crictl
1. 简介
crictl是 CRI 当兼容容容器运行时,命令行接口。 你可以用它来检查和调试 Kubernetes 容器在节点上运行和应用程序
crictl:子命令 子命令: attach Attach to a running container create Create a new container exec Run a command in a running container version Display runtime version information images, image, img List images inspect Display the status of one or more containers inspecti Return the status of one or more images imagefsinfo Return image filesystem info inspectp Display the status of one or more pods logs Fetch the logs of a container port-forward Forward local port to a pod ps List containers pull Pull an image from a registry run Run a new container inside a sandbox runp Run a new pod rm Remove one or more containers rmi Remove one or more images rmp Remove one or more pods pods List pods start Start one or more created containers info Display information of the container runtime stop Stop one or more running containers stopp Stop one or more running pods update Update one or more running containers config Get and set crictl client configuration options stats List container(s) resource usage statistics completion Output shell completion code help, h Shows a list of commands or help for one command 全局配置: --config value, -c value 在配置文件中设置端点 --config=/etc/crictl.yaml --debug, -D Enable debug mode (default: false) --image-endpoint value, -i value Endpoint of CRI image manager service (default: uses 'runtime-endpoint' setting) [$IMAGE_SERVICE_ENDPOINT] --runtime-endpoint value, -r value Endpoint of CRI container runtime service (default: uses in order the first successful one of [unix:///var/run/dockershim.sock unix:///run/containerd/containerd.sock unix:///run/crio/crio.sock]). Default is now deprecated and the endpoint should be set instead. [$CONTAINER_RUNTIME_ENDPOINT] --timeout value, -t value Timeout of connecting to the server in seconds (e.g. 2s, 20s.). 0 or less is set to default (default: 2s) --help, -h show help (default: false)
--version, -v print the version (default: false)
2. 配置文件
#cat /etc/crictl.yaml
runtime-endpoint: unix:///var/run/dockershim.sock
image-endpoint: unix:///var/run/dockershim.sock
timeout: 10
debug: true
3.使用范例:
[root@master01 ~]# crictl ps
CONTAINER IMAGE CREATED STATE NAME ATTEMPT POD ID
9015c299c7b80 3afbed0c061a9 32 hours ago Running calico-kube-controllers 5 e00950a3c1f2f
753ce0b2ee56f 8d147537fb7d1 32 hours ago Running coredns 5 6a3c8067f0550
207973beabed2 8d147537fb7d1 32 hours ago Running coredns 5 7e6095b0b6a9d
ca47ac0441b12 48d8a30c26b64 32 hours ago Running calico-node 6 d3a10ec9a9245
fabd011b2f21e 873127efbc8a7 32 hours ago Running kube-proxy 6 075ee273419f1
06fec06226895 0048118155842 32 hours ago Running etcd 11 d36342c4ec1e4
903beed319da8 e64579b7d8862 32 hours ago Running kube-apiserver 11 8e05b92491815
e13ef94001bb0 b51ddc1014b04 32 hours ago Running kube-scheduler 48 45f331123ce9c
2fba1f0ed7c09 5425bcbd23c54 32 hours ago Running kube-controller-manager 51 61d9b0019d9df
[root@master01 ~]# crictl pods --name etcd
POD ID CREATED STATE NAME NAMESPACE ATTEMPT RUNTIME
d36342c4ec1e4 32 hours ago Ready etcd-master01 kube-system 6 (default)
8d83ad3c8985c 10 days ago NotReady etcd-master01 kube-system 5 (default)
[root@master01 ~]# crictl images -q
sha256:6e1e20b5e9c8d7a299311e5541581f2c4d0f9815f8ad03922ba825199070ad22
sha256:0ce7550069ed9c806ed28c0f83b6881191ce94390e23f67aaf94e539978992b8
sha256:3afbed0c061a97ccde019e823f2fa4b0eb34650a129199ab896508e1dec3a19d
sha256:48d8a30c26b64eb80b05c10cacd4bf0079a32057b5728d95d47396bd2d9f0340
sha256:8abc06ab2d66648ad5b4ad7c2bc12ebcd54361731efb9ba58c167a098295dff7
sha256:8d147537fb7d1ac8895da4d55a5e53621949981e2e6460976dae812f83d84a44
sha256:0048118155842e4c91f0498dd298b8e93dc3aecc7052d9882b76f48e311a76ba
sha256:e64579b7d8862eff8418d27bf67011e348a5d926fa80494a6475b3dc959777f5
sha256:5425bcbd23c54270d9de028c09634f8e9a014e9351387160c133ccf3a53ab3dc
sha256:873127efbc8a791d06e85271d9a2ec4c5d58afdf612d490e24fb3ec68e891c8d
sha256:b51ddc1014b04295e85be898dac2cd4c053433bfe7e702d7e9d6008f3779609b
sha256:ed210e3e4a5bae1237f1bb44d72a05a2f1e5c6bfe7a7e73da179e2534269c459
[root@master01 ~]# crictl ps -a
CONTAINER IMAGE CREATED STATE NAME ATTEMPT POD ID
9015c299c7b80 3afbed0c061a9 32 hours ago Running calico-kube-controllers 5 e00950a3c1f2f
753ce0b2ee56f 8d147537fb7d1 32 hours ago Running coredns 5 6a3c8067f0550
207973beabed2 8d147537fb7d1 32 hours ago Running coredns 5 7e6095b0b6a9
#crictl exec -i -t 1f73f2d81bf98 ls
// 获取容器日志
#crictl logs 87d3992f84f74
10.240.0.96 - - [06/Jun/2018:02:45:49 +0000] "GET / HTTP/1.1" 200 612 "-" "curl/7.47.0" "-"
10.240.0.96 - - [06/Jun/2018:02:45:50 +0000] "GET / HTTP/1.1" 200 612 "-" "curl/7.47.0" "-"
10.240.0.96 - - [06/Jun/2018:02:45:51 +0000] "GET / HTTP/1.1" 200 612 "-" "curl/7.47.0" "-"
//获取最近的 N 行日志:
#crictl logs --tail=1 87d3992f84f74
// 运行 Pod 沙盒
# cat pod-config.json
{
"metadata": {
"name": "nginx-sandbox",
"namespace": "default",
"attempt": 1,
"uid": "hdishd83djaidwnduwk28bcsb"
},
"logDirectory": "/tmp",
"linux": {
}
}
#crictl runp pod-config.json
// 创建容器
#crictl pull busybox
# cat pod-config.json
{
"metadata": {
"name": "nginx-sandbox",
"namespace": "default",
"attempt": 1,
"uid": "hdishd83djaidwnduwk28bcsb"
},
"log_directory": "/tmp",
"linux": {
}
}
# cat container-config.json
{
"metadata": {
"name": "busybox"
},
"image":{
"image": "busybox"
},
"command": [
"top"
],
"log_path":"busybox.log",
"linux": {
}
}
# crictl create f84dd361f8dc51518ed291fbadd6db537b0496536c1d2d6c05ff943ce8c9a54f container-config.json pod-config.json
// 启动容器
# crictl start 3e025dd50a72d956c4f14881fbb5b1080c9275674e95fb67f965f6478a957d60