In the container world, Kubenertes is a robust tool for DevOps in deploying containerized applications. This article won't talk about how awesome it is (you know better than me ;) ), it will provide you with some neat command lines to touch to a K8S cluster from a developer's needs.
Suppose that you are a developer in your projects, and there is a DevOps team responsible for deploying your products to the sandbox, staging, or production platforms, and they use K8S. Sometimes you receive feedback from the QA team stakeholders or customers on these platforms. And the DevOps team doesn't integrate a monitoring system yet. And you want to diagnose problems by checking server logs, RabbitMQ dead-lettered messages, database documents without disturbing DevOps for some minor checks on Sandbox or the staging platform.
- Ask the DevOps team for kubectl configuration files for the platforms that you want to access
- Install kubectl
1. Create alias
Aliases save you time setting up stuff when working with command lines.
alias k="kubectl --kubeconfig /path/to/kubectl-configuration.yml"
You can name your alias to clarify its usage, for example, kubectl for the staging environment:
alias kstaging="kubectl --kubeconfig /path/to/kubectl-configuration.yml"
Then, you can use this alias with kubectl syntax to operate on the staging platform without repeatedly setting configuration files.
2. Get available namespaces
Before going to any pod or deployment, you need to determine what namespace do they belong to:
k get namespaces
If you only need to access a specific namespace, then you can create an alias to save the time you enter the keyboard:
alias k="kubectl --kubeconfig /path/to/kubectl-configuration.yml --namespace xyz"
3. Get available pods in a specific namespace
Suppose that you set the alias for the namespace. To see all the pods in the namespace:
k get pods
4. Get deployments
Notice that in a K8S cluster, a service can be scaled in multiple nodes, then to check logs for an application, we should not read in a specific pod but its deployment. To get deployments:
k get deployments
The result looks like this:
NAME READY UP-TO-DATE AVAILABLE AGE app1 2/2 2 2 9d app2 2/2 2 2 9d
As you can see, a deployment can have multiple ready pods.
5. Read logs from a specific app
k logs -f deployments/app1 --all-containers
-fallows you to watch logs
deployments/app1specify which app do you want to read logs
--all-containersallows you to read logs from all pods of the app
6. Port forwarding
Due to security issues, we must not expose some services (database, RabbitMQ) to the internet if they aren't necessarily. In such cases, kubectl provides a sharp sword allowing us to forward these service ports to our localhost.
In my context, I need to check dead-lettered messages in RabbitMQ by the service admin board that I have used to access when developing at port
15672. To read the remote RabbitMQ service, we need to forward the port to our localhost by:
k port-forward rabbitmq 15672:15672
rabbitmqis the name of the rabbitmq pod
15672:15672to forward the remote port 15672 to localhost port 15672
Then you can access the admin dashboard in your browser
7. Describe a service
Sometimes, you want to check configurations like environment variables or docker image versions in a specific service. You can do it by:
k describe deployments/app1
NB: Notice that you may see some info with the comment:
<set to the key 'xyz' in secret 'app1'>
It means they are encrypted and you need to ask the DevOps team to read them for you or provide you ways to read.
You've seen seven command lines to access and read service logs or data from a k8s cluster. Note that, with access to the cluster, you can write too. For example, scale the number of pods, delete pods. However, unless you are controlling the cluster with good k8s knowledge, you should not do such writing operators. You should ask your DevOps folks if you want to update stuff to keep things under DevOps's tracking.