任何人都可以分享 kubectl exec 的工作原理,例如技术概述。还有什么方法可以排除故障。
例如,我遇到以下问题:尝试连接到 Pod 时:
kubectl.exe : I0502 04:25:18.562064 7288 loader.go:357] 从文件 C:\Users\u615648/.kube/config 加载配置 在 line:1 char:1 + .\kubectl.exe exec dataarchives-service- 264802370-mjwcl 日期 -n fdm- ... + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + 类别信息:未指定:(I0502 04:25:18....48/. kube/config:String) [], RemoteException + ExcellentQualifiedErrorId : NativeCommandError
I0502 04:25:18.636776 7288 round_trippers.go:414]获取 https://fdmmgmt.uksouth.cloudapp.azure.com/api/v1/namespaces/fdm-development/pods/dataarchives-service-264802370-mjwcl I0502 04: 25:18.636776 7288 round_trippers.go:421] 请求标头:I0502 04:25:18.636776 7288 round_trippers.go:424] 接受:application/json, / I0502 04:25:18.636776 7288 round_trippers.go:424] 用户代理: kubectl.exe/v1.9.3 (windows/amd64) kubernetes/d283541 I0502 04:25:18.716758 7288 round_trippers.go:439] 响应状态:79 毫秒内 200 OK I0502 04:25:18.716758 7288 round_trippers.go:44 2]回应标头:I0502 04:25:18.716758 7288 round_trippers.go:445]内容类型:application / json I0502 04:25:18.716758 7288 round_trippers.go:445]内容长度:3167 I0502 04:25:18.716758 7288 round_trippers。去:445] 日期:2018 年 5 月 2 日星期三 04:25:18 GMT I0502 04:25:18.717872 7288 request.go:873] 响应正文:{"kind":"Pod","apiVersion":"v1","元数据":{"名称":"dataarchives-service-264802370-mjwcl","generateName":"dataarchives-service-264802370-","命名空间":"fdm-development","selfLink":"/api/ v1/namespaces/fdm-development/pods/dataarchives-service-264802370-mjwcl","uid":"eeb7d14f-49 5e-11e8-9d96-002248014205","resourceVersion":"15681866","creationTimestamp":"2018 -04-26T14:34:31Z","labels":{"app":"dataarchives","pod-template-hash":"264802370"},"annotations":{"kubernetes.io/created-by ":"{\"kind\":\"SerializedReference\",\"apiVersion\":\"v1\",\"reference\":{\"kind\":\"ReplicaSet\",\"命名空间\":\"fdm-development\",\"名称\":\"dataarchives-service-264802370\",\"uid\":\"eeaf949c-495e-11e8-9d96-002248014205\",\" apiVersion\":\"extensions\",\"resourceVersion\":\"15075652\"}}\n"},"ownerReferences":[{"apiVersion":"extensions/v1beta1","kind":" ReplicaSet","name":"dataarchives-service-264802370","uid":"eeaf949c-495e-11e8-9d96-002248014205","controller":true,"b lockOwnerDeletion":true}]},"spec" :{"volumes":[{"name":"uploadsfileshare [截断的 2143 个字符] I0502 04:25:18.908749 7288 round_trippers.go:414] POST https://fdmmgmt.uksouth.cloudapp.azure。com/api/v1/namespaces/fdm-development/pods/dataarchives-service-26480237 0-mjwcl/exec?command=date&command=cmd&container=dataarchives&container=dataarchives&stderr=true&stdout=true I0502 04:25:18.908749 7288 round_trippers.go:421 ] 请求标头: I0502 04:25:18.908749 7288 round_trippers.go:424]
X-Stream-Protocol-Version:v4.channel.k8s.io I0502 04:25:18.908749
7288 round_trippers.go:424] X-Stream-Protocol -版本:v3.channel.k8s.io I0502 04:25:18.908749 7288 round_trippers.go:424] X流协议版本:v2.channel.k8s.io I0502 04:25:18.908749
7288 round_trippers.go:424 ] X-Stream-协议版本:channel.k8s.io I0502 04:25:18.908749 7288 round_trippers.go:424]
用户代理:kubectl.exe/v1.9.3 (windows/amd64) kubernetes/d283541 I0502 04:25:19.086745 7288 round_trippers.go:439] 响应状态:401 177 毫秒内未经授权 I0502 04:25:19.086745 7288 round _trippers.go :442] 响应标头:I0502 04:25:19.086745 7288 round_trippers.go:445] 日期:2018 年 5 月 2 日星期三 04:25:19 GMT I0502 04:25:19.086745 7288 round_trippers.go:445] 内容长度:12 I0502 04:25:19.086745 7288 round_trippers.go:445] 内容类型:文本/纯文本;charset=utf-8 F0502 04:25:19.086745 7288 helpers.go:119] 错误:无法升级连接:未经授权
帮助表示赞赏。
在内部,kubectl 命令通过 HTTP / SPDY 与 Kubernetes API 服务器交互。Kubernetes 的 API 服务器是常规的 REST API。Kubernetes 目前使用 SPDY,但维护人员计划在 docker 允许后立即切换到 HTTP/2: https: //github.com/kubernetes/kubernetes/issues/7452
您实际上可以在这里查看 kubectl 命令如何调用 kubernetes go-client 来与 REST API 交互:https://github.com/kubernetes/kubernetes/blob/e6272b887b81a62e6f06b7fac4b3b61d1c8bf657/pkg/kubectl/cmd/exec/执行.go#L310
关于您的具体堆栈跟踪:“错误:无法升级连接:未经授权”看起来您未获得授权。您是否可以使用 kubectl 运行其他命令,例如“kubectl get po --all-namespaces”?
| 归档时间: |
|
| 查看次数: |
1924 次 |
| 最近记录: |