使用kubectl管理多集群

kubectl会使用$HOME/.kube目录下的config文件作为缺省的配置文件。我们可以使用kubectl config view查看配置信息：

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21


$kubectl config view

apiVersion: v1
clusters:
- cluster:
    certificate-authority-data: DATA+OMITTED
    server: https://172.18.100.90:6443
  name: cluster-1
contexts:
- context:
    cluster: cluster-1
    user: cluster-1-admin
  name: cluster-1-admin@cluster-1
current-context: cluster-1-admin@cluster-1
kind: Config
preferences: {}
users:
- name: cluster-1-admin
  user:
    client-certificate-data: REDACTED
    client-key-data: REDACTED

可以看到，配置文件主要包含了clusters，users和contexts三部分信息。context是访问一个kubernetes集群所需要的参数集合。每个context有三个参数：

cluster：要访问的集群信息
namespace：用户工作的namespace，缺省值为default
user：连接集群的认证用户

缺省情况下，kubectl会使用current-context指定的context作为当前的工作集群环境。不难想象，切换context就可以切换到不同的kubernetes集群。

在不了解context的概念之前，想访问不同的集群，每次都要把集群对应的config文件copy到$HOME/.kube目录下，同时要记得使用kubectl cluster-info确认当前访问的集群：

1
2
3
4
5
6


$kubectl cluster-info

Kubernetes master is running at https://172.18.100.90:6443
KubeDNS is running at https://172.18.100.90:6443/api/v1/namespaces/kube-system/services/kube-dns:dns/proxy

To further debug and diagnose cluster problems, use 'kubectl cluster-info dump'.

在看了这篇文档后，才知道kubectl可以切换context来管理多个集群。如果你有多个集群的config文件，可以在系统环境变量KUBECONFIG中指定每个config文件的路径，例如：

1

export  KUBECONFIG=/home/mazhen/kube-config/config-cluster-1:/home/mazhen/kube-config/config-cluster-1

再使用kubectl config view查看集群配置时，kubectl会自动合并多个config的信息：

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33


$ kubectl config view

apiVersion: v1
clusters:
- cluster:
    certificate-authority-data: DATA+OMITTED
    server: https://172.20.51.11:6443
  name: cluster-2
- cluster:
    certificate-authority-data: DATA+OMITTED
    server: https://172.18.100.90:6443
  name: cluster-1
contexts:
- context:
    cluster: cluster-2
    user: cluster-2-admin
  name: cluster-2-admin@cluster-2
- context:
    cluster: cluster-1
    user: cluster-1-admin
  name: cluster-1-admin@cluster-1
current-context: cluster-1-admin@cluster-1
kind: Config
preferences: {}
users:
- name: cluster-2-admin
  user:
    client-certificate-data: REDACTED
    client-key-data: REDACTED
- name: cluster-1-admin
  user:
    client-certificate-data: REDACTED
    client-key-data: REDACTED

可以看到，配置中包含了两个集群，两个用户，以及两个context。我们可以使用kubectl config get-contexts查看配置中所有的context：

1
2
3
4
5


$ kubectl config get-contexts

CURRENT   NAME                         CLUSTER      AUTHINFO           NAMESPACE
          cluster-2-admin@cluster-2    cluster-2    cluster-2-admin
*         cluster-1-admin@cluster-1    cluster-1    cluster-1-admin

星号*标识了当前的工作集群。如果想访问另一个集群，使用kubectl config use-context进行切换：

1
2
3


$ kubectl config use-context cluster-2-admin@cluster-2

Switched to context "cluster-2-admin@cluster-2".

我们可以再次确认切换的结果：

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13


$ kubectl config get-contexts

CURRENT   NAME                         CLUSTER      AUTHINFO           NAMESPACE
*         cluster-2-admin@cluster-2    cluster-2    cluster-2-admin
          cluster-1-admin@cluster-1    cluster-1    cluster-1-admin

$ kubectl cluster-info

Kubernetes master is running at https://172.20.51.11:6443
KubeDNS is running at https://172.20.51.11:6443/api/v1/namespaces/kube-system/services/kube-dns:dns/proxy
kubernetes-dashboard is running at https://172.20.51.11:6443/api/v1/namespaces/kube-system/services/https:kubernetes-dashboard:/proxy

To further debug and diagnose cluster problems, use 'kubectl cluster-info dump'.

看吧，kubectl切换context管理多集群是多么的方便。