环境 pods
k2 get pods          # 查看预发布环境 pods
k get pods           # 查看本地环境 pods

Additional Tools

附加工具

  • kubectx
    - Switch between clusters
  • kubens
    - Switch between namespaces
  • argocd
    - GitOps deployments (see separate skill)
  • kargo
    - Progressive delivery (see separate skill)
  • kubectx
    - 在集群间切换
  • kubens
    - 在命名空间间切换
  • argocd
    - GitOps 部署(请查看单独技能)
  • kargo
    - 渐进式交付(请查看单独技能)

Safety Protocol

安全协议

Dangerous Operations Requiring Confirmation

需要确认的危险操作

Before executing any of the following operations, explicitly confirm with the user:
  • Delete operations: 
    delete pod
    , 
    delete deployment
    , 
    delete service
    , 
    delete pvc
  • Scale to zero: 
    scale --replicas=0
  • Production modifications: Any 
    k1
    command that modifies resources
  • Drain/cordon nodes: 
    drain
    , 
    cordon
    , 
    uncordon
  • Apply/patch: Changes to production resources
执行以下任何操作前,需明确与用户确认:
  • 删除操作
    delete pod
    delete deployment
    delete service
    delete pvc
  • 缩容至零
    scale --replicas=0
  • 生产环境修改:任何修改资源的
    k1
    命令
  • 节点驱逐/隔离
    drain
    cordon
    uncordon
  • 应用/补丁:对生产环境资源的变更

Confirmation Format

确认格式

⚠️ 危险操作确认

环境: [Production/Staging/Local]
操作: [具体操作描述]
资源: [受影响的资源]
影响: [潜在影响说明]

是否继续执行?
⚠️ 危险操作确认

环境: [生产/预发布/本地]
操作: [具体操作描述]
资源: [受影响的资源]
影响: [潜在影响说明]

是否继续执行?

Common Operations Reference

常用操作参考

Resource Viewing

资源查看

Pods

Pods

bash
undefined
bash
undefined

List pods with status

查看带状态的Pods

k1 get pods k1 get pods -o wide # Include node and IP info k1 get pods --show-labels # Show labels k1 get pods -l app=simplex-api # Filter by label
k1 get pods k1 get pods -o wide # 包含节点和IP信息 k1 get pods --show-labels # 显示标签 k1 get pods -l app=simplex-api # 按标签过滤

Pod details

Pod详情

k1 describe pod <pod-name>
k1 describe pod <pod-name>

Watch pods in real-time

实时监控Pods状态

k1 get pods -w
undefined
k1 get pods -w
undefined

Deployments

Deployments

bash
undefined
bash
undefined

List deployments

查看Deployments

k1 get deployments k1 get deploy -o wide
k1 get deployments k1 get deploy -o wide

Deployment details

Deployment详情

k1 describe deployment <name>
k1 describe deployment <name>

Rollout status

发布状态

k1 rollout status deployment/<name>
k1 rollout status deployment/<name>

Rollout history

发布历史

k1 rollout history deployment/<name>
undefined
k1 rollout history deployment/<name>
undefined

Services & Endpoints

服务与端点

bash
undefined
bash
undefined

List services

查看服务

k1 get services k1 get svc
k1 get services k1 get svc

Service details with endpoints

带端点的服务详情

k1 describe svc <name> k1 get endpoints <name>
undefined
k1 describe svc <name> k1 get endpoints <name>
undefined

All Resources

所有资源

bash
undefined
bash
undefined

Get all common resources

获取所有常见资源

k1 get all
k1 get all

Get specific resource types

获取特定类型资源

k1 get pods,svc,deploy
k1 get pods,svc,deploy

Get all resources with labels

获取带标签的所有资源

k1 get all -l app=simplex-api
undefined
k1 get all -l app=simplex-api
undefined

Logs & Debugging

日志与调试

Viewing Logs

查看日志

bash
undefined
bash
undefined

Basic logs

基础日志

k1 logs <pod-name>
k1 logs <pod-name>

Follow logs (streaming)

实时流式日志

k1 logs -f <pod-name>
k1 logs -f <pod-name>

Last N lines

最后N行日志

k1 logs --tail=100 <pod-name>
k1 logs --tail=100 <pod-name>

Logs since time

特定时间范围内的日志

k1 logs --since=1h <pod-name> k1 logs --since=10m <pod-name>
k1 logs --since=1h <pod-name> k1 logs --since=10m <pod-name>

Previous container logs (after restart)

重启前的容器日志

k1 logs --previous <pod-name>
k1 logs --previous <pod-name>

Multi-container pod

多容器Pod日志

k1 logs <pod-name> -c <container-name>
k1 logs <pod-name> -c <container-name>

All containers in pod

Pod中所有容器的日志

k1 logs <pod-name> --all-containers=true
undefined
k1 logs <pod-name> --all-containers=true
undefined

Executing Commands

执行命令

bash
undefined
bash
undefined

Execute command in container

在容器中执行命令

k1 exec <pod-name> -- <command>
k1 exec <pod-name> -- <command>

Interactive shell

交互式Shell

k1 exec -it <pod-name> -- /bin/sh k1 exec -it <pod-name> -- /bin/bash
k1 exec -it <pod-name> -- /bin/sh k1 exec -it <pod-name> -- /bin/bash

Specific container in multi-container pod

多容器Pod中的特定容器

k1 exec -it <pod-name> -c <container> -- /bin/sh
undefined
k1 exec -it <pod-name> -c <container> -- /bin/sh
undefined

Debugging

调试

bash
undefined
bash
undefined

Pod events and status

Pod事件与状态

k1 describe pod <pod-name>
k1 describe pod <pod-name>

Get pod YAML

获取Pod的YAML配置

k1 get pod <pod-name> -o yaml
k1 get pod <pod-name> -o yaml

Debug with ephemeral container

使用临时容器调试

k1 debug <pod-name> -it --image=busybox
k1 debug <pod-name> -it --image=busybox

Check resource usage

检查资源使用情况

k1 top pods k1 top nodes
undefined
k1 top pods k1 top nodes
undefined

Deployment Management

部署管理

Scaling

扩缩容

bash
undefined
bash
undefined

Scale deployment

扩缩容Deployment

k1 scale deployment/<name> --replicas=3
k1 scale deployment/<name> --replicas=3

Autoscale

自动扩缩容

k1 autoscale deployment/<name> --min=2 --max=5 --cpu-percent=80
undefined
k1 autoscale deployment/<name> --min=2 --max=5 --cpu-percent=80
undefined

Rolling Updates

滚动更新

bash
undefined
bash
undefined

Update image

更新镜像

k1 set image deployment/<name> <container>=<image>:<tag>
k1 set image deployment/<name> <container>=<image>:<tag>

Rollout status

发布状态

k1 rollout status deployment/<name>
k1 rollout status deployment/<name>

Pause/resume rollout

暂停/恢复发布

k1 rollout pause deployment/<name> k1 rollout resume deployment/<name>
k1 rollout pause deployment/<name> k1 rollout resume deployment/<name>

Rollback

回滚发布

k1 rollout undo deployment/<name> k1 rollout undo deployment/<name> --to-revision=2
undefined
k1 rollout undo deployment/<name> k1 rollout undo deployment/<name> --to-revision=2
undefined

Restart

重启

bash
undefined
bash
undefined

Restart deployment (rolling restart)

重启Deployment(滚动重启)

k1 rollout restart deployment/<name>
undefined
k1 rollout restart deployment/<name>
undefined

Configuration Resources

配置资源

ConfigMaps

ConfigMaps

bash
undefined
bash
undefined

List ConfigMaps

查看ConfigMaps

k1 get configmaps k1 get cm
k1 get configmaps k1 get cm

View ConfigMap content

查看ConfigMap内容

k1 describe cm <name> k1 get cm <name> -o yaml
k1 describe cm <name> k1 get cm <name> -o yaml

Create from file

从文件创建ConfigMap

k1 create configmap <name> --from-file=<path>
k1 create configmap <name> --from-file=<path>

Create from literal

从字面量创建ConfigMap

k1 create configmap <name> --from-literal=key=value
undefined
k1 create configmap <name> --from-literal=key=value
undefined

Secrets

Secrets

bash
undefined
bash
undefined

List Secrets

查看Secrets

k1 get secrets
k1 get secrets

View Secret (base64 encoded)

查看Secret(Base64编码)

k1 get secret <name> -o yaml
k1 get secret <name> -o yaml

Decode Secret value

解码Secret值

k1 get secret <name> -o jsonpath='{.data.password}' | base64 -d
k1 get secret <name> -o jsonpath='{.data.password}' | base64 -d

Create Secret

创建Secret

k1 create secret generic <name> --from-literal=password=xxx
undefined
k1 create secret generic <name> --from-literal=password=xxx
undefined

PersistentVolumeClaims

持久化卷声明

bash
undefined
bash
undefined

List PVCs

查看PVCs

k1 get pvc
k1 get pvc

PVC details

PVC详情

k1 describe pvc <name>
undefined
k1 describe pvc <name>
undefined

Network Operations

网络操作

Port Forwarding

端口转发

bash
undefined
bash
undefined

Forward local port to pod

将本地端口转发到Pod

k1 port-forward pod/<name> 8080:80
k1 port-forward pod/<name> 8080:80

Forward to service

转发到服务

k1 port-forward svc/<name> 8080:80
k1 port-forward svc/<name> 8080:80

Background port-forward

后台端口转发

k1 port-forward pod/<name> 8080:80 &
undefined
k1 port-forward pod/<name> 8080:80 &
undefined

Service Exposure

服务暴露

bash
undefined
bash
undefined

Expose deployment as service

将Deployment暴露为服务

k1 expose deployment/<name> --port=80 --target-port=8080
k1 expose deployment/<name> --port=80 --target-port=8080

Get service external IP

获取服务外部IP

k1 get svc <name> -o jsonpath='{.status.loadBalancer.ingress[0].hostname}'
undefined
k1 get svc <name> -o jsonpath='{.status.loadBalancer.ingress[0].hostname}'
undefined

Cluster Management

集群管理

Nodes

节点

bash
undefined
bash
undefined

List nodes

查看节点

k1 get nodes k1 get nodes -o wide
k1 get nodes k1 get nodes -o wide

Node details

节点详情

k1 describe node <name>
k1 describe node <name>

Node resource usage

节点资源使用情况

k1 top nodes
undefined
k1 top nodes
undefined

Namespaces

命名空间

bash
undefined
bash
undefined

List namespaces

查看命名空间

k1 get namespaces
k1 get namespaces

Switch namespace (using kubens)

切换命名空间(使用kubens)

kubens <namespace>
kubens <namespace>

Create namespace

创建命名空间

k1 create namespace <name>
undefined
k1 create namespace <name>
undefined

Context Management

上下文管理

bash
undefined
bash
undefined

List contexts

查看上下文

kubectx
kubectx

Switch context

切换上下文

kubectx <context-name>
kubectx <context-name>

Show current context

显示当前上下文

kubectl config current-context
undefined
kubectl config current-context
undefined

Resource Monitoring

资源监控

bash
undefined
bash
undefined

Pod resource usage

Pod资源使用情况

k1 top pods k1 top pods --sort-by=cpu k1 top pods --sort-by=memory
k1 top pods k1 top pods --sort-by=cpu k1 top pods --sort-by=memory

Node resource usage

节点资源使用情况

k1 top nodes
k1 top nodes

HPA status

HPA状态

k1 get hpa k1 describe hpa <name>
undefined
k1 get hpa k1 describe hpa <name>
undefined

Output Formatting

输出格式

For Status Checks

状态检查

Provide concise summaries:
✅ Pod 状态 (production)
┌──────────────────────────┬─────────┬──────────┬─────────┐
│ Pod                      │ Status  │ Restarts │ Age     │
├──────────────────────────┼─────────┼──────────┼─────────┤
│ simplex-api-xxx-abc      │ Running │ 0        │ 2d      │
│ simplex-api-xxx-def      │ Running │ 0        │ 2d      │
└──────────────────────────┴─────────┴──────────┴─────────┘
提供简洁的汇总:
✅ Pod 状态 (production)
┌──────────────────────────┬─────────┬──────────┬─────────┐
│ Pod                      │ 状态    │ 重启次数 │ 运行时长 │
├──────────────────────────┼─────────┼──────────┼─────────┤
│ simplex-api-xxx-abc      │ Running │ 0        │ 2d      │
│ simplex-api-xxx-def      │ Running │ 0        │ 2d      │
└──────────────────────────┴─────────┴──────────┴─────────┘

For Troubleshooting

故障排查

When investigating issues, gather:
  1. Pod status: 
    k1 get pod <name>
  2. Pod events: 
    k1 describe pod <name>
  3. Recent logs: 
    k1 logs --tail=50 <name>
  4. Resource usage: 
    k1 top pod <name>
排查问题时,收集以下信息:
  1. Pod状态:
    k1 get pod <name>
  2. Pod事件:
    k1 describe pod <name>
  3. 近期日志:
    k1 logs --tail=50 <name>
  4. 资源使用情况:
    k1 top pod <name>

Custom Output Formats

自定义输出格式

bash
undefined
bash
undefined

JSON output

JSON输出

k1 get pods -o json
k1 get pods -o json

YAML output

YAML输出

k1 get pod <name> -o yaml
k1 get pod <name> -o yaml

Custom columns

自定义列

k1 get pods -o custom-columns=NAME:.metadata.name,STATUS:.status.phase
k1 get pods -o custom-columns=名称:.metadata.name,状态:.status.phase

JSONPath

JSONPath

k1 get pods -o jsonpath='{.items[*].metadata.name}'
undefined
k1 get pods -o jsonpath='{.items[*].metadata.name}'
undefined

Troubleshooting Workflows

故障排查流程

Pod Not Starting

Pod无法启动

  1. Check pod status: 
    k1 get pod <name>
  2. Check events: 
    k1 describe pod <name>
    (look at Events section)
  3. Check logs: 
    k1 logs <name>
    or 
    k1 logs --previous <name>
  4. Common issues: 
    • ImagePullBackOff
      : Check image name and registry credentials
    • CrashLoopBackOff
      : Check application logs
    • Pending
      : Check resource requests and node capacity
  1. 检查Pod状态:
    k1 get pod <name>
  2. 检查事件:
    k1 describe pod <name>
    (查看Events部分)
  3. 检查日志:
    k1 logs <name>
    k1 logs --previous <name>
  4. 常见问题: 
    • ImagePullBackOff
      :检查镜像名称和镜像仓库凭证
    • CrashLoopBackOff
      :检查应用日志
    • Pending
      :检查资源请求和节点容量

High Resource Usage

资源使用率过高

  1. Check pod usage: 
    k1 top pods --sort-by=memory
  2. Check node usage: 
    k1 top nodes
  3. Check HPA status: 
    k1 get hpa
  4. Consider scaling: 
    k1 scale deployment/<name> --replicas=N
  1. 检查Pod使用率:
    k1 top pods --sort-by=memory
  2. 检查节点使用率:
    k1 top nodes
  3. 检查HPA状态:
    k1 get hpa
  4. 考虑扩缩容:
    k1 scale deployment/<name> --replicas=N

Service Not Accessible

服务无法访问

  1. Check service: 
    k1 get svc <name>
  2. Check endpoints: 
    k1 get endpoints <name>
  3. Check pod labels match service selector
  4. Test from within cluster: 
    k1 exec -it <pod> -- curl <service>:<port>
  1. 检查服务:
    k1 get svc <name>
  2. 检查端点:
    k1 get endpoints <name>
  3. 检查Pod标签是否匹配服务选择器
  4. 在集群内测试:
    k1 exec -it <pod> -- curl <service>:<port>

Integration Notes

集成说明

For GitOps operations (deployments via git), use the ArgoCD and Kargo skills:
  • ArgoCD: Application sync, rollback, status
  • Kargo: Progressive delivery, freight promotion
For AWS infrastructure operations, use the AWS CLI skill.
对于GitOps操作(通过Git部署),请使用ArgoCD和Kargo技能:
  • ArgoCD:应用同步、回滚、状态查看
  • Kargo:渐进式交付、版本晋升
对于AWS基础设施操作,请使用AWS CLI技能。